Hi Sven, On Sat, Nov 25, 2017 at 10:27:14AM +0100, Sven Joachim wrote: > Control: severity -1 important > > On 2017-11-24 16:23 -0500, Luciano Bello wrote: > > > Package: ncurses > > X-Debbugs-CC: t...@security.debian.org > > secure-testing-t...@lists.alioth.debian.org > > Severity: grave > > Tags: security > > > > Hi, > > > > the following vulnerability was published for ncurses. > > > > CVE-2017-16879[0]: > > | Stack-based buffer overflow in the _nc_write_entry function in > > | tinfo/write_entry.c in ncurses 6.0 allows attackers to cause a denial > > | of service (application crash) or possibly execute arbitrary code via > > | a crafted terminfo file, as demonstrated by tic. > > For the crash to happen the attacker needs to persuade the victim into > running tic on their terminfo file first (there are no users of the > _nc_write_entry function besides tic), and arbitrary code execution > should be prevented by the stack protection. > > Like the previous CVEs on ncurses published earlier this year, this > should be tagged no-DSA in the tracker.
sounds reasonable, I have marked it as such. Do you plan to followup as well with a jessie- and stretch-pu once fixed in unstable? Thanks for your work, Regards, Salvatore
