Overview

File _patchinfo of Package patchinfo.7106

<patchinfo incident="7106">
  <issue id="1092098" tracker="bnc">VUL-0: EMBARGOED: CVE-2018-1000301: curl: RTSP bad headers buffer over-read</issue>
  <issue id="1086825" tracker="bnc">curl - softer cipher selection that DEFAULT_SUSE or FAIL</issue>
  <issue id="2018-1000301" tracker="cve"></issue>
  <category>security</category>
  <rating>moderate</rating>
  <packager>pmonrealgonzalez</packager>
  <description>This update for curl fixes several issues:

Security issues fixed:

- CVE-2018-1000301: Fixed a RTSP bad headers buffer over-read could crash the curl client (bsc#1092098)

Non security issues fixed:

- If the DEFAULT_SUSE cipher list is not available use the HIGH cipher alias before failing.
  (bsc#1086825)
</description>
  <summary>Security update for curl</summary>
</patchinfo>
openSUSE Build Service is sponsored by
Places