SUSE-SU-2016:2714-1 -- SLES curl, libcurl4ID: oval:org.secpod.oval:def:89045139 | Date: (C)2021-08-03 (M)2022-09-23 |
Class: PATCH | Family: unix |
This update for curl fixes the following security issues: - CVE-2016-8624: invalid URL parsing with "#" - CVE-2016-8623: Use-after-free via shared cookies - CVE-2016-8621: curl_getdate read out of bounds - CVE-2016-8619: double-free in krb5 code - CVE-2016-8618: double-free in curl_maprintf - CVE-2016-8617: OOB write via unchecked multiplication - CVE-2016-8616: case insensitive password comparison - CVE-2016-8615: cookie injection for other servers - CVE-2016-7167: escape and unescape integer overflows
Platform: |
SUSE Linux Enterprise Server 11 SP4 |