SUSE-SU-2017:1042-1 -- SLES curl, libcurl4ID: oval:org.secpod.oval:def:89044855 | Date: (C)2021-07-20 (M)2022-10-10 |
Class: PATCH | Family: unix |
This update for curl fixes the following issues: Security issue fixed: - CVE-2016-9586: libcurl printf floating point buffer overflow - CVE-2017-7407: The ourWriteOut function in tool_writeout.c in curl might have allowed physically proximate attackers to obtain sensitive information from process memory in opportunistic circumstances by reading a workstation screen during use of a --write-out argument ending in a "%" character, which lead to a heap-based buffer over-read . With this release new default ciphers are active .
Platform: |
SUSE Linux Enterprise Server 12 SP2 |