AZL-38755 CVE-2022-35260 affecting package tensorflow for versions less than 2.16.1-1
curl can be told to parse a .netrc file for credentials. If that file endsin a line with 4095 consecutive non-white space letters and no newline, curlwould first read past the end of the stack-based buffer, and if the readworks, write a zero byte beyond its boundary.This will in most cases cause ...