ncurses - Debian Package Tracker

general

source: ncurses (main)
version: 6.6+20251231-1
maintainer: Ncurses Maintainers (DMD)
uploaders: Sven Joachim [DMD] [DM] – Craig Small [DMD]
arch: all any
std-ver: 4.7.3
VCS: Git (Browse, QA)

versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]

[pool directory]

o-o-stable: 6.2+20201114-2+deb11u2
oldstable: 6.4-4
stable: 6.5+20250216-2
testing: 6.6+20251231-1
unstable: 6.6+20251231-1

versioned links

6.2+20201114-2+deb11u2: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
6.4-4: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
6.5+20250216-2: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
6.6+20251231-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]

binaries

lib32ncurses-dev
lib32ncurses6
lib32ncursesw6
lib32tinfo6
lib64ncurses-dev
lib64ncurses6
lib64ncursesw6
lib64tinfo6
libncurses-dev (1 bugs: 0, 0, 1, 0)
libncurses6
libncursesw6
libncursesw6-udeb
libtinfo6 (1 bugs: 0, 1, 0, 0)
libtinfo6-udeb
ncurses-base (8 bugs: 0, 2, 6, 0)
ncurses-bin (4 bugs: 0, 1, 3, 0)
ncurses-doc (5 bugs: 0, 1, 4, 0)
ncurses-examples
ncurses-term (2 bugs: 0, 1, 1, 0)

action needed

version in VCS is newer than in repository, is it time to upload? normal

vcswatch reports that this package seems to have a new changelog entry (version 6.6+20251231-2, distribution UNRELEASED) and new commits in its VCS. You should consider whether it's time to make an upload.

Here are the relevant commit messages:

commit 2d238cf3875f1a0a7c874f0a9b14f7582d19907a
Author: Sven Joachim <svenjoac@gmx.de>
Date:   Sat Jan 24 20:37:31 2026 +0100

    Convert the watch files to version 5

commit afee7675c395951ac92ca5bf3a393410931c396c
Author: Sven Joachim <svenjoac@gmx.de>
Date:   Sat Jan 24 20:23:04 2026 +0100

    Update upstream signing key
    
    The key had expired on 2026-01-18, update has a published a refreshed
    version at
    https://invisible-island.net/public/dickey@invisible-island.net-rsa3072.asc.
    
    Unfortunately we cannot simply replace the current key with a minimal
    export of the new one, as that would break verification of the current
    version when dpkg-source creates the source package, see
    https://gitlab.com/sequoia-pgp/sequoia/-/issues/1105.
    
    To keep both dpkg-source and uscan happy, we need both the expired
    self-sig and the new one, I merged them with the following two commands:
    
    $ gpg --export --armor --export-options export-minimal 19882D92DDA4C400C22C0D56CC2AF4472167BE03 >> debian/upstream/signing-key.asc
    $ sq keyring merge --overwrite --output debian/upstream/signing-key.asc debian/upstream/signing-key.asc
    
    When we update to a newer upstream patchlevel, we can minimize the key
    again.

Created: 2026-01-25 Last update: 2026-01-25 08:30

7 bugs tagged patch in the BTS normal

The BTS contains patches fixing 7 bugs, consider including or untagging them.

Created: 2025-01-06 Last update: 2026-01-25 06:00

1 low-priority security issue in trixie low

There is 1 open security issue in trixie.

1 issue left for the package maintainer to handle:

CVE-2025-6141: (needs triaging) A vulnerability has been found in GNU ncurses up to 6.5-20250322 and classified as problematic. This vulnerability affects the function postprocess_termcap of the file tinfo/parse_entry.c. The manipulation leads to stack-based buffer overflow. The attack needs to be approached locally. Upgrading to version 6.5-20250329 is able to address this issue. It is recommended to upgrade the affected component.

You can find information about how to handle this issue in the security team's documentation.

Created: 2025-06-17 Last update: 2026-01-08 05:01

2 low-priority security issues in bookworm low

There are 2 open security issues in bookworm.

