Accepted ncurses 6.1+20181013-2+deb10u5 (source) into oldoldstable
- To: dispatch@tracker.debian.org, debian-lts-changes@lists.debian.org
- Subject: Accepted ncurses 6.1+20181013-2+deb10u5 (source) into oldoldstable
- From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
- Date: Sun, 03 Dec 2023 17:00:24 +0000
- Debian: DAK
- Debian-architecture: source
- Debian-archive-action: accept
- Debian-changes: ncurses_6.1+20181013-2+deb10u5_source.changes
- Debian-source: ncurses
- Debian-suite: oldoldstable
- Debian-version: 6.1+20181013-2+deb10u5
- Dkim-signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=ftp-master.debian.org; s=smtpauto.seger; h=Date:Message-Id: Content-Transfer-Encoding:Content-Type:Subject:MIME-Version:To:Reply-To:From: Cc:Content-ID:Content-Description:In-Reply-To:References; bh=vjHkSp+3eCipoFOVgnHijThxT210YLO5ACQivowh6e0=; b=pEjKmuaKGjUANvOvzXMjUlyBc+ cbNvhaffyQJX2M1VNOCsNY6DcXM2wHDC6us/JOWsw2f5HbvoJf+qW9IrNKAadJhfzJ6gAoWwRSP+8 o/kqjZWMYTrf305PipdPXBXZJFD4YZiCe0KhnvFiAQhp8pLONTteNyvwZ3ofGSrm1Q/w+47a4/vTL /xMa56e7jc5ySpBInXe/mDD7edHtomD4PDmc6JeZJf1FDhUeixpkzyjXraXpAtoMmkNN9t5q+YHjg EAxhFUembVHF+fdaGLZE1SAmddl5DXobGVrX5Wko5yI/TDM/syZZFrV7PbZcBf3vIci5FrirrXKCc MWctXmSQ==;
- Mail-followup-to: debian-lts@lists.debian.org
- Message-id: <E1r9ppQ-0087pg-6W@seger.debian.org>
- Reply-to: debian-lts@lists.debian.org
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Sun, 03 Dec 2023 16:31:37 +0100
Source: ncurses
Architecture: source
Version: 6.1+20181013-2+deb10u5
Distribution: buster-security
Urgency: high
Maintainer: Craig Small <csmall@debian.org>
Changed-By: Guilhem Moulin <guilhem@debian.org>
Closes: 1034372
Changes:
ncurses (6.1+20181013-2+deb10u5) buster-security; urgency=high
.
* Non-maintainer upload by the LTS Security Team.
* Fix CVE-2021-39537: Heap-based buffer overflow in _nc_captoinfo().
* Mitigate CVE-2023-29491: Configure with `--disable-root-environ` (changed
to match the behavior of the `--disable-setuid-environ` flag introduced in
the 20230423 patchlevel) in order to disallow loading of custom terminfo
entries in setuid/setgid programs. (Closes: #1034372)
* d/libtinfo5.symbols, d/libtinfo6.symbols: Add new exported symbol
_nc_env_access (exposed by the new configure flag).
Checksums-Sha1:
c97d5de1c961184c1b1365cbe20526693110168a 3914 ncurses_6.1+20181013-2+deb10u5.dsc
92cb3564db935932f4e80cbd9f800921f0ef1709 64164 ncurses_6.1+20181013-2+deb10u5.debian.tar.xz
ed715d5d03850806fe63ecf0d9b89164450ad527 16159 ncurses_6.1+20181013-2+deb10u5_amd64.buildinfo
Checksums-Sha256:
69ec0fb487636ca83f5f85501188f5df982efd5396390a7e78746012b14d9bdf 3914 ncurses_6.1+20181013-2+deb10u5.dsc
8fdb752c13ffc01fe09803a2b862783d769b320992816dbf79f863194eb1f80f 64164 ncurses_6.1+20181013-2+deb10u5.debian.tar.xz
30310637946395cc88fd24a48fe2a50a0eb6790b3cd218572b279e24215f5782 16159 ncurses_6.1+20181013-2+deb10u5_amd64.buildinfo
Files:
b6659f22156f08ff81d5d0ac88ccc908 3914 libs required ncurses_6.1+20181013-2+deb10u5.dsc
d28a5089d6db379bf6f3688d76089a8f 64164 libs required ncurses_6.1+20181013-2+deb10u5.debian.tar.xz
402b9ee1eb34cdd7f1127d2974df8421 16159 libs required ncurses_6.1+20181013-2+deb10u5_amd64.buildinfo
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEERpy6p3b9sfzUdbME05pJnDwhpVIFAmVsoMwACgkQ05pJnDwh
pVJV4BAAlBBvtGYF5G2vPZh7iJWAp0vJApy1/adN4FPIjV8VQM5z3wqhyzef6pgF
iS9DLWDeHxFGc8dA26aNDE5c0aauS1e0iT2en6NPcOqei9Bj0HdpMvcwEmqKsOjz
9z2+wqEO5KX6X1q4ofLpk37z/5Q2Tg3Isd4jD6acXo3/MGxCiStoQBvPMTiq2k+R
V7UAo+HB++zvzc1TcUYenPtAjHnwmLOSMu8GHnD2j5NGwFcQ1UgL81WTnEN/RmD6
jVKhzpAbMOni30Io+CCMCa1RfOTowhGtR+2mgkLWpWMh0GRvJ16bKbYj71CIHP7V
AA7H3UOnJIls6BVmA/YaJ1uk7nO4mqxXfI5fNM9rYIPCleD0qCn4Ij9UrZX6Y6Ck
ZxXcSP+3eRymkhLzuFbaF9kH8WyIpHVXKcngpZew8f3xgWIlsiH9miZ1qzUSdI5i
6/YR68LUFq9EBxJ628AolRuCPul8HMF69o2g29PccxRZ56BBP25thfq3L8Xv3In2
yOwoCpg3ARHeEUG4qsCTChEh5t/vVk9QDhj3pM8JTo8xUrPLgcti4vi+KE/F3iQh
qLHO0sxjZTa5/saITOVN4yvwhQe9C+xjJ4qikHLcH7VfJFG8HOpPAmxixHWNBUHc
Hnx9nowNkzaertSp9VrA609TAxLhNmQEMyZoowCFXQkbhwXkbXs=
=1uN1
-----END PGP SIGNATURE-----