CLSA-2024-1710789286

See a problem?
Import Source
https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos7els/CLSA-2024-1710789286.json
JSON Data
https://api.osv.dev/v1/vulns/CLSA-2024-1710789286
Upstream
Published
2024-03-18T19:14:50Z
Modified
2026-06-01T00:33:17.357352397Z
Summary
ncurses: Fix of 2 CVEs
Details
  • CVE-2023-29491.patch: Mitigate vulnerability by building the packages with modified --disable-root-environ option which now limits usage of environment for setuid/setgid programs only
  • CVE-2021-39537.patch: Add a check for end-of-string in cvtchar to handle a malformed string in infotocap
References

Affected packages

TuxCare:CentOS:7
ncurses

Package

Name
ncurses
Purl
pkg:rpm/tuxcare/ncurses?distro=centos-7

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.9-14.20130511.el7_4.tuxcare.els1

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos7els/CLSA-2024-1710789286.json"
ncurses-base

Package

Name
ncurses-base
Purl
pkg:rpm/tuxcare/ncurses-base?distro=centos-7

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.9-14.20130511.el7_4.tuxcare.els1

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos7els/CLSA-2024-1710789286.json"
ncurses-devel

Package

Name
ncurses-devel
Purl
pkg:rpm/tuxcare/ncurses-devel?distro=centos-7

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.9-14.20130511.el7_4.tuxcare.els1

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos7els/CLSA-2024-1710789286.json"
ncurses-libs

Package

Name
ncurses-libs
Purl
pkg:rpm/tuxcare/ncurses-libs?distro=centos-7

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.9-14.20130511.el7_4.tuxcare.els1

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos7els/CLSA-2024-1710789286.json"
ncurses-static

Package

Name
ncurses-static
Purl
pkg:rpm/tuxcare/ncurses-static?distro=centos-7

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.9-14.20130511.el7_4.tuxcare.els1

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos7els/CLSA-2024-1710789286.json"
ncurses-term

Package

Name
ncurses-term
Purl
pkg:rpm/tuxcare/ncurses-term?distro=centos-7

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.9-14.20130511.el7_4.tuxcare.els1

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos7els/CLSA-2024-1710789286.json"