Red Hat Security Advisory 2020-1792-01 - The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP. Issues addressed include buffer overflow and double free vulnerabilities.
20b600d790458c00804e2e0e5e79fb431b6530c514226f9ef7831ef0c6983bd0
Gentoo Linux Security Advisory 202003-29 - Multiple vulnerabilities have been found in cURL, the worst of which may lead to arbitrary code execution. Versions less than 7.66.0 are affected.
fef8e9975eaf1e918590d39ea1374b905b707c00d050d8e4e1caaa4473ce5aab
Debian Linux Security Advisory 4633-1 - Multiple vulnerabilities were discovered in cURL, an URL transfer library.
b7f2ce0f1e8a86c966bfba98bf404e0b81f1d24285a3ca41d94c909e96c042ac
Slackware Security Advisory - New curl packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix security issues.
e664a293d86045c1062920c6af0cef870299e2bc60d2a2bf7b469b9cc6f4affa
Ubuntu Security Notice 4129-1 - Thomas Vegas discovered that curl incorrectly handled memory when using Kerberos over FTP. A remote attacker could use this issue to crash curl, resulting in a denial of service. Thomas Vegas discovered that curl incorrectly handled memory during TFTP transfers. A remote attacker could use this issue to crash curl, resulting in a denial of service, or possibly execute arbitrary code.
1581f612f00cdbf571020524a4448bbf2fc9aa6d7c264d8667d65ad2ee780ba6