Oval Definition:oval:org.opensuse.security:def:79752
Revision Date:2019-02-13Version:1
Title:Security update for curl (Important)
Description:

This update for curl fixes the following issues:

Security issues fixed:

- CVE-2019-3822: Fixed a NTLMv2 type-3 header stack buffer overflow (bsc#1123377). - CVE-2019-3823: Fixed an out-of-bounds read in the SMTP end-of-response (bsc#1123378). - CVE-2018-16890: Fixed an out-of-bounds buffer read in NTLM type2 (bsc#1123371). - CVE-2018-16842: Fixed an out-of-bounds read in tool_msgs.c (bsc#1113660). - CVE-2018-16840: Fixed a use-after-free in handle close (bsc#1113029). - CVE-2018-16839: Fixed an SASL password overflow caused by an integer overflow (bsc#1112758).

Family:unixClass:patch
Status:Reference(s):1112758
1113029
1113660
1123371
1123377
1123378
CVE-2018-16839
CVE-2018-16840
CVE-2018-16842
CVE-2018-16890
CVE-2019-3822
CVE-2019-3823
SUSE-SU-2019:0339-1
Platform(s):SUSE Linux Enterprise Desktop 12 SP4
Product(s):
Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP4 is installed
  • AND Package Information
  • curl-7.60.0-4.3.1 is installed
  • OR libcurl4-7.60.0-4.3.1 is installed
  • OR libcurl4-32bit-7.60.0-4.3.1 is installed
    • BACK