Overview

File _patchinfo of Package patchinfo.9201

<patchinfo incident="9201">
  <issue tracker="bnc" id="1113660">VUL-0: EMBARGOED: CVE-2018-16842: curl: warning message out-of-buffer read</issue>
  <issue tracker="bnc" id="1112758">VUL-0: EMBARGOED: CVE-2018-16839: curl: SASL password overflow via integer overflow</issue>
  <issue tracker="cve" id="2018-16840"/>
  <issue tracker="cve" id="2018-16839"/>
  <issue tracker="cve" id="2018-16842"/>
  <category>security</category>
  <rating>moderate</rating>
  <packager>pmonrealgonzalez</packager>
  <description>This update for curl fixes the following issues:

- CVE-2018-16839: A SASL password overflow via integer overflow was fixed which could lead to crashes (bsc#1112758)
- CVE-2018-16840: A use-after-free in SASL handle close was fixed which could lead to crashes (bsc#1112758)
- CVE-2018-16842: A Out-of-bounds Read in tool_msgs.c was fixed which could lead to crashes (bsc#1113660)

</description>
  <summary>Security update for curl</summary>
</patchinfo>
openSUSE Build Service is sponsored by
Places