Debian
ncurses package

ncurses 6.4-3 source package in Debian

Changelog

ncurses (6.4-3) unstable; urgency=medium

  * Configure with "--disable-root-environ" to disallow loading of
    custom terminfo entries in setuid/setgid programs, mitigating the
    impact of CVE-2023-29491 (see #1034372).
    - Update the symbols files for the newly exported symbol
      _nc_env_access.
    - New patch fix-configure-root-args-option.diff cherry-picked from
      the 20230415 patchlevel, fixing a copy/paste error which caused
      the "--disable-root-environ" configure option to pick up code
      meant to be used by the "--disable-root-args" option instead.
    - New patch debian-env-access.diff, changing the behavior of the
      "--disable-root-environ" configure option to not restrict programs
      run by the superuser, equivalent to the "--disable-setuid-environ"
      option introduced in the 20230423 patchlevel.

 -- Sven Joachim <email address hidden>  Sat, 06 May 2023 17:16:54 +0200

Upload details

Uploaded by:
Craig Small
Uploaded to:
Sid
Original maintainer:
Craig Small
Architectures:
any all
Section:
libs
Urgency:
Medium Urgency

See full publishing history Publishing

Series Pocket Published Component Section

Builds

Downloads

File Size SHA-256 Checksum
ncurses_6.4-3.dsc 4.0 KiB 36c076242b90abf0d0479c0699994157a5d7998f9c8b1be1928cd6a85e700c5d
ncurses_6.4.orig.tar.gz 3.4 MiB 6931283d9ac87c5073f30b6290c4c75f21632bb4fc3603ac8100812bed248159
ncurses_6.4.orig.tar.gz.asc 729 bytes f9096c5311eab61908c142e77e58f503f9228e13d351365b3c331ca5ad5a67db
ncurses_6.4-3.debian.tar.xz 55.1 KiB 64c7ded4c730fd1d3460499c10cc109ef128fa73d81acfe48a3629901745fd08

No changes file available.

Binary packages built by this source