[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[SECURITY] [DLA 1062-1] curl security update



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Package        : curl
Version        : 7.26.0-1+wheezy20
CVE ID         : CVE-2017-1000100


CVE-2017-1000100
     Wrong handling of very long filenames during TFTP might result in
     curl sending more than buffer size.


For Debian 7 "Wheezy", this problem has been fixed in version
7.26.0-1+wheezy20.

We recommend that you upgrade your curl packages.

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iQJ8BAEBCgBmBQJZmb1dXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w
ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXQ2MjAxRkJGRkRCQkRFMDc4MjJFQUJCOTY5
NkZDQUMwRDM4N0I1ODQ3AAoJEJb8rA04e1hHsfgP/0SfvCNAD8iNfT1WCJReu+s+
ufcmXAfxCKr5QIHYkSSjdcEUEOEjv4JBL30Xj8TtUDZ/le9FZbHwYq9uBV/tWlSe
0hF6x/eWXCMoKweg6S8PmO/AzUMQj58+pzX1cgq7Ikf4ajp59XPS+nIEswwWhuW8
OnI3vIAiK/njd7PuBjCJdbqHs3cIC3jVZD6JQzLAtxEf2EtDDx7eMcDfddjXXlOs
NK0MslMowSwMxnrFWaStp6hnCP7k1fYx86suuABfdmBPyLhSYRilUDEcM6MAVu4e
yL4H+HjqsjInamjO05SXW3a8NwUBwIVefKJkO3JrEChsJwzdrS8I6PvCjLKbqjCU
IZ1GbpLOjjRAiuIzP1wiHYVIZeyX4EUbMuLLMxSj0blhGZTLgjPv9dh9pR7gBC4+
ANB+uULRZffhuTdFhnj/YHlzC4/3bYkVdSoEu7m/8eQoQEU3odqG2ifqje6/or62
ri8QwyRop/4BRFqnfq5plhqFcTCJ5AxwBgysMnzQJmnnba13PXjAPw9BdwiWmOOE
WJ+Mugs09lFUdBhcFKJjXMbbQeUQSVW9mu2FzhGmNQL85Hop6vOb8heqfeBoc9/D
0iuXSlg4WRMpa2PtFFtlSraK6/xVkdhDlfCp0RBm+LKHYk3gXrgS4+ZtWHddNrw9
5nqXG/F3CfdYWQA6CVKY
=02kK
-----END PGP SIGNATURE-----


Reply to: