RHSA-2019:3701-01 -- Redhat curlID: oval:org.secpod.oval:def:503382 | Date: (C)2019-11-07 (M)2022-07-06 |
Class: PATCH | Family: unix |
The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP. Security Fix: * curl: NTLM type-2 heap out-of-bounds buffer read * wget: Information exposure in set_file_metadata function in xattr.c * curl: NTLMv2 type-3 header stack buffer overflow * curl: SMTP end-of-response out-of-bounds read For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.1 Release Notes linked from the References section.
Platform: |
Red Hat Enterprise Linux 8 |