AVG-113 log
| Package | libcurl-compat |
| Status | Fixed |
| Severity | Medium |
| Type | multiple issues |
| Affected | 7.51.0-1 |
| Fixed | 7.52.1-1 |
| Current |
8.7.1-6 [core-testing] 8.7.1-5 [core] |
| Ticket | FS#52247 |
| Created | Fri Dec 23 00:16:34 2016 |
| Issue | Severity | Remote | Type | Description |
|---|---|---|---|---|
| CVE-2016-9594 | Medium | Yes | Incorrect calculation | libcurl's (new) internal function that returns a good 32bit random value was implemented poorly and overwrote the pointer instead of writing the value into... |
| CVE-2016-9586 | Medium | Yes | Arbitrary code execution | libcurl's implementation of the printf() functions triggers a buffer overflow when doing a large floating point output. The bug occurs when the conversion... |
| Date | Advisory | Package | Type |
|---|---|---|---|
| 03 Jan 2017 | ASA-201701-7 | libcurl-compat | multiple issues |
| References |
|---|
https://curl.haxx.se/docs/adv_20161221A.html |