[Bug 1772872] Re: Provide screen.xterm-256color and rxvt-unicode-256color terminfo entries in ncurses-base

Launchpad Bug Tracker 1772872 at bugs.launchpad.net
Mon Jun 4 08:03:10 UTC 2018 

This bug was fixed in the package ncurses - 6.1-1ubuntu1.18.04

---------------
ncurses (6.1-1ubuntu1.18.04) bionic-proposed; urgency=medium

  * SRU: LP: #1772872: Backport changes from 6.1+20180210-4:
  * Move screen.xterm-256color and rxvt-unicode-256color terminfo entries
    from ncurses-term to ncurses-base (Closes: #898666, #898948).
  * Cherry-pick a fix from the 20180414 patchlevel: add a null-pointer
    check in _nc_parse_entry to handle an error when a use-name is invalid
    syntax (report by Chung-Yi Lin, CVE-2018-10754).

 -- Matthias Klose <doko at ubuntu.com>  Wed, 23 May 2018 10:08:27 +0200

** Changed in: ncurses (Ubuntu Bionic)
       Status: Fix Committed => Fix Released

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-10754

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to ncurses in Ubuntu.
https://bugs.launchpad.net/bugs/1772872

Title:
  Provide screen.xterm-256color and rxvt-unicode-256color terminfo
  entries in ncurses-base

Status in ncurses package in Ubuntu:
  Fix Released
Status in ncurses source package in Bionic:
  Fix Released

Bug description:
  The gnome standard terminal emulator (gnome-terminal) sets TERM=xterm-
  256color, and screen sets it to screen.xterm-256color, resulting in an
  usuable TERM setting, because the terminfo settings are not available
  by default. This patch includes the screen.xterm-256color and rxvt-
  unicode-256color settings in ncurses-base, resulting in working screen
  settings out-of-the-box.

  Regression potential: The size of ncurses-base is increased by 3500
  bytes (unpacked).  The debian-installer packages might need adjustment
  for the additional size.

  Acceptance criteria: The package builds, and provides the new terminfo
  entries in ncurses-base (note that no Breaks/Replaces are needed,
  because these are installed in a different path).

  Also backport the fix for security issue CVE-2018-10754, fixing a
  segfault, adding a null-pointer check in _nc_parse_entry to handle an
  error when a use-name is invalid syntax.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/ncurses/+bug/1772872/+subscriptions

More information about the foundations-bugs mailing list