Debian Security Advisory 4286-1

Debian Security Advisory 4286-1: Posted Sep 6, 2018; Authored by Debian | Site debian.org; Debian Linux Security Advisory 4286-1 - Zhaoyang Wu discovered that cURL, an URL transfer library, contains a buffer overflow in the NTLM authentication code triggered by passwords that exceed 2GB in length on 32bit systems.; tags | advisory, overflow; systems | linux, debian; advisories | CVE-2018-14618; SHA-256 | bbcf61aaad1ed97d1ae1784f4ceeac29a2930166d62674c6c527d9a84a30d1db; Download | Favorite | View

Debian Security Advisory 4286-1

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-4286-1                   security@debian.org
https://www.debian.org/security/                       Alessandro Ghedini
September 05, 2018                    https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : curl
CVE ID         : CVE-2018-14618

Zhaoyang Wu discovered that cURL, an URL transfer library, contains a
buffer overflow in the NTLM authentication code triggered by passwords
that exceed 2GB in length on 32bit systems.

See https://curl.haxx.se/docs/CVE-2018-14618.html for more information.

For the stable distribution (stretch), this problem has been fixed in
version 7.52.1-5+deb9u7.

We recommend that you upgrade your curl packages.

For the detailed security status of curl please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/curl

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEBsId305pBx+F583DbwzL4CFiRygFAluQNvMACgkQbwzL4CFi
RygTog//QTj+fBPm49RW3szmgcyGwkh/kccOPSlTeuafg7mAX9pJRIqIE3AE1dNN
UJMYe09qYpN/mR2kewpeu8LOYBoJnjhBcrCtXv1Tz2RgLTbROqfAiOPGLkSSFM8O
Loor2LDpbcLIMPqYiYHmcEsTE+BJVmZ0rsyG77GaMoDP0juFfj1LM17JnQLSITVB
yggSYdfNkmJI91g08KdVEHkvxxHw1qR98zF8Ft0Z+vg6is11As1LF8O0UH9XYQym
7PWhRdO3hwYcsFqc+c/HEdM9cPxKMFHX1KCfGcW4VElmL2GSyBTWUvkoH9s2NvZF
IiRR5xJz8Z8Exdj/mWHGCn10ZT2QWvYljZpqCdXw4c5mxTnmCBIGJswq8Ds23iG+
xsI8l4RJfpIpku7gERgJX0jKmFWh4rmIdRwK50C39MCC1NgKDbH8NglKF6LzNBnz
QK7jDg/cKjZ0N2nMKXQUWPrzyE6WrbdwJy5V1yAPT7wGBlvC3NPOBxBkARxlEAv9
Qw0eZiPBSUNc+FGBEsTEH2PWcGwBN7FXHgzJ2JpUpIRB6pxYnI16gwJEgz2VLKLb
xJ//HtoJsm0wAiDtq9AvEkQANVDHb/p9+BYrJw+NMRTuUaJKVBKeuowFEm4aAJP5
Z84D9LjdILwEXoBkxgMwrzNuyuaryFq10XaazC/uUitn5guRtrY=mPG5
-----END PGP SIGNATURE-----

Top Authors In Last 30 Days

Red Hat 228 files
Ubuntu 55 files
Debian 27 files
LiquidWorm 11 files
Valentin Lobstein 11 files
nu11secur1ty 8 files
Google Security Research 6 files
Apple 6 files
Milad Karimi 5 files
Yevhenii Butenko 4 files

File Archives

Systems

AIX (429)
Apple (2,078)
BSD (376)
CentOS (58)
Cisco (1,927)
Debian (7,022)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,467)
HPUX (880)
iOS (373)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (49,333)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (488)
RedHat (15,578)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,460)
UNIX (9,394)
UnixWare (187)
Windows (6,650)
Other

Debian Security Advisory 4286-1

Debian Security Advisory 4286-1

File Archive:

April 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems

Debian Security Advisory 4286-1

Share This

Debian Security Advisory 4286-1

File Archive:

April 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems