Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

suse-cvrf логотип

SUSE-SU-2019:2381-1

Опубликовано: 16 сент. 2019
Источник: suse-cvrf

Описание

Security update for curl

This update for curl fixes the following issues:

Security issues fixed:

  • CVE-2019-5481: Fixed a double-free during kerberos FTP data transfer. (bsc#1149495)
  • CVE-2019-5482: Fixed a TFTP small block size heap buffer overflow (bsc#1149496).

Список пакетов

Container suse/sles12sp4:latest
libcurl4-7.60.0-4.9.1
SUSE Linux Enterprise Desktop 12 SP4
curl-7.60.0-4.9.1
libcurl4-7.60.0-4.9.1
libcurl4-32bit-7.60.0-4.9.1
SUSE Linux Enterprise Server 12 SP4
curl-7.60.0-4.9.1
libcurl4-7.60.0-4.9.1
libcurl4-32bit-7.60.0-4.9.1
SUSE Linux Enterprise Server for SAP Applications 12 SP4
curl-7.60.0-4.9.1
libcurl4-7.60.0-4.9.1
libcurl4-32bit-7.60.0-4.9.1
SUSE Linux Enterprise Software Development Kit 12 SP4
libcurl-devel-7.60.0-4.9.1

Ссылки

Описание

Double-free vulnerability in the FTP-kerberos code in cURL 7.52.0 to 7.65.3.

Затронутые продукты
Container suse/sles12sp4:latest:libcurl4-7.60.0-4.9.1
SUSE Linux Enterprise Desktop 12 SP4:curl-7.60.0-4.9.1
SUSE Linux Enterprise Desktop 12 SP4:libcurl4-32bit-7.60.0-4.9.1
SUSE Linux Enterprise Desktop 12 SP4:libcurl4-7.60.0-4.9.1
Ссылки

Описание

Heap buffer overflow in the TFTP protocol handler in cURL 7.19.4 to 7.65.3.

Затронутые продукты
Container suse/sles12sp4:latest:libcurl4-7.60.0-4.9.1
SUSE Linux Enterprise Desktop 12 SP4:curl-7.60.0-4.9.1
SUSE Linux Enterprise Desktop 12 SP4:libcurl4-32bit-7.60.0-4.9.1
SUSE Linux Enterprise Desktop 12 SP4:libcurl4-7.60.0-4.9.1
Ссылки