[11476] in bugtraq
Re: [RHSA-1999:028-01] Buffer overflow in libtermcap tgetent()
daemon@ATHENA.MIT.EDU (Martin Schulze)
Sat Aug 21 21:06:46 1999
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Message-Id: <19990819181625.H28824@finlandia.infodrom.north.de>
Date: Thu, 19 Aug 1999 18:16:25 +0200
Reply-To: Martin Schulze <joey@infodrom.north.de>
From: Martin Schulze <joey@FINLANDIA.INFODROM.NORTH.DE>
X-To: Olaf Kirch <okir@CALDERA.DE>
To: BUGTRAQ@SECURITYFOCUS.COM
In-Reply-To: <19990818113950.A15809@monad.swb.de>; from Olaf Kirch on Wed,
Aug 18, 1999 at 11:39:50AM +0200
Olaf Kirch wrote:
> FWIW, Caldera OpenLinux has stopped using termcap altogether since release 2.2.
> Doing an rpm -qlv ncurses-termcap-devel reveals that libtermcap.so is a
> symlink to libncurses.
Same for Debian. However, I haven't checked ncurses and terminfo. I
don't know if and how much code is shared with termcap thus I don't
know if the apps might still be vulnerable.
Regards,
Joey
--
GNU does not eliminate all the world's problems, only some of them.
-- The GNU Manifesto
