AVG-959 log
| Package | libcurl-compat |
| Status | Fixed |
| Severity | High |
| Type | arbitrary code execution |
| Affected | 7.64.1-1 |
| Fixed | 7.65.0-1 |
| Current | 8.11.0-3 [core] |
| Ticket | None |
| Created | Wed May 22 14:35:11 2019 |
| Issue | Severity | Remote | Type | Description |
|---|---|---|---|---|
| CVE-2019-5436 | High | Yes | Arbitrary code execution | libcurl before 7.65.0 contains a heap buffer overflow in the function (tftp_receive_packet()) that receives data from a TFTP server. It calls recvfrom()... |
| Date | Advisory | Package | Type |
|---|---|---|---|
| 31 May 2019 | ASA-201905-11 | libcurl-compat | arbitrary code execution |
| References |
|---|
https://curl.haxx.se/docs/CVE-2019-5436.html |