FreeBSD Security Advisory - A programming error allows an attacker who can specify a URL with a username and/or password components to overflow libfetch(3) buffers. An attacker in control of the URL to be fetched (possibly via HTTP redirect) may cause a heap buffer overflow, resulting in program misbehavior or malicious code execution.
58eb688b18a5f5586d60c4a6d426da578c845550c391c45bbf4d3e093091639e