66bcc3454d2190717604d99c6c885b157c7016b5 - third_party/overlays/portage-stable

commit	66bcc3454d2190717604d99c6c885b157c7016b5	[log] [tgz]
author	Oleksandr Tymoshenko <ovt@google.com>	Tue Oct 05 20:55:34 2021 +0000
committer	Oleksandr Tymoshenko <ovt@google.com>	Tue Oct 12 04:29:25 2021 +0000
tree	2fff09efdf21375165346fb8739fbc7c5817372d
parent	072a77692a86b8b98c2861a5a2c774273f6d76ba [diff]

LAKITU: Backport fix for CVE-2021-39537 from ncurses 6.2

Backport fix for heap-based stack overflow in _nc_captoinfo
from the upstream commit 790a85db ("ncurses 6.2 - patch 20200531")

BUG=b/202124389
TEST=presubmit
RELEASE_NOTE=Fixed CVE-2021-39537 in ncurses package

cos-patch: security-moderate
Change-Id: I8801b549fc78bf03937d0f525ef70393b2cd4dbd
Reviewed-on: https://cos-review.googlesource.com/c/third_party/overlays/portage-stable/+/23411
Reviewed-by: Vaibhav Rustagi <vaibhavrustagi@google.com>
Reviewed-by: Robert Kolchmeyer <rkolchmeyer@google.com>
Tested-by: Cusky Presubmit Bot <presubmit@cos-infra-prod.iam.gserviceaccount.com>
Main-Branch-Verified: Cusky Presubmit Bot <presubmit@cos-infra-prod.iam.gserviceaccount.com>

sys-libs/ncurses/files/ncurses-5.9-fix-cve-2021-39537.patch[Added - diff]
sys-libs/ncurses/ncurses-5.9-r9.ebuild[Renamed from sys-libs/ncurses/ncurses-5.9-r8.ebuild - diff]

2 files changed

tree: 2fff09efdf21375165346fb8739fbc7c5817372d