Oval Definition:	oval:com.redhat.rhsa:def:20172016
Revision Date: 2017-08-01 Version: 637 Title: RHSA-2017:2016: curl security, bug fix, and enhancement update (Moderate) Description: The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP. Security Fix(es): Multiple integer overflow flaws leading to heap-based buffer overflows were found in the way curl handled escaping and unescaping of data. An attacker could potentially use these flaws to crash an application using libcurl by sending a specially crafted input to the affected libcurl functions. (CVE-2016-7167) Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.4 Release Notes linked from the References section. Family: unix Class: patch Status: Reference(s): CVE-2016-7167 RHSA-2017:2016 RHSA-2017:2016-01 Platform(s): Red Hat Enterprise Linux 7 Red Hat Enterprise Linux 7 (please do not use for >= RHEL-7.5) Product(s): Definition Synopsis Red Hat Enterprise Linux must be installed OR Package Information Red Hat Enterprise Linux 7 is installed AND curl is earlier than 0:7.29.0-42.el7 AND curl is signed with Red Hat redhatrelease2 key libcurl is earlier than 0:7.29.0-42.el7 AND libcurl is signed with Red Hat redhatrelease2 key libcurl-devel is earlier than 0:7.29.0-42.el7 AND libcurl-devel is signed with Red Hat redhatrelease2 key Definition Synopsis Release Information Red Hat Enterprise Linux 7 Client is installed OR Red Hat Enterprise Linux 7 Server is installed OR Red Hat Enterprise Linux 7 Workstation is installed OR Red Hat Enterprise Linux 7 ComputeNode is installed AND Package Information libcurl-devel is earlier than 0:7.29.0-42.el7 AND libcurl-devel is signed with Red Hat redhatrelease2 key OR curl is earlier than 0:7.29.0-42.el7 AND curl is signed with Red Hat redhatrelease2 key OR libcurl is earlier than 0:7.29.0-42.el7 AND libcurl is signed with Red Hat redhatrelease2 key
BACK