Document ncurses issues

1 files changed, 38 insertions, 0 deletions

diff --git a/security/vuxml/vuln.xml b/security/vuxml/vuln.xml
index 77e1d64f57c3..1206bc754ea1 100644
--- a/security/vuxml/vuln.xml
+++ b/security/vuxml/vuln.xml
@@ -58,6 +58,44 @@ Notes:
   * Do not forget port variants (linux-f10-libxml2, libxml2, etc.)
 -->
 <vuxml xmlns="http://www.vuxml.org/apps/vuxml-1">
+  <vuln vid="b84dbd94-e894-4c91-b8cd-d328537b1b2b">
+    <topic>ncurses -- multiple issues</topic>
+    <affects>
+      <package>
+	<name>ncurses</name>
+	<range><le>6.0</le></range>
+      </package>
+    </affects>
+    <description>
+      <body xmlns="http://www.w3.org/1999/xhtml">
+	<p>ncurses developers reports:</p>
+	<blockquote cite="https://bugzilla.redhat.com/show_bug.cgi?id=1484285">
+	  <p>There are multiple illegal address access issues and an infinite loop issue. Please refer to the CVE list for details.</p>
+	</blockquote>
+      </body>
+    </description>
+    <references>
+      <url>https://bugzilla.redhat.com/show_bug.cgi?id=1484274</url>
+      <url>https://bugzilla.redhat.com/show_bug.cgi?id=1484276</url>
+      <url>https://bugzilla.redhat.com/show_bug.cgi?id=1484284</url>
+      <url>https://bugzilla.redhat.com/show_bug.cgi?id=1484285</url>
+      <url>https://bugzilla.redhat.com/show_bug.cgi?id=1484287</url>
+      <url>https://bugzilla.redhat.com/show_bug.cgi?id=1484290</url>
+      <url>https://bugzilla.redhat.com/show_bug.cgi?id=1484291</url>
+      <cvename>CVE-2017-13728</cvename>
+      <cvename>CVE-2017-13729</cvename>
+      <cvename>CVE-2017-13730</cvename>
+      <cvename>CVE-2017-13731</cvename>
+      <cvename>CVE-2017-13732</cvename>
+      <cvename>CVE-2017-13733</cvename>
+      <cvename>CVE-2017-13734</cvename>
+    </references>
+    <dates>
+      <discovery>2017-08-29</discovery>
+      <entry>2017-10-11</entry>
+    </dates>
+  </vuln>
+
   <vuln vid="9164f51e-ae20-11e7-a633-009c02a2ab30">
     <topic>Python 2.7 -- multiple vulnerabilities</topic>
     <affects>