AVG-387 log

Package libcurl-gnutls
Status Fixed
Severity Medium
Type multiple issues
Affected 7.54.1-1
Fixed 7.56.0-1
Current 8.11.1-3 [core]
Ticket None
Created Tue Aug 22 18:54:15 2017
Issue Severity Remote Type Description
CVE-2017-1000254 Low Yes Denial of service
When libcurl connects to an FTP server and successfully logs in (anonymous or not), it asks the server for the current directory with the `PWD` command. The...
CVE-2017-1000100 Medium Yes Information disclosure
An information disclosure issue has been found in curl < 7.55.0. When doing a TFTP transfer and curl/libcurl is given a URL that contains a very long file...
CVE-2017-1000099 Low No Information disclosure
An information disclosure issue has been found in curl < 7.55.0. When asking to get a file from a file:// URL, libcurl provides a feature that outputs...
Date Advisory Package Type
05 Oct 2017 ASA-201710-5 libcurl-gnutls multiple issues