AVG-521 log
| Package | lib32-curl |
| Status | Fixed |
| Severity | High |
| Type | multiple issues |
| Affected | 7.56.1-1 |
| Fixed | 7.57.0-1 |
| Current | 8.11.0-1 [multilib] |
| Ticket | None |
| Created | Wed Nov 29 10:22:59 2017 |
| Issue | Severity | Remote | Type | Description |
|---|---|---|---|---|
| CVE-2017-8818 | High | Yes | Arbitrary code execution | An out-of-bounds flaw has been found in the SSL related code of libcurl >= 7.56.0 and < 7.57.0. When allocating memory for a connection (the internal struct... |
| CVE-2017-8817 | Medium | Yes | Information disclosure | A read out of bounds flaw has been found in the FTP wildcard function of libcurl >= 7.21.0 and < 7.57.0. libcurl's FTP wildcard matching feature, which is... |
| CVE-2017-8816 | High | Yes | Arbitrary code execution | A buffer overrun flaw has been found in libcurl > 7.15.4 and < 7.57.0, in the NTLM authentication code. The internal function... |
| Date | Advisory | Package | Type |
|---|---|---|---|
| 30 Nov 2017 | ASA-201711-36 | lib32-curl | multiple issues |
| References |
|---|
https://curl.haxx.se/docs/adv_2017-11e7.html https://curl.haxx.se/docs/adv_2017-ae72.html https://curl.haxx.se/docs/adv_2017-af0a.html |