Oval Definition:oval:org.mitre.oval:def:6701
Revision Date:2014-06-23Version:20
Title:DSA-2023 curl -- buffer overflow
Description:Wesley Miaw discovered that libcurl, a multi-protocol file transfer library, is prone to a buffer overflow via the callback function when an application relies on libcurl to automatically uncompress data. Note that this only affects applications that trust libcurl’s maximum limit for a fixed buffer size and do not perform any sanity checks themselves.
Family:unixClass:patch
Status:ACCEPTEDReference(s):CVE-2010-0734
DSA-2023
Platform(s):Debian GNU/Linux 5.0
Product(s):curl
Definition Synopsis
  • Debian GNU/Linux 5.0 is installed
  • AND Supported architectures section
  • Installed architecture is amd64
  • OR Installed architecture is sparc
  • OR Installed architecture is powerpc
  • OR Installed architecture is i386
  • OR Installed architecture is armel
  • OR Installed architecture is alpha
  • OR Installed architecture is arm
  • AND Packages section
  • libcurl4-gnutls-dev is earlier than 7.18.2-8lenny4
  • OR libcurl4-openssl-dev is earlier than 7.18.2-8lenny4
  • OR libcurl3-gnutls is earlier than 7.18.2-8lenny4
  • OR libcurl3-dbg is earlier than 7.18.2-8lenny4
  • OR libcurl3 is earlier than 7.18.2-8lenny4
  • OR curl is earlier than 7.18.2-8lenny4
    • BACK