AVG-660 log

Package lib32-libcurl-compat
Status Fixed
Severity Medium
Type multiple issues
Affected 7.58.0-2
Fixed 7.59.0-1
Current 8.11.1-3 [multilib-testing]
8.11.1-2 [multilib]
Ticket None
Created Mon Mar 19 11:32:55 2018
Issue Severity Remote Type Description
CVE-2018-1000122 Medium Yes Information disclosure
A buffer over-read exists in curl >= 7.20.0 and < 7.59.0 in the RTSP+RTP handling code that allows an attacker to cause a denial of service or information...
CVE-2018-1000121 Medium Yes Denial of service
A NULL pointer dereference exists in the LDAP code of curl >= 7.21.0 and < curl 7.59.0, allowing an attacker to cause a denial of service. libcurl-using...
CVE-2018-1000120 Medium Yes Denial of service
It was found that libcurl did not safely parse FTP URLs when using the CURLOPT_FTP_FILEMETHOD method. An attacker, able to provide a specially crafted FTP...
Date Advisory Package Type
19 Mar 2018 ASA-201803-18 lib32-libcurl-compat multiple issues