[SECURITY] [DLA 1143-1] curl security update

To: debian-lts-announce@lists.debian.org
Subject: [SECURITY] [DLA 1143-1] curl security update
From: Thorsten Alteholz <debian@alteholz.de>
Date: Tue, 24 Oct 2017 22:38:14 +0200 (CEST)
Message-id: <[🔎] alpine.DEB.2.02.1710242234200.24135@jupiter.server.alteholz.net>
Mail-followup-to: debian-lts@lists.debian.org
Reply-to: debian-lts@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Package        : curl
Version        : 7.26.0-1+wheezy22
CVE ID         : CVE-2017-1000257

Brian Carpenter, Geeknik Labs, 0xd34db347, and independently reported bythe OSS-Fuzz project, detected a out of bounds read during IMAP FETCHresponse.


For Debian 7 "Wheezy", this problem has been fixed in version
7.26.0-1+wheezy22.

We recommend that you upgrade your curl packages.

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iQJ8BAEBCgBmBQJZ76S3XxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w
ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXQ2MjAxRkJGRkRCQkRFMDc4MjJFQUJCOTY5
NkZDQUMwRDM4N0I1ODQ3AAoJEJb8rA04e1hH7DIQAJgrtl76JcsSu7VhKUTk+Ea9
uua8nU3ZLGHSwKlxkWcEgDhfz03kkgNPKWUYr7D+btbDucgnDQ2irub16s6neMAZ
LVbwiK3ObHcYc8iJNyJjFGuMVkCBOui3pCZcDw5gcXjE/DCFeMXFyqszcaD4N2ir
/5/3tOrkY+OeBRkKxkEnxlyfGkJL2ZtyqDmn5F/RWC9NkJCbAlwrpMJvRtRMoDli
dpWGGcNtVBJ8+6EJ+cYLVUzFq45HgrxIHvywlnIM7JHjj9xyHuXwIrOtrnV3POdn
a+gcZbHoJe7e6NNiZhlWGh00T4NSGYhuBjxXkNfZSjJ10sXLuKsKYfgYqy2zPQwk
ZNRlnTfA3dXJr5wKn0g32d4r92v92QhLkYHgDUFpIhAxL9pRO3P31ihfezD9PF2U
IKOeW3DKB+WgJQOMajeiUJugYIlU32cx76KkM0Ksp61Ivt/vZ/W7mF+1exV32qLp
VOrnJ/cOjsgbz1I7YlCuMcrWnTi/PfoNYHh7N1K62AsL7MAernVd6xDm6Anj4a+V
A8HSCHYrk0Da794eV64mK3ANN1/gTn5oRkBF6ebEv5/IYxDBSYwJVyr2UNFb79Ey
/K4itnE5zZ9VnGtnhz0rHWqn/AN6nvWHm65UKehgU38WrzyvuZEolz7pmod3lzva
A3sdb4ODvyRGeSeBisgF
=484g
-----END PGP SIGNATURE-----

Reply to:

Prev by Date: [SECURITY] [DLA 1142-1] libav security update
Next by Date: [SECURITY] [DLA 1146-1] mosquitto security update
Previous by thread: [SECURITY] [DLA 1142-1] libav security update
Next by thread: [SECURITY] [DLA 1146-1] mosquitto security update
Index(es):
- Date
- Thread