Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-12-SP1:Update
patchinfo.3419
_patchinfo
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File _patchinfo of Package patchinfo.3419
<patchinfo incident="3419"> <issue id="1005646" tracker="bnc">VUL-0: CVE-2016-8624: curl: invalid URL parsing with '#'</issue> <issue id="1005645" tracker="bnc">VUL-0: CVE-2016-8623: curl: Use-after-free via shared cookies</issue> <issue id="1005643" tracker="bnc">VUL-0: CVE-2016-8622: curl: URL unescape heap overflow via integer truncation</issue> <issue id="1005642" tracker="bnc">VUL-0: CVE-2016-8621: curl: curl_getdate read out of bounds</issue> <issue id="1005640" tracker="bnc">VUL-0: CVE-2016-8620: curl: glob parser write/read out of bounds</issue> <issue id="1005633" tracker="bnc">VUL-0: CVE-2016-8615: curl: cookie injection for other servers</issue> <issue id="998760" tracker="bnc">VUL-1: CVE-2016-7167: curl: escape and unescape integer overflows</issue> <issue id="1005634" tracker="bnc">VUL-1: CVE-2016-8616: curl: case insensitive password comparison</issue> <issue id="1005635" tracker="bnc">VUL-0: CVE-2016-8617: curl: OOB write via unchecked multiplication</issue> <issue id="1005638" tracker="bnc">VUL-0: CVE-2016-8619: curl: double-free in krb5 code</issue> <issue id="1005637" tracker="bnc">VUL-0: CVE-2016-8618: curl: double-free in curl_maprintf</issue> <issue id="2016-8618" tracker="cve" /> <issue id="2016-8619" tracker="cve" /> <issue id="2016-7167" tracker="cve" /> <issue id="2016-8615" tracker="cve" /> <issue id="2016-8616" tracker="cve" /> <issue id="2016-8617" tracker="cve" /> <issue id="2016-8621" tracker="cve" /> <issue id="2016-8620" tracker="cve" /> <issue id="2016-8623" tracker="cve" /> <issue id="2016-8622" tracker="cve" /> <issue id="2016-8624" tracker="cve" /> <category>security</category> <rating>important</rating> <packager>vitezslav_cizek</packager> <description>This update for curl fixes the following security issues: - CVE-2016-8624: invalid URL parsing with '#' (bsc#1005646) - CVE-2016-8623: Use-after-free via shared cookies (bsc#1005645) - CVE-2016-8622: URL unescape heap overflow via integer truncation (bsc#1005643) - CVE-2016-8621: curl_getdate read out of bounds (bsc#1005642) - CVE-2016-8620: glob parser write/read out of bounds (bsc#1005640) - CVE-2016-8619: double-free in krb5 code (bsc#1005638) - CVE-2016-8618: double-free in curl_maprintf (bsc#1005637) - CVE-2016-8617: OOB write via unchecked multiplication (bsc#1005635) - CVE-2016-8616: case insensitive password comparison (bsc#1005634) - CVE-2016-8615: cookie injection for other servers (bsc#1005633) - CVE-2016-7167: escape and unescape integer overflows (bsc#998760) </description> <summary>Security update for curl</summary> </patchinfo>
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor