Red Hat Security Advisory 2017-0847-01 – The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP. Security Fix: It was found that the fix for CVE-2015-3148 in curl was incomplete. An application using libcurl with HTTP Negotiate authentication could incorrectly re-use credentials for subsequent requests to the same server.
All posts by 007admin
Debian Security Advisory 3798-2
Debian Linux Security Advisory 3798-2 – DSA-3798-1 for tnef introduced a regression that caused crashes on some attachments.
CVE-2014-9821
Heap-based buffer overflow in ImageMagick allows remote attackers to have unspecified impact via a crafted xpm file.
CVE-2014-9804
vision.c in ImageMagick allows remote attackers to cause a denial of service (infinite loop) via vectors related to “too many object.”
CVE-2014-9813
ImageMagick allows remote attackers to cause a denial of service (application crash) via a crafted viff file.
CVE-2014-9815
ImageMagick allows remote attackers to cause a denial of service (application crash) via a crafted wpg file.
CVE-2014-9806
ImageMagick allows remote attackers to cause a denial of service (file descriptor consumption) via a crafted file.
CVE-2014-9816
ImageMagick allows remote attackers to cause a denial of service (out-of-bounds access) via a crafted viff file.
CVE-2014-9808
ImageMagick allows remote attackers to cause a denial of service (segmentation fault and application crash) via a crafted dpc image.
CVE-2014-9805
ImageMagick allows remote attackers to cause a denial of service (segmentation fault and application crash) via a crafted pnm file.