[Midnightbsd-cvs] [MidnightBSD/src] 3bc063: ncurses: fix CVE-2025-6141 buffer overflow in post...

Lucas Holt noreply at github.com
Wed Jun 10 22:24:17 EDT 2026


  Branch: refs/heads/stable/4.1
  Home:   https://github.com/MidnightBSD/src
  Commit: 3bc063167372d2718710e27bea22d62ff7ecbd02
      https://github.com/MidnightBSD/src/commit/3bc063167372d2718710e27bea22d62ff7ecbd02
  Author: Lucas Holt <luke at foolishgames.com>
  Date:   2026-06-10 (Wed, 10 Jun 2026)

  Changed paths:
    M contrib/ncurses/ncurses/tinfo/parse_entry.c

  Log Message:
  -----------
  ncurses: fix CVE-2025-6141 buffer overflow in postprocess_termcap

Backport buffer-limit check from ncurses 6.5-20250329 (fix by
Thomas Dickey, report/testcase by Yifan Zhang).

The ko capability processing loop in postprocess_termcap() copies
termcap string values into buf2[MAX_TERMINFO_LENGTH] without bounds
checking, allowing a stack-based buffer overflow via a crafted
termcap entry.

Co-Authored-By: Claude Sonnet 4.6 <noreply at anthropic.com>


  Commit: 3564a00b03ea685aedea23c65a5dadacf42000c2
      https://github.com/MidnightBSD/src/commit/3564a00b03ea685aedea23c65a5dadacf42000c2
  Author: Lucas Holt <luke at foolishgames.com>
  Date:   2026-06-10 (Wed, 10 Jun 2026)

  Changed paths:
    M UPDATING

  Log Message:
  -----------
  UPDATING: note ncurses CVE-2025-6141

Co-Authored-By: Claude Sonnet 4.6 <noreply at anthropic.com>


Compare: https://github.com/MidnightBSD/src/compare/b2d3bf11a52e...3564a00b03ea

To unsubscribe from these emails, change your notification settings at https://github.com/MidnightBSD/src/settings/notifications


More information about the Midnightbsd-cvs mailing list