Newt is a programming library for color text mode, widget-based user
interfaces. Newt can be used to add stacked windows, entry widgets,
checkboxes, radio buttons, labels, plain text fields, scrollbars, and so
on, to text mode user interfaces.
A heap-based buffer overflow flaw was found in the way newt processes
content that is to be displayed in a text dialog box. A local attacker
could issue a specially-crafted text dialog box display request (direct or
via a custom application), leading to a denial of service (application
crash) or, potentially, arbitrary code execution with the privileges of the
user running the application using the newt library. (CVE-2009-2905)
Users of newt should upgrade to these updated packages, which contain a
backported patch to correct this issue. After installing the updated
packages, all applications using the newt library must be restarted for the
update to take effect.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
RedHat | 4 | s390x | newt-devel | < 0.51.6-10.el4_8.1 | newt-devel-0.51.6-10.el4_8.1.s390x.rpm |
RedHat | 5 | x86_64 | newt-devel | < 0.52.2-12.el5_4.1 | newt-devel-0.52.2-12.el5_4.1.x86_64.rpm |
RedHat | 5 | ppc | newt | < 0.52.2-12.el5_4.1 | newt-0.52.2-12.el5_4.1.ppc.rpm |
RedHat | 4 | i386 | newt-devel | < 0.51.6-10.el4_8.1 | newt-devel-0.51.6-10.el4_8.1.i386.rpm |
RedHat | 5 | s390 | newt-devel | < 0.52.2-12.el5_4.1 | newt-devel-0.52.2-12.el5_4.1.s390.rpm |
RedHat | 5 | x86_64 | newt | < 0.52.2-12.el5_4.1 | newt-0.52.2-12.el5_4.1.x86_64.rpm |
RedHat | 5 | ia64 | newt | < 0.52.2-12.el5_4.1 | newt-0.52.2-12.el5_4.1.ia64.rpm |
RedHat | 4 | s390x | newt | < 0.51.6-10.el4_8.1 | newt-0.51.6-10.el4_8.1.s390x.rpm |
RedHat | 5 | i386 | newt | < 0.52.2-12.el5_4.1 | newt-0.52.2-12.el5_4.1.i386.rpm |
RedHat | 4 | ppc64 | newt | < 0.51.6-10.el4_8.1 | newt-0.51.6-10.el4_8.1.ppc64.rpm |