Recommended update for ncurses
This update for ncurses fixes the following issues:
Security issues fixed:
- CVE-2017-10684: Possible RCE via stack-based buffer overflow in the fmt_entry function. (bsc#1046858)
- CVE-2017-10685: Possible RCE with format string vulnerability in the fmt_entry function. (bsc#1046853)
Bugfixes:
- Drop patch ncurses-5.9-environment.dif as YaST2 ncurses GUI does
not need it anymore and as well as it causes bug bsc#1000662
This update was imported from the SUSE:SLE-12:Update update project.
-
Submitted by
Dr. Werner Fink (WernerFink)
Fixed bugs
bnc#1000662
L3: Columns variable not working in cron jobs anymore
bnc#1046853
VUL-0: CVE-2017-10685: ncurses: possible RCE with format string vulnerability in the fmt_entry function
bnc#1046858
VUL-0: CVE-2017-10684: ncurses: possible RCE via stack-based buffer overflow in the fmt_entry function
