I
Inessa Atmachian
Guest
New updated EasyApache 4 packages are now available for download from our updates-testing repository.
Changelog:
ea-libcurl-7.62.0-1.cloudlinux
- EA-7978 - Update libcURL to 7.62.0 for CVEs DONE
- curl - SASL password overflow via integer overflow - CVE-2018-16839;
- libcurl contains a buffer overrun in the SASL authentication code.
- curl - use-after-free in handle close - CVE-2018-16840;
- libcurl contains a heap use-after-free flaw in code related to closing an easy handle.
- curl - warning message out-of-buffer read - CVE-2018-16842;
- curl contains a heap out of buffer read vulnerability.
Update command:
yum update ea-libcurl --enablerepo=cl-ea4-testing
Continue reading...