Patch-ID# 104638-04 Keywords: security libcurses printw string crash 8-bit vsnprintf Synopsis: SunOS 5.5.1_x86: /usr/ccs/lib/libcurses.a patch Date: Mar/09/2001 Solaris Release: 2.5.1_x86 SunOS Release: 5.5.1_x86 Unbundled Product: Unbundled Release: Xref: This patch available for SPARC as patch 104637 Topic: SunOS 5.5.1_x86: /usr/ccs/lib/libcurses.a patch Relevant Architectures: i386 BugId's fixed with this patch: 1135146 4058714 4090140 4313067 Changes incorporated in this version: 4313067 Patches accumulated and obsoleted by this patch: Patches which conflict with this patch: Patches required with this patch: Obsoleted by: Files included with this patch: /usr/ccs/lib/libcurses.a /usr/ccs/lib/libtermcap.a /usr/ccs/lib/libtermlib.a Problem Description: 4313067 security: libcurses:setupterm has buffer overflow (from 104638-03) 4090140 PatchId 104637-02 libcurses.a references __vsnprintf in vwprintw (from 104638-02) 4058714 curses not 8-bit clean (from 104638-01) 1135146 printw() crashes for the large string Patch Installation Instructions: -------------------------------- Refer to the Install.info file within the patch for instructions on using the generic 'installpatch' and 'backoutpatch' scripts provided with each patch. Any other special or non-generic installation instructions should be described below. Special Install Instructions: ----------------------------- None. README -- Last modified date: Friday, March 9, 2001