libncurses5-32bit-6.3.20220416-16.1 on GA media SUSE Patch security@suse.de SUSE Security Team openSUSE-SU-2024:12020-1 Final 1 1 2024-06-15T00:00:00Z current 2024-06-15T00:00:00Z 2024-06-15T00:00:00Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z libncurses5-32bit-6.3.20220416-16.1 on GA media These are all security issues fixed in the libncurses5-32bit-6.3.20220416-16.1 package on the GA media of openSUSE Tumbleweed. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). openSUSE-Tumbleweed-2024-12020 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://www.suse.com/support/security/rating/ SUSE Security Ratings https://www.suse.com/security/cve/CVE-2022-29458/ SUSE CVE CVE-2022-29458 page openSUSE Tumbleweed libncurses5-6.3.20220416-16.1 libncurses5-32bit-6.3.20220416-16.1 libncurses6-6.3.20220416-16.1 libncurses6-32bit-6.3.20220416-16.1 ncurses-devel-6.3.20220416-16.1 ncurses-devel-32bit-6.3.20220416-16.1 ncurses-devel-static-6.3.20220416-16.1 ncurses-examples-6.3.20220416-16.1 ncurses-utils-6.3.20220416-16.1 ncurses5-devel-6.3.20220416-16.1 ncurses5-devel-32bit-6.3.20220416-16.1 ncurses5-devel-static-6.3.20220416-16.1 tack-6.3.20220416-16.1 terminfo-6.3.20220416-16.1 terminfo-base-6.3.20220416-16.1 terminfo-iterm-6.3.20220416-16.1 terminfo-screen-6.3.20220416-16.1 libncurses5-6.3.20220416-16.1 as a component of openSUSE Tumbleweed libncurses5-32bit-6.3.20220416-16.1 as a component of openSUSE Tumbleweed libncurses6-6.3.20220416-16.1 as a component of openSUSE Tumbleweed libncurses6-32bit-6.3.20220416-16.1 as a component of openSUSE Tumbleweed ncurses-devel-6.3.20220416-16.1 as a component of openSUSE Tumbleweed ncurses-devel-32bit-6.3.20220416-16.1 as a component of openSUSE Tumbleweed ncurses-devel-static-6.3.20220416-16.1 as a component of openSUSE Tumbleweed ncurses-examples-6.3.20220416-16.1 as a component of openSUSE Tumbleweed ncurses-utils-6.3.20220416-16.1 as a component of openSUSE Tumbleweed ncurses5-devel-6.3.20220416-16.1 as a component of openSUSE Tumbleweed ncurses5-devel-32bit-6.3.20220416-16.1 as a component of openSUSE Tumbleweed ncurses5-devel-static-6.3.20220416-16.1 as a component of openSUSE Tumbleweed tack-6.3.20220416-16.1 as a component of openSUSE Tumbleweed terminfo-6.3.20220416-16.1 as a component of openSUSE Tumbleweed terminfo-base-6.3.20220416-16.1 as a component of openSUSE Tumbleweed terminfo-iterm-6.3.20220416-16.1 as a component of openSUSE Tumbleweed terminfo-screen-6.3.20220416-16.1 as a component of openSUSE Tumbleweed ncurses 6.3 before patch 20220416 has an out-of-bounds read and segmentation violation in convert_strings in tinfo/read_entry.c in the terminfo library. CVE-2022-29458 openSUSE Tumbleweed:libncurses5-32bit-6.3.20220416-16.1 openSUSE Tumbleweed:libncurses5-6.3.20220416-16.1 openSUSE Tumbleweed:libncurses6-32bit-6.3.20220416-16.1 openSUSE Tumbleweed:libncurses6-6.3.20220416-16.1 openSUSE Tumbleweed:ncurses-devel-32bit-6.3.20220416-16.1 openSUSE Tumbleweed:ncurses-devel-6.3.20220416-16.1 openSUSE Tumbleweed:ncurses-devel-static-6.3.20220416-16.1 openSUSE Tumbleweed:ncurses-examples-6.3.20220416-16.1 openSUSE Tumbleweed:ncurses-utils-6.3.20220416-16.1 openSUSE Tumbleweed:ncurses5-devel-32bit-6.3.20220416-16.1 openSUSE Tumbleweed:ncurses5-devel-6.3.20220416-16.1 openSUSE Tumbleweed:ncurses5-devel-static-6.3.20220416-16.1 openSUSE Tumbleweed:tack-6.3.20220416-16.1 openSUSE Tumbleweed:terminfo-6.3.20220416-16.1 openSUSE Tumbleweed:terminfo-base-6.3.20220416-16.1 openSUSE Tumbleweed:terminfo-iterm-6.3.20220416-16.1 openSUSE Tumbleweed:terminfo-screen-6.3.20220416-16.1 moderate 5.8 AV:N/AC:M/Au:N/C:P/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-29458.html CVE-2022-29458 https://bugzilla.suse.com/1198627 SUSE Bug 1198627