[SECURITY] Fedora 27 Update: ncurses-6.0-14.20170722.fc27

-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2018-6c01a593b0 2018-05-30 14:31:21.817995 -------------------------------------------------------------------------------- Name : ncurses Product : Fedora 27 Version : 6.0 Release : 14.20170722.fc27 URL : http://invisible-island.net/ncurses/ncurses.html Summary : Ncurses support utilities Description : The curses library routines are a terminal-independent method of updating character screens with reasonable optimization. The ncurses (new curses) library is a freely distributable replacement for the discontinued 4.4 BSD classic curses library. This package contains support utilities, including a terminfo compiler tic, a decompiler infocmp, clear, tput, tset, and a termcap conversion tool captoinfo. -------------------------------------------------------------------------------- Update Information: Security fix for CVE-2018-10754. -------------------------------------------------------------------------------- ChangeLog: * Thu May 10 2018 Miroslav Lichvar <mlichvar(a)redhat.com&gt; 6.0-14.20170722 - fix crash in parsing of terminfo use capability (CVE-2018-10754) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1576119 - CVE-2018-10754 ncurses: NULL Pointer Dereference in _nc_parse_entry function in tinfo/parse_entry.c. https://bugzilla.redhat.com/show_bug.cgi?id=1576119 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2018-6c01a593b0' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------