Red Hat Security Advisory 2018-3558-01 - The Apache HTTP Server is a powerful, efficient, and extensible web server. The httpd24 packages provide a recent stable release of version 2.4 of the Apache HTTP Server, along with the mod_auth_kerb module. Issues addressed include buffer overflow, bypass, denial of service, heap overflow, null pointer, out of bounds write, and use-after-free vulnerabilities.
4abdca181cc67933f360c5393ddadd7197a24c99bd7985727a9e00a4d0cad5b6
Gentoo Linux Security Advisory 201701-47 - Multiple vulnerabilities have been found in cURL, the worst of which could allow remote attackers to execute arbitrary code. Versions less than 7.52.1 are affected.
ed17dde2328ade9790f91afaff126cf8be5cf927530ff9055acf129e816be470
Apple Security Advisory 2016-12-13-1 - macOS 10.12.2 is now available and addresses arbitrary code execution, denial of service, and various other vulnerabilities.
68bf50743be919151d9547b2351d633298a9bfe57d7160fac7541f89315f5b98
Ubuntu Security Notice 3048-1 - Bru Rom discovered that curl incorrectly handled client certificates when resuming a TLS session. It was discovered that curl incorrectly handled client certificates when reusing TLS connections. Marcelo Echeverria and Fernando Munoz discovered that curl incorrectly reused a connection struct, contrary to expectations. This issue only applied to Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. Various other issues were also addressed.
8ee3fb48b7adc731def079b1e3c45d9ade172bb87d565756b2eb899f2c16762d
Slackware Security Advisory - New curl packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, 14.2, and -current to fix security issues.
5693aa89ea5da65762d9d22ad391e75c64eb5a352d4ed11267605e036c849f0d
Debian Linux Security Advisory 3638-1 - Several vulnerabilities were discovered in cURL, an URL transfer library.
e04de6812e9e2686a674a0315737bd48ecc81989e51936268323bf64692a8bcc