AVG-117 log

Package lib32-libcurl-gnutls
Status Fixed
Severity Medium
Type multiple issues
Affected 7.51.0-1
Fixed 7.52.1-1
Current 8.11.0-1 [multilib]
Ticket FS#52247
Created Fri Dec 23 00:17:59 2016
Issue Severity Remote Type Description
CVE-2016-9594 Medium Yes Incorrect calculation
libcurl's (new) internal function that returns a good 32bit random value was implemented poorly and overwrote the pointer instead of writing the value into...
CVE-2016-9586 Medium Yes Arbitrary code execution
libcurl's implementation of the printf() functions triggers a buffer overflow when doing a large floating point output. The bug occurs when the conversion...
Date Advisory Package Type
03 Jan 2017 ASA-201701-11 lib32-libcurl-gnutls multiple issues
References
https://bugs.archlinux.org/task/52250
https://curl.haxx.se/docs/adv_20161221A.html
https://curl.haxx.se/docs/adv_20161223.html