AVG-371 log

Package lib32-curl
Status Fixed
Severity Medium
Type multiple issues
Affected 7.54.1-2
Fixed 7.56.0-1
Current 8.11.1-3 [multilib]
Ticket None
Created Wed Aug 9 07:55:51 2017
Issue Severity Remote Type Description
CVE-2017-1000254 Low Yes Denial of service
When libcurl connects to an FTP server and successfully logs in (anonymous or not), it asks the server for the current directory with the `PWD` command. The...
CVE-2017-1000100 Medium Yes Information disclosure
An information disclosure issue has been found in curl < 7.55.0. When doing a TFTP transfer and curl/libcurl is given a URL that contains a very long file...
CVE-2017-1000099 Low No Information disclosure
An information disclosure issue has been found in curl < 7.55.0. When asking to get a file from a file:// URL, libcurl provides a feature that outputs...
Date Advisory Package Type
05 Oct 2017 ASA-201710-3 lib32-curl multiple issues