AVG-117 log
| Package | lib32-libcurl-gnutls |
| Status | Fixed |
| Severity | Medium |
| Type | multiple issues |
| Affected | 7.51.0-1 |
| Fixed | 7.52.1-1 |
| Current | 8.7.1-4 [multilib] |
| Ticket | FS#52247 |
| Created | Fri Dec 23 00:17:59 2016 |
| Issue | Severity | Remote | Type | Description |
|---|---|---|---|---|
| CVE-2016-9594 | Medium | Yes | Incorrect calculation | libcurl's (new) internal function that returns a good 32bit random value was implemented poorly and overwrote the pointer instead of writing the value into... |
| CVE-2016-9586 | Medium | Yes | Arbitrary code execution | libcurl's implementation of the printf() functions triggers a buffer overflow when doing a large floating point output. The bug occurs when the conversion... |
| Date | Advisory | Package | Type |
|---|---|---|---|
| 03 Jan 2017 | ASA-201701-11 | lib32-libcurl-gnutls | multiple issues |
| References |
|---|
https://bugs.archlinux.org/task/52250 https://curl.haxx.se/docs/adv_20161221A.html https://curl.haxx.se/docs/adv_20161223.html |