Summary: | <net-misc/curl-7.61.1: NTLM password overflow via integer overflow (CVE-2018-14618) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | GLSAMaker/CVETool Bot <glsamaker> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | blueness, luke |
Priority: | Normal | Flags: | stable-bot:
sanity-check+
|
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | A3 [glsa+ cve] | ||
Package list: |
net-misc/curl-7.61.1
|
Runtime testing required: | --- |
Bug Depends on: | 670026 | ||
Bug Blocks: |
Description
GLSAMaker/CVETool Bot
![]() curl-7.61.1.ebuild is in the tree and should be rapid stabilized. KEYWORDS="alpha amd64 arm arm64 hppa ia64 m68k ppc ppc64 s390 sh sparc x86" I guess the package list would be =net-misc/curl-7.61.1 then? amd64 stable sparc done. arm64 stable hppa stable ia64 stable ppc stable ppc64 stable x86 stable Done The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=6681b26b2091f8ea5414a03bf79d1459cc197c96 commit 6681b26b2091f8ea5414a03bf79d1459cc197c96 Author: Mikle Kolyada <zlogene@gentoo.org> AuthorDate: 2018-09-21 16:41:27 +0000 Commit: Mikle Kolyada <zlogene@gentoo.org> CommitDate: 2018-09-21 16:41:27 +0000 net-misc/curl: Security cleanup Bug: https://bugs.gentoo.org/665292 Bug: https://bugs.gentoo.org/660894 Package-Manager: Portage-2.3.49, Repoman-2.3.10 net-misc/curl/Manifest | 2 - net-misc/curl/curl-7.60.0-r1.ebuild | 247 ------------------------------------ net-misc/curl/curl-7.60.0.ebuild | 247 ------------------------------------ net-misc/curl/curl-7.61.0.ebuild | 247 ------------------------------------ 4 files changed, 743 deletions(-) This issue was resolved and addressed in GLSA 201903-03 at https://security.gentoo.org/glsa/201903-03 by GLSA coordinator Aaron Bauman (b-man). |