From e23cdda4dbb0c83b9e682ab5e916085a35203da5 Mon Sep 17 00:00:00 2001 From: V3n3RiX Date: Sat, 23 Jun 2018 07:00:28 +0100 Subject: gentoo resync : 23.06.2018 --- metadata/glsa/glsa-201806-05.xml | 53 ++++++++++++++++++++++++++++++++++++++++ 1 file changed, 53 insertions(+) create mode 100644 metadata/glsa/glsa-201806-05.xml (limited to 'metadata/glsa/glsa-201806-05.xml') diff --git a/metadata/glsa/glsa-201806-05.xml b/metadata/glsa/glsa-201806-05.xml new file mode 100644 index 000000000000..a0b0fb5a36c9 --- /dev/null +++ b/metadata/glsa/glsa-201806-05.xml @@ -0,0 +1,53 @@ + + + + cURL: Multiple vulnerabilities + Multiple vulnerabilities have been found in cURL, the worst of + which could result in a Denial of Service condition. + + curl + 2018-06-19 + 2018-06-19 + 655266 + remote + + + 7.60.0 + 7.60.0 + + + +

A command line tool and library for transferring data with URLs.

+ + +

Multiple vulnerabilities have been discovered in cURL. Please review the + CVE identifiers referenced below for details. +

+ + +

Remote attackers could cause a Denial of Service condition, obtain + sensitive information, or have other unspecified impacts. +

+ + +

There is no known workaround at this time.

+ + +

All cURL users should upgrade to the latest version:

+ + + # emerge --sync + # emerge --ask --oneshot --verbose ">=net-misc/curl-7.60.0" + + + + + CVE-2018-1000300 + + + CVE-2018-1000301 + + + b-man + b-man + -- cgit v1.2.3