Candidate: CVE-2017-13733
PublicDate: 2017-08-29 06:29:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13733
Description:
 There is an illegal address access in the fmt_entry function in
 progs/dump_entry.c in ncurses 6.0 that might lead to a remote denial of
 service attack.
Ubuntu-Description:
Notes:
Bugs:
 https://bugzilla.redhat.com/show_bug.cgi?id=1484290
Priority: negligible
Discovered-by:
Assigned-to:
CVSS:
 nvd: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H [6.5 MEDIUM]

Patches_ncurses:
 other: ftp://ftp.invisible-island.net/ncurses/6.0/ncurses-6.0-20170826.patch.gz
upstream_ncurses: released (6.0+20170827-1)
precise/esm_ncurses: ignored (end of ESM support, was needed)
trusty_ncurses: ignored (reached end-of-life)
trusty/esm_ncurses: needed
vivid/ubuntu-core_ncurses: ignored (will not fix)
xenial_ncurses: ignored (end of standard support, was needed)
esm-infra/xenial_ncurses: needed
zesty_ncurses: ignored (reached end-of-life)
artful_ncurses: ignored (reached end-of-life)
bionic_ncurses: not-affected (6.1-1ubuntu1)
cosmic_ncurses: not-affected (6.1-1ubuntu1)
disco_ncurses: not-affected (6.1-1ubuntu1)
eoan_ncurses: not-affected (6.1-1ubuntu1)
focal_ncurses: not-affected (6.1-1ubuntu1)
groovy_ncurses: not-affected (6.1-1ubuntu1)
hirsute_ncurses: not-affected (6.1-1ubuntu1)
impish_ncurses: not-affected (6.1-1ubuntu1)
jammy_ncurses: not-affected (6.1-1ubuntu1)
devel_ncurses: not-affected (6.1-1ubuntu1)