2 issues left for the package maintainer to handle:

CVE-2025-6141: (needs triaging) A vulnerability has been found in GNU ncurses up to 6.5-20250322 and classified as problematic. This vulnerability affects the function postprocess_termcap of the file tinfo/parse_entry.c. The manipulation leads to stack-based buffer overflow. The attack needs to be approached locally. Upgrading to version 6.5-20250329 is able to address this issue. It is recommended to upgrade the affected component.
CVE-2023-50495: (needs triaging) NCurse v6.4-20230418 was discovered to contain a segmentation fault via the component _nc_wrap_entry().

You can find information about how to handle these issues in the security team's documentation.

Created: 2023-12-12 Last update: 2026-01-08 05:01

news

[rss feed]

[2026-01-08] ncurses 6.6+20251231-1 MIGRATED to testing (Debian testing watch)
[2026-01-03] Accepted ncurses 6.6+20251231-1 (source) into unstable (Sven Joachim)
[2025-12-03] ncurses 6.5+20251123-1 MIGRATED to testing (Debian testing watch)
[2025-11-24] Accepted ncurses 6.5+20251123-1 (source) into unstable (Sven Joachim)
[2025-11-23] Accepted ncurses 6.5+20251122-1 (source) into unstable (Sven Joachim)
[2025-11-20] Accepted ncurses 6.5+20251115-2 (source) into unstable (Sven Joachim)
[2025-11-17] Accepted ncurses 6.5+20251115-1 (source) into experimental (Sven Joachim)
[2025-03-13] ncurses 6.5+20250216-2 MIGRATED to testing (Debian testing watch)
[2025-03-06] Accepted ncurses 6.5+20250216-2 (source) into unstable (Sven Joachim)
[2025-02-24] ncurses 6.5+20250216-1 MIGRATED to testing (Debian testing watch)
[2025-02-18] Accepted ncurses 6.5+20250216-1 (source) into unstable (Sven Joachim)
[2025-02-10] ncurses 6.5+20250125-2 MIGRATED to testing (Debian testing watch)
[2025-01-31] Accepted ncurses 6.5+20250125-2 (source) into unstable (Sven Joachim)
[2025-01-29] Accepted ncurses 6.5+20250125-1 (source) into experimental (Sven Joachim)
[2024-05-16] ncurses 6.5-2 MIGRATED to testing (Debian testing watch)
[2024-05-09] Accepted ncurses 6.5-2 (source) into unstable (Sven Joachim)
[2024-05-05] Accepted ncurses 6.5-1 (source) into experimental (Sven Joachim)
[2024-04-22] ncurses 6.4+20240414-1 MIGRATED to testing (Debian testing watch)
[2024-04-16] Accepted ncurses 6.4+20240414-1 (source) into unstable (Sven Joachim)
[2024-01-22] ncurses 6.4+20240113-1 MIGRATED to testing (Debian testing watch)
[2024-01-22] ncurses 6.4+20240113-1 MIGRATED to testing (Debian testing watch)
[2024-01-15] Accepted ncurses 6.4+20240113-1 (source) into unstable (Sven Joachim)
[2023-12-17] ncurses 6.4+20231209-1 MIGRATED to testing (Debian testing watch)
[2023-12-11] Accepted ncurses 6.4+20231209-1 (source) into unstable (Sven Joachim)
[2023-12-03] Accepted ncurses 6.1+20181013-2+deb10u5 (source) into oldoldstable (Guilhem Moulin)
[2023-11-28] ncurses 6.4+20231121-1 MIGRATED to testing (Debian testing watch)
[2023-11-22] Accepted ncurses 6.4+20231121-1 (source) into unstable (Sven Joachim)
[2023-11-20] Accepted ncurses 6.4+20231118-1 (source) into unstable (Sven Joachim)
[2023-10-23] ncurses 6.4+20231016-1 MIGRATED to testing (Debian testing watch)
[2023-10-17] Accepted ncurses 6.4+20231016-1 (source) into unstable (Sven Joachim)

bugs [bug history graph]

all: 35
RC: 0
I&N: 13
M&W: 22
F&P: 0
patch: 7

links

homepage
lintian
buildd: logs, reproducibility, cross
popcon
browse source code
edit tags
other distros
security tracker
debian patches
debci

ubuntu

[Information about Ubuntu for Debian Developers]

version: 6.6+20251231-1
28 bugs (1 patch)