ASA-201803-19 generated external raw

[ASA-201803-19] libcurl-gnutls: multiple issues
Arch Linux Security Advisory ASA-201803-19 ========================================== Severity: Medium Date : 2018-03-19 CVE-ID : CVE-2018-1000120 CVE-2018-1000121 CVE-2018-1000122 Package : libcurl-gnutls Type : multiple issues Remote : Yes Link : Summary ======= The package libcurl-gnutls before version 7.59.0-1 is vulnerable to multiple issues including denial of service and information disclosure. Resolution ========== Upgrade to 7.59.0-1. # pacman -Syu "libcurl-gnutls>=7.59.0-1" The problems have been fixed upstream in version 7.59.0. Workaround ========== None. Description =========== - CVE-2018-1000120 (denial of service) It was found that libcurl did not safely parse FTP URLs when using the CURLOPT_FTP_FILEMETHOD method. An attacker, able to provide a specially crafted FTP URL to an application using libcurl, could write a NULL byte at an arbitrary location, resulting in a crash, or an unspecified behavior. - CVE-2018-1000121 (denial of service) A NULL pointer dereference exists in the LDAP code of curl >= 7.21.0 and < curl 7.59.0, allowing an attacker to cause a denial of service. libcurl-using applications that allow LDAP URLs, or that allow redirects to LDAP URLs could be made to crash by a malicious server. - CVE-2018-1000122 (information disclosure) A buffer over-read exists in curl >= 7.20.0 and < 7.59.0 in the RTSP+RTP handling code that allows an attacker to cause a denial of service or information leakage. When asked to transfer an RTSP URL, curl could calculate a wrong data length to copy from the read buffer. The memcpy call would copy data from the heap following the buffer to a storage area that would subsequently be delivered to the application (if it didn't cause a crash). This could lead to information leakage or a denial of service for the application if the server offering the RTSP data can trigger this. Impact ====== A remote attacker is able to crash the application or disclose sensitive information on the affected host. References ==========