AVG-112 log
| Package | curl |
| Status | Fixed |
| Severity | Medium |
| Type | multiple issues |
| Affected | 7.51.0-1 |
| Fixed | 7.52.1-1 |
| Current | 8.7.1-6 [core] |
| Ticket | FS#52247 |
| Created | Fri Dec 23 00:16:09 2016 |
| Issue | Severity | Remote | Type | Description |
|---|---|---|---|---|
| CVE-2016-9594 | Medium | Yes | Incorrect calculation | libcurl's (new) internal function that returns a good 32bit random value was implemented poorly and overwrote the pointer instead of writing the value into... |
| CVE-2016-9586 | Medium | Yes | Arbitrary code execution | libcurl's implementation of the printf() functions triggers a buffer overflow when doing a large floating point output. The bug occurs when the conversion... |
| Date | Advisory | Package | Type |
|---|---|---|---|
| 27 Dec 2016 | ASA-201612-22 | curl | multiple issues |
| References |
|---|
https://curl.haxx.se/docs/adv_20161221A.html |