Subject: CVS commit: pkgsrc/devel
From: S.P.Zeidler
Date: 2017-08-08 20:38:21
Message id: 20170808183822.1DCE4FACE@cvs.NetBSD.org
Log Message:
patches from
ftp://invisible-island.net/ncurses/6.0/ncurses-6.0-20170701.patch.gz
+ add/improve checks in tic's parser to address invalid input
 (Redhat #1464684, #1464685, #1464686, #1464691).
 + alloc_entry.c, add a check for a null-pointer.
 + parse_entry.c, add several checks for valid pointers as well as
   one check to ensure that a single character on a line is not
   treated as the 2-character termcap short-name.

that's CVE-2017-10684 CVE-2017-10685 CVE-2017-11112 CVE-2017-11113
Files:
RevisionActionfile
1.95modifypkgsrc/devel/ncurses/Makefile
1.32modifypkgsrc/devel/ncurses/distinfo
1.14modifypkgsrc/devel/ncursesw/Makefile
1.1addpkgsrc/devel/ncurses/patches/patch-ncurses_tinfo_alloc__entry.c
1.1addpkgsrc/devel/ncurses/patches/patch-ncurses_tinfo_parse__entry.c