curl-7.29.0-57.el7
エラータID: AXSA:2020-4602:02
The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP.
Security Fix(es):
* curl: TFTP receive heap buffer overflow in tftp_receive_packet() function (CVE-2019-5436)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the Asianux Server 7.8 Release Notes linked from the References section.
CVE-2019-5436
A heap buffer overflow in the TFTP receiving code allows for DoS or arbitrary code execution in libcurl versions 7.19.4 through 7.64.1.
Update packages.
A heap buffer overflow in the TFTP receiving code allows for DoS or arbitrary code execution in libcurl versions 7.19.4 through 7.64.1.
N/A
SRPMS
- curl-7.29.0-57.el7.src.rpm
MD5: cec1003883a9f60c20af7ee78f523fe7
SHA-256: 1de5f1571f9b3f768f91cd6cc07c666e90f58d4f673ea9a9b5d1d327fb7c1e16
Size: 2.28 MB
Asianux Server 7 for x86_64
- curl-7.29.0-57.el7.x86_64.rpm
MD5: ee1a2c76ed4d5016bb920b381930fc0b
SHA-256: 12db98bc71f381dcd23d682d76822208fe6cd471ed3603025f0382d84cd75dd5
Size: 269.47 kB - libcurl-7.29.0-57.el7.x86_64.rpm
MD5: 88c622e7d27179a010ea5b736f8d42a4
SHA-256: b9c7d25a27d172bf6613496e0317bfffda5f709020c92c9e26782ae8e5e4d492
Size: 221.94 kB - libcurl-devel-7.29.0-57.el7.x86_64.rpm
MD5: ef15417e83386010ceca58e0fd9f8524
SHA-256: 0981d87d6c3548b99796ea29135a840159bc8ebac802f5833f66aeb1a1dbc9c9
Size: 301.79 kB - libcurl-7.29.0-57.el7.i686.rpm
MD5: 0f7fc5f111b6aef11ae75e97dbf9488e
SHA-256: b28799889adbaf17c735276b03c6827b62669ee21e804aa345eecb56545c3de6
Size: 224.57 kB - libcurl-devel-7.29.0-57.el7.i686.rpm
MD5: 838c1b72964ef0753726cb1afd2a9dae
SHA-256: 78467639d120c03a349ca9e64a166ba75316c644ae5d4aa85ade13f878a14942
Size: 301.86 kB
日本語