Advisories ยป MGASA-2018-0054

Updated curl packages fix security vulnerability

Publication date: 03 Jan 2018
Modification date: 03 Jan 2018
Type: security
Affected Mageia releases : 6
CVE: CVE-2017-8816 , CVE-2017-8817 , CVE-2017-1000254 , CVE-2017-1000257

Description

libcurl contains a buffer overrun flaw in the NTLM authentication code
(CVE-2017-8816).

libcurl contains a read out of bounds flaw in the FTP wildcard function
(CVE-2017-8817).

libcurl may read outside of a heap allocated buffer when doing FTP
(CVE-2017-1000254).

libcurl contains a buffer overrun flaw in the IMAP handler
(CVE-2017-1000257).
                

References

SRPMS

6/core