Synopsis
Moderate: curl security update
Type/Severity
Security Advisory: Moderate
Topic
An update for curl is now available for Red Hat Enterprise Linux 75 Extended Update SupportRed Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring System ( ...
Synopsis
Moderate: httpd24 security, bug fix, and enhancement update
Type/Severity
Security Advisory: Moderate
Topic
An update for httpd24-httpd, httpd24-nghttp2, and httpd24-curl is now available for Red Hat Software CollectionsRed Hat Product Security has rated this update as having a security impact of ...
Synopsis
Moderate: curl security update
Type/Severity
Security Advisory: Moderate
Topic
An update for curl is now available for Red Hat Enterprise Linux 74 Advanced Update Support, Red Hat Enterprise Linux 74 Telco Extended Update Support, and Red Hat Enterprise Linux 74 Update Services for SAP Solutions ...
Synopsis
Moderate: curl and nss-pem security and bug fix update
Type/Severity
Security Advisory: Moderate
Topic
An update for curl and nss-pem is now available for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scorin ...
Synopsis
Important: Red Hat JBoss Core Services Apache HTTP Server 2429 SP2 security update
Type/Severity
Security Advisory: Important
Topic
Red Hat JBoss Core Services Pack Apache Server 2429 Service Pack 2 packages for Microsoft Windows and Oracle Solaris are now availableRed Hat Product Security has ...
Debian Bug report logs -
#893546
curl: CVE-2018-1000120 CVE-2018-1000121 CVE-2018-1000122
Package:
src:curl;
Maintainer for src:curl is Alessandro Ghedini <ghedo@debianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Mon, 19 Mar 2018 20:09:01 UTC
Severity: serious
Tags: fixed-upstream, patch, securi ...
Debian Bug report logs -
#898856
curl: CVE-2018-1000301: RTSP bad headers buffer over-read
Package:
curl;
Maintainer for curl is Alessandro Ghedini <ghedo@debianorg>; Source for curl is src:curl (PTS, buildd, popcon)
Reported by: Chris Lamb <lamby@debianorg>
Date: Wed, 16 May 2018 18:00:02 UTC
Severity: grave
Tags ...
Multiple vulnerabilities were discovered in cURL, an URL transfer library
CVE-2018-1000120
Duy Phan Thanh discovered that curl could be fooled into writing a
zero byte out of bounds when curl is told to work on an FTP URL with
the setting to only issue a single CWD command, if the directory part
of the URL contains a “%00” seq ...
Several security issues were fixed in curl ...
Several security issues were fixed in curl ...
FTP path trickery leads to NIL byte out of bounds write:It was found that libcurl did not safely parse FTP URLs when using the CURLOPT_FTP_FILEMETHOD method An attacker, able to provide a specially crafted FTP URL to an application using libcurl, could write a NULL byte at an arbitrary location, resulting in a crash, or an unspecified behavior (C ...
It was found that libcurl did not safely parse FTP URLs when using the CURLOPT_FTP_FILEMETHOD method An attacker, able to provide a specially crafted FTP URL to an application using libcurl, could write a NULL byte at an arbitrary location, resulting in a crash, or an unspecified behavior ...
The nss-pem package provides the PEM file reader for Network Security Services (NSS) implemented as a PKCS#11 module This update contains fixes related to CURL security updates, specifically updating an object ID when reusing a certificate ...
FTP path trickery leads to NIL byte out of bounds write:It was found that libcurl did not safely parse FTP URLs when using the CURLOPT_FTP_FILEMETHOD method An attacker, able to provide a specially crafted FTP URL to an application using libcurl, could write a NULL byte at an arbitrary location, resulting in a crash, or an unspecified behavior (C ...
It was found that libcurl did not safely parse FTP URLs when using the CURLOPT_FTP_FILEMETHOD method An attacker, able to provide a specially crafted FTP URL to an application using libcurl, could write a NULL byte at an arbitrary location, resulting in a crash, or an unspecified behavior ...