-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Package : curl Version : 7.26.0-1+wheezy21 CVE ID : CVE-2017-1000254 Debian Bug : #877671
It was discovered that there was a out-of-bounds read vulnerability in curl, a command-line and library for transferring data over HTTP/FTP, etc. A malicious FTP server could abuse this to prevent curl-based clients from interacting with it. See <https://curl.haxx.se/docs/adv_20171004.html> for more details. For Debian 7 "Wheezy", this issue has been fixed in curl version 7.26.0-1+wheezy21. We recommend that you upgrade your curl packages. Regards, - -- ,''`. : :' : Chris Lamb `. `'` [email protected] / chris-lamb.co.uk `- -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEwv5L0nHBObhsUz5GHpU+J9QxHlgFAlnV/aIACgkQHpU+J9Qx HlinDhAAgZHw6fxWNbggvnup3kL0eYm1tk5QHnONmUj0D8zplQGuQIJbYJ9vaSsv wC8AWXRNqEkL6yxlpKjigHHIgyG+HnahYfWqokGpKNQbFZyYNxFCup2C/YHTuW1A kSgNZiLmdBmjA6MMB5d/Tz5bVKKJuzxqHV3skZn2g8ha/AWIJCJqneSg+EIIl+jK 45uiBxiV75ktqZ8t35w5i7THbyYFsleF/FdklxtaUuOkvBy6ZqczLKtfhpBkO383 xMw/yuAms6q7hl9eXU4jgrVDv9+JjceCeAHIJybPyE1HMSrNvMAhHfPcm+GFJezh R5SBSrSExy9xpwLPGi72Wefd/n7SJ/Gnjc/mtX5NXFWDW35VWbBTsuFLajWFFABC 0kG+ldhIF6d07Zw/+BusgIvifGnAF32GJxVmjv2AfdLu/8hobRgQGmz4+KUxqSB7 kDRzT8Pq4Y0te37f5ap0wMs9Fzy8nrOfdedrhLJ/tmgxojIukBv7tK7RnrRNR4P3 rm0Geor3D+0C3tXx3KxYRT42008i99DVnKEXf6SI8nrAy5q7VOuUki3t8PXH6Fpy OP2U90i8gzx+4tIT+EI8QMWy5IzoXCb5UWaAcbYDYTJiYa5UIAHyp09oi5ph3fUQ 3iYby9L9qVe40rhrUCKWdgIQO+WxHOILVCoBh4xcx08osfNGvXY= =3bjm -----END PGP SIGNATURE-----
