Possible RCE via stack-based buffer overflow in the fmt_entry function (CVE-2017-10684). Possible RCE with format string vulnerability in the fmt_entry function (CVE-2017-10685). Illegal address access in append_acs (CVE-2017-11112). Dereferencing NULL pointer in _nc_parse_entry (CVE-2017-11113). Fix infinite loop in the next_char function in comp_scan.c (CVE-2017-13728). Fix illegal address access in the _nc_save_str (CVE-2017-13729). Fix illegal address access in the function _nc_read_entry_source() (CVE-2017-13730). Fix illegal address access in the function postprocess_termcap() (CVE-2017-13731). Fix illegal address access in the function dump_uses() (CVE-2017-13732). Fix illegal address access in the fmt_entry function (CVE-2017-13733). Fix stack-based buffer overflow in the _nc_write_entry() function (CVE-2017-16879).