AVG-962 log
Package | lib32-libcurl-compat |
Status | Fixed |
Severity | High |
Type | arbitrary code execution |
Affected | 7.64.1-1 |
Fixed | 7.65.0-1 |
Current | 8.11.1-3 [multilib] |
Ticket | None |
Created | Wed May 22 14:37:55 2019 |
Issue | Severity | Remote | Type | Description |
---|---|---|---|---|
CVE-2019-5436 | High | Yes | Arbitrary code execution | libcurl before 7.65.0 contains a heap buffer overflow in the function (tftp_receive_packet()) that receives data from a TFTP server. It calls recvfrom()... |
CVE-2019-5435 | High | Yes | Arbitrary code execution | libcurl before 7.65.0 contains two integer overflows in the curl_url_set() function that if triggered, can lead to a too small buffer allocation and a... |
Date | Advisory | Package | Type |
---|---|---|---|
31 May 2019 | ASA-201905-14 | lib32-libcurl-compat | arbitrary code execution |
References |
---|
https://curl.haxx.se/docs/CVE-2019-5435.html https://curl.haxx.se/docs/CVE-2019-5436.html |