3 matches found
Security update for curl (moderate)
This update for curl fixes several issues: Security issues fixed: - CVE-2018-1000301: Fixed a RTSP bad headers buffer over-read could crash the curl client bsc1092098 Non security issues fixed: - If the DEFAULTSUSE cipher list is not available use the HIGH cipher alias before failing. bsc1086825...
SUSE-SU-2018:1327-1 Security update for curl
This update for curl fixes several issues: Security issues fixed: - CVE-2018-1000301: Fixed a RTSP bad headers buffer over-read could crash the curl client bsc1092098 Non security issues fixed: - If the DEFAULTSUSE cipher list is not available use the HIGH cipher alias before failing. bsc1086825...
CURL-CVE-2018-1000122 RTSP RTP buffer over-read
curl can be tricked into copying data beyond end of its heap based buffer. When asked to transfer an RTSP URL, curl could calculate a wrong data length to copy from the read buffer. The memcpy call would copy data from the heap following the buffer to a storage area that would subsequently be...