Overview

File _patchinfo of Package patchinfo.9112

<patchinfo incident="9112">
  <issue tracker="bnc" id="1112758">VUL-0: CVE-2018-16839: curl: SASL password overflow via integer overflow</issue>
  <issue tracker="bnc" id="1113660">VUL-0: CVE-2018-16842: curl: warning message out-of-buffer read</issue>
  <issue tracker="cve" id="2018-16842"/>
  <issue tracker="cve" id="2018-16840"/>
  <category>security</category>
  <rating>moderate</rating>
  <packager>pmonrealgonzalez</packager>
  <description>This update for curl fixes the following issues:

- CVE-2018-16840: A use after free in closing SASL handles was fixed (bsc#1112758)
- CVE-2018-16842: A Out-of-bounds Read in tool_msgs.c was fixed which could lead to crashes (bsc#1113660)

This update was imported from the SUSE:SLE-12:Update update project.</description>
  <summary>Security update for curl</summary>
</patchinfo>
openSUSE Build Service is sponsored by
Places