Date: Tue, 10 Oct 2000 21:55:15 -0400 (EDT) From: Trevor Johnson <trevor@jpj.net> To: Mike Silbersack <silby@silby.com> Cc: freebsd-security@FreeBSD.ORG Subject: Re: ncurses buffer overflows (fwd) Message-ID: <Pine.BSI.4.21.0010102142590.8787-100000@blues.jpj.net> In-Reply-To: <Pine.BSF.4.21.0010101908580.4266-100000@achilles.silby.com>
next in thread | previous in thread | raw e-mail | index | archive | help
> Well, the advisory states that ncurses 5.0 and before are vulnerable. It > looks like 5.1-prerelease is what 4.1+ are using. So, until we here more > from warner/kris, I'm assuming that 4.0/3.x are vulnerable, but 4.1+ is > safe. The fixes were applied in ncurses-20001007. We have ncurses-20000701. I'm attempting to prepare ncurses-20001009 for importing: http://people.freebsd.org/~trevor/ncurses/ . I've mentioned it to Peter Wemm. It needs more testing though (I haven't even done a "make world"). -- Trevor Johnson http://jpj.net/~trevor/gpgkey.txt To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSI.4.21.0010102142590.8787-100000>