AVG-241 log
| Package | curl |
| Status | Fixed |
| Severity | Medium |
| Type | certificate verification bypass |
| Affected | 7.53.1-2 |
| Fixed | 7.54.0-1 |
| Current | 8.11.0-3 [core] |
| Ticket | None |
| Created | Wed Apr 19 07:46:03 2017 |
| Issue | Severity | Remote | Type | Description |
|---|---|---|---|---|
| CVE-2017-7468 | Medium | Yes | Certificate verification bypass | libcurl from 7.52.0 to and including 7.53.1 would attempt to resume a TLS session even if the client certificate had changed. That is unacceptable since a... |
| Date | Advisory | Package | Type |
|---|---|---|---|
| 29 Apr 2017 | ASA-201704-12 | curl | certificate verification bypass |
| References |
|---|
https://curl.haxx.se/docs/adv_20170419.html |