ALAS-2016-766 ---- curl, libcurlID: oval:org.secpod.oval:def:1600469 | Date: (C)2016-11-11 (M)2023-12-20 |
Class: PATCH | Family: unix |
This build resolves the following issues:CVE-2016-8615 : Cookie injection for other serversCVE-2016-8616 : Case insensitive password comparisonCVE-2016-8617 : Out-of-bounds write via unchecked multiplicationCVE-2016-8618 : Double-free in curl_maprintfCVE-2016-8619 : Double-free in krb5 codeCVE-2016-8620 : Glob parser write/read out of boundsCVE-2016-8621 : curl_getdate out-of-bounds readCVE-2016-8622 : URL unescape heap overflow via integer truncationCVE-2016-8623 : Use-after-free via shared cookiesCVE-2016-8624 : Invalid URL parsing with "#"
Platform: |
Amazon Linux AMI |