AVG-696 log
Package | lib32-libcurl-compat |
Status | Fixed |
Severity | Critical |
Type | multiple issues |
Affected | 7.59.0-1 |
Fixed | 7.60.0-1 |
Current |
8.11.1-3 [multilib-testing] 8.11.1-2 [multilib] |
Ticket | None |
Created | Wed May 16 09:11:39 2018 |
Issue | Severity | Remote | Type | Description |
---|---|---|---|---|
CVE-2018-1000301 | Medium | Yes | Denial of service | curl >= 7.20.0 and < 7.60.0 can be tricked into reading data beyond the end of a heap based buffer used to store downloaded content. When servers send RTSP... |
CVE-2018-1000300 | Critical | Yes | Arbitrary code execution | curl >= 7.54.1 and < 7.60.0 might overflow a heap based memory buffer when closing down an FTP connection with very long server command replies. When doing... |
Date | Advisory | Package | Type |
---|---|---|---|
18 May 2018 | ASA-201805-15 | lib32-libcurl-compat | multiple issues |