[SECURITY] [DLA 1121-1] curl security update
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Package : curl
Version : 7.26.0-1+wheezy21
CVE ID : CVE-2017-1000254
Debian Bug : #877671
It was discovered that there was a out-of-bounds read vulnerability in
curl, a command-line and library for transferring data over HTTP/FTP,
etc. A malicious FTP server could abuse this to prevent curl-based
clients from interacting with it.
See <https://curl.haxx.se/docs/adv_20171004.html> for more details.
For Debian 7 "Wheezy", this issue has been fixed in curl version
7.26.0-1+wheezy21.
We recommend that you upgrade your curl packages.
Regards,
- --
,''`.
: :' : Chris Lamb
`. `'` lamby@debian.org / chris-lamb.co.uk
`-
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEEwv5L0nHBObhsUz5GHpU+J9QxHlgFAlnV/aIACgkQHpU+J9Qx
HlinDhAAgZHw6fxWNbggvnup3kL0eYm1tk5QHnONmUj0D8zplQGuQIJbYJ9vaSsv
wC8AWXRNqEkL6yxlpKjigHHIgyG+HnahYfWqokGpKNQbFZyYNxFCup2C/YHTuW1A
kSgNZiLmdBmjA6MMB5d/Tz5bVKKJuzxqHV3skZn2g8ha/AWIJCJqneSg+EIIl+jK
45uiBxiV75ktqZ8t35w5i7THbyYFsleF/FdklxtaUuOkvBy6ZqczLKtfhpBkO383
xMw/yuAms6q7hl9eXU4jgrVDv9+JjceCeAHIJybPyE1HMSrNvMAhHfPcm+GFJezh
R5SBSrSExy9xpwLPGi72Wefd/n7SJ/Gnjc/mtX5NXFWDW35VWbBTsuFLajWFFABC
0kG+ldhIF6d07Zw/+BusgIvifGnAF32GJxVmjv2AfdLu/8hobRgQGmz4+KUxqSB7
kDRzT8Pq4Y0te37f5ap0wMs9Fzy8nrOfdedrhLJ/tmgxojIukBv7tK7RnrRNR4P3
rm0Geor3D+0C3tXx3KxYRT42008i99DVnKEXf6SI8nrAy5q7VOuUki3t8PXH6Fpy
OP2U90i8gzx+4tIT+EI8QMWy5IzoXCb5UWaAcbYDYTJiYa5UIAHyp09oi5ph3fUQ
3iYby9L9qVe40rhrUCKWdgIQO+WxHOILVCoBh4xcx08osfNGvXY=
=3bjm
-----END PGP SIGNATURE-----
Reply to: