Red Hat Security Advisory 2018-3558-01 - The Apache HTTP Server is a powerful, efficient, and extensible web server. The httpd24 packages provide a recent stable release of version 2.4 of the Apache HTTP Server, along with the mod_auth_kerb module. Issues addressed include buffer overflow, bypass, denial of service, heap overflow, null pointer, out of bounds write, and use-after-free vulnerabilities.
4abdca181cc67933f360c5393ddadd7197a24c99bd7985727a9e00a4d0cad5b6
Gentoo Linux Security Advisory 201712-4 - Multiple vulnerabilities have been found in cURL, the worst of which may allow execution of arbitrary code. Versions less than 7.57.0 are affected.
597b708be3f8393ef070dd7b2ba23730c0c91e9c3cab36fa3d956ca7f5c01a08
Debian Linux Security Advisory 4051-1 - Two vulnerabilities were discovered in cURL, an URL transfer library.
abf8f2192ee54bd891f3a491928912c1fd8e425aa2cf0c71f3258482af29ea8c
Ubuntu Security Notice 3498-1 - Alex Nichols discovered that curl incorrectly handled NTLM authentication credentials. A remote attacker could use this issue to cause curl to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 16.04 LTS, Ubuntu 17.04 and Ubuntu 17.10. It was discovered that curl incorrectly handled FTP wildcard matching. A remote attacker could use this issue to cause curl to crash, resulting in a denial of service, or possibly obtain sensitive information. Various other issues were also addressed.
650767a44353568490e38105acd3e0afe1602b6c2b58241f68d62f5dae049444