Описание
Security update for curl
This update for curl fixes the following issues:
Security issues fixed:
- CVE-2019-5481: Fixed a double-free during kerberos FTP data transfer. (bsc#1149495)
- CVE-2019-5482: Fixed a TFTP small block size heap buffer overflow (bsc#1149496).
Список пакетов
Container suse/sles12sp4:latest
libcurl4-7.60.0-4.9.1
Image SLES12-SP4-Azure-BYOS
curl-7.60.0-4.9.1
libcurl4-7.60.0-4.9.1
Image SLES12-SP4-EC2-HVM-BYOS
curl-7.60.0-4.9.1
libcurl4-7.60.0-4.9.1
Image SLES12-SP4-GCE-BYOS
curl-7.60.0-4.9.1
libcurl4-7.60.0-4.9.1
Image SLES12-SP4-OCI-BYOS
curl-7.60.0-4.9.1
libcurl4-7.60.0-4.9.1
Image SLES12-SP4-SAP-Azure
curl-7.60.0-4.9.1
libcurl4-7.60.0-4.9.1
Image SLES12-SP4-SAP-Azure-BYOS
curl-7.60.0-4.9.1
libcurl4-7.60.0-4.9.1
Image SLES12-SP4-SAP-Azure-LI-BYOS-Production
curl-7.60.0-4.9.1
libcurl4-7.60.0-4.9.1
Image SLES12-SP4-SAP-Azure-VLI-BYOS-Production
curl-7.60.0-4.9.1
libcurl4-7.60.0-4.9.1
Image SLES12-SP4-SAP-EC2-HVM
curl-7.60.0-4.9.1
libcurl4-7.60.0-4.9.1
Image SLES12-SP4-SAP-EC2-HVM-BYOS
curl-7.60.0-4.9.1
libcurl4-7.60.0-4.9.1
Image SLES12-SP4-SAP-GCE
curl-7.60.0-4.9.1
libcurl4-7.60.0-4.9.1
Image SLES12-SP4-SAP-GCE-BYOS
curl-7.60.0-4.9.1
libcurl4-7.60.0-4.9.1
Image SLES12-SP4-SAP-OCI-BYOS
curl-7.60.0-4.9.1
libcurl4-7.60.0-4.9.1
SUSE Linux Enterprise Desktop 12 SP4
curl-7.60.0-4.9.1
libcurl4-7.60.0-4.9.1
libcurl4-32bit-7.60.0-4.9.1
SUSE Linux Enterprise Server 12 SP4
curl-7.60.0-4.9.1
libcurl4-7.60.0-4.9.1
libcurl4-32bit-7.60.0-4.9.1
SUSE Linux Enterprise Server for SAP Applications 12 SP4
curl-7.60.0-4.9.1
libcurl4-7.60.0-4.9.1
libcurl4-32bit-7.60.0-4.9.1
SUSE Linux Enterprise Software Development Kit 12 SP4
libcurl-devel-7.60.0-4.9.1
Ссылки
- Link for SUSE-SU-2019:2381-1
- E-Mail link for SUSE-SU-2019:2381-1
- SUSE Security Ratings
- SUSE Bug 1149495
- SUSE Bug 1149496
- SUSE CVE CVE-2019-5481 page
- SUSE CVE CVE-2019-5482 page
Описание
Double-free vulnerability in the FTP-kerberos code in cURL 7.52.0 to 7.65.3.
Затронутые продукты
Container suse/sles12sp4:latest:libcurl4-7.60.0-4.9.1
Image SLES12-SP4-Azure-BYOS:curl-7.60.0-4.9.1
Image SLES12-SP4-Azure-BYOS:libcurl4-7.60.0-4.9.1
Image SLES12-SP4-EC2-HVM-BYOS:curl-7.60.0-4.9.1
Ссылки
- CVE-2019-5481
- SUSE Bug 1149495
Описание
Heap buffer overflow in the TFTP protocol handler in cURL 7.19.4 to 7.65.3.
Затронутые продукты
Container suse/sles12sp4:latest:libcurl4-7.60.0-4.9.1
Image SLES12-SP4-Azure-BYOS:curl-7.60.0-4.9.1
Image SLES12-SP4-Azure-BYOS:libcurl4-7.60.0-4.9.1
Image SLES12-SP4-EC2-HVM-BYOS:curl-7.60.0-4.9.1
Ссылки
- CVE-2019-5482
- SUSE Bug 1149496
- SUSE Bug 1156634