Security update for curl
This update for curl fixes the following issues:
- CVE-2018-16839: A SASL password overflow via integer overflow was fixed which could lead to crashes (bsc#1112758)
- CVE-2018-16840: A use-after-free in SASL handle close was fixed which could lead to crashes (bsc#1112758)
- CVE-2018-16842: A Out-of-bounds Read in tool_msgs.c was fixed which could lead to crashes (bsc#1113660)
This update was imported from the SUSE:SLE-15:Update update project.
-
Submitted by
Pedro Monreal Gonzalez (pmonrealgonzalez)
Fixed bugs
bnc#1113660
VUL-0: EMBARGOED: CVE-2018-16842: curl: warning message out-of-buffer read
bnc#1112758
VUL-0: EMBARGOED: CVE-2018-16839: curl: SASL password overflow via integer overflow
