AVG-959 log

Package libcurl-compat
Status Fixed
Severity High
Type arbitrary code execution
Affected 7.64.1-1
Fixed 7.65.0-1
Current 8.11.1-3 [core]
Ticket None
Created Wed May 22 14:35:11 2019
Issue Severity Remote Type Description
CVE-2019-5436 High Yes Arbitrary code execution
libcurl before 7.65.0 contains a heap buffer overflow in the function (tftp_receive_packet()) that receives data from a TFTP server. It calls recvfrom()...
Date Advisory Package Type
31 May 2019 ASA-201905-11 libcurl-compat arbitrary code execution
References
https://curl.haxx.se/docs/CVE-2019-5436.html