openSUSE-SU-2019:1492-1

Опубликовано: 03 июн. 2019

Источник: suse-cvrf

Описание

Security update for curl

This update for curl fixes the following issues:

Security issue fixed:

CVE-2019-5436: Fixed a heap buffer overflow exists in tftp_receive_packet that receives data from a TFTP server (bsc#1135170).

This update was imported from the SUSE:SLE-12:Update update project.

curl-7.37.0-51.1

libcurl-devel-7.37.0-51.1

libcurl-devel-32bit-7.37.0-51.1

libcurl4-7.37.0-51.1

libcurl4-32bit-7.37.0-51.1

A heap buffer overflow in the TFTP receiving code allows for DoS or arbitrary code execution in libcurl versions 7.19.4 through 7.64.1.

openSUSE Leap 42.3:curl-7.37.0-51.1

openSUSE Leap 42.3:libcurl-devel-32bit-7.37.0-51.1

openSUSE Leap 42.3:libcurl-devel-7.37.0-51.1

openSUSE Leap 42.3:libcurl4-32bit-7.37.0-51.1