Synopsis
Moderate: curl security update
Type/Severity
Security Advisory: Moderate
Topic
An update for curl is now available for Red Hat Enterprise Linux 75 Extended Update SupportRed Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring System ( ...
Synopsis
Moderate: httpd24 security, bug fix, and enhancement update
Type/Severity
Security Advisory: Moderate
Topic
An update for httpd24-httpd, httpd24-nghttp2, and httpd24-curl is now available for Red Hat Software CollectionsRed Hat Product Security has rated this update as having a security impact of ...
Synopsis
Moderate: curl security update
Type/Severity
Security Advisory: Moderate
Topic
An update for curl is now available for Red Hat Enterprise Linux 74 Advanced Update Support, Red Hat Enterprise Linux 74 Telco Extended Update Support, and Red Hat Enterprise Linux 74 Update Services for SAP Solutions ...
Synopsis
Moderate: curl and nss-pem security and bug fix update
Type/Severity
Security Advisory: Moderate
Topic
An update for curl and nss-pem is now available for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scorin ...
Several security issues were fixed in curl ...
Several security issues were fixed in curl ...
Debian Bug report logs -
#893546
curl: CVE-2018-1000120 CVE-2018-1000121 CVE-2018-1000122
Package:
src:curl;
Maintainer for src:curl is Alessandro Ghedini <ghedo@debianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Mon, 19 Mar 2018 20:09:01 UTC
Severity: serious
Tags: fixed-upstream, patch, securi ...
Debian Bug report logs -
#898856
curl: CVE-2018-1000301: RTSP bad headers buffer over-read
Package:
curl;
Maintainer for curl is Alessandro Ghedini <ghedo@debianorg>; Source for curl is src:curl (PTS, buildd, popcon)
Reported by: Chris Lamb <lamby@debianorg>
Date: Wed, 16 May 2018 18:00:02 UTC
Severity: grave
Tags ...
curl version curl 7200 to and including curl 7590 contains a CWE-126: Buffer Over-read vulnerability in denial of service that can result in curl can be tricked into reading data beyond the end of a heap based buffer used to store downloaded RTSP content This vulnerability appears to have been fixed in curl < 7200 and curl >= 7600 ...
Curl version curl 7541 to and including curl 7590 contains a CWE-122: Heap-based Buffer Overflow vulnerability in denial of service and more that can result in curl might overflow a heap based memory buffer when closing down an FTP connection with very long server command replies(CVE-2018-1000300)
Curl version curl 7200 to and including curl ...
The nss-pem package provides the PEM file reader for Network Security Services (NSS) implemented as a PKCS#11 module This update contains fixes related to CURL security updates, specifically updating an object ID when reusing a certificate ...
curl >= 7200 and < 7600 can be tricked into reading data beyond the end of a heap based buffer used to store downloaded content
When servers send RTSP responses back to curl, the data starts out with a set of headers curl parses that data to separate it into a number of headers to deal with those appropriately and to find the end of the ...