AVG-528 log

Package libcurl-compat
Status Not affected
Severity High
Type arbitrary code execution
Affected 7.56.1-1
Fixed 7.57.0-1
Current 8.11.1-3 [core]
Ticket None
Created Thu Nov 30 01:02:57 2017
Issue Severity Remote Type Description
CVE-2017-8818 High Yes Arbitrary code execution
An out-of-bounds flaw has been found in the SSL related code of libcurl >= 7.56.0 and < 7.57.0. When allocating memory for a connection (the internal struct...
CVE-2017-8816 High Yes Arbitrary code execution
A buffer overrun flaw has been found in libcurl > 7.15.4 and < 7.57.0, in the NTLM authentication code. The internal function...
References
https://curl.haxx.se/docs/adv_2017-11e7.html
https://curl.haxx.se/docs/adv_2017-af0a.html
Notes
only affects 32-bit variants