AVG-528 log
Package | libcurl-compat |
Status | Not affected |
Severity | High |
Type | arbitrary code execution |
Affected | 7.56.1-1 |
Fixed | 7.57.0-1 |
Current | 8.11.0-3 [core] |
Ticket | None |
Created | Thu Nov 30 01:02:57 2017 |
Issue | Severity | Remote | Type | Description |
---|---|---|---|---|
CVE-2017-8818 | High | Yes | Arbitrary code execution | An out-of-bounds flaw has been found in the SSL related code of libcurl >= 7.56.0 and < 7.57.0. When allocating memory for a connection (the internal struct... |
CVE-2017-8816 | High | Yes | Arbitrary code execution | A buffer overrun flaw has been found in libcurl > 7.15.4 and < 7.57.0, in the NTLM authentication code. The internal function... |
References |
---|
https://curl.haxx.se/docs/adv_2017-11e7.html https://curl.haxx.se/docs/adv_2017-af0a.html |
Notes |
---|
only affects 32-bit variants |