Synopsis: Moderate: curl security, bug fix, and enhancement update
Advisory ID: SLSA-2017:2016-1
Issue Date: 2017-08-01
CVE Numbers: CVE-2016-7167
—
Security Fix(es):
* Multiple integer overflow flaws leading to heap-based buffer overflows
were found in the way curl handled escaping and unescaping of data. An
attacker could potentially use these flaws to crash an application using
libcurl by sending a specially crafted input to the affected libcurl
functions. (CVE-2016-7167)
—
SL7
x86_64
curl-7.29.0-42.el7.x86_64.rpm
curl-debuginfo-7.29.0-42.el7.i686.rpm
curl-debuginfo-7.29.0-42.el7.x86_64.rpm
libcurl-7.29.0-42.el7.i686.rpm
libcurl-7.29.0-42.el7.x86_64.rpm
libcurl-devel-7.29.0-42.el7.i686.rpm
libcurl-devel-7.29.0-42.el7.x86_64.rpm
– Scientific Linux Development Team
