Joined: 12 May 2004
|Posted: Mon Sep 18, 2017 4:26 am Post subject: [ GLSA 201709-14 ] cURL
|Gentoo Linux Security Advisory
Title: cURL: Multiple vulnerabilities (GLSA 201709-14)
Bug(s): #615870, #615994, #626776
Multiple vulnerabilities have been found in cURL, the worst of
which may allow attackers to bypass intended restrictions.
cURL is a tool and libcurl is a library for transferring data with URL
Vulnerable: < 7.55.1
Unaffected: >= 7.55.1
Architectures: All supported architectures
Multiple vulnerabilities have been discovered in cURL. Please review the
CVE identifiers referenced below for details.
Remote attackers could cause a Denial of Service condition, obtain
sensitive information, or bypass intended restrictions for TLS sessions.
There is no known workaround at this time.
All cURL users should upgrade to the latest version:
|# emerge --sync
# emerge --ask --oneshot --verbose ">=net-misc/curl-7.55.1"
Last edited by GLSA on Fri Sep 29, 2017 4:17 am; edited 1 time in total