Ops One AG platform status and maintenance announcements. Times are indicated in local Swiss time. https://opsone.ch/.

Friday 1st December 2017

Debian 7 Updates: curl libcurl3, scheduled 7 years ago

Package : curl
Version : 7.26.0-1+wheezy23
CVE ID : CVE-2017-8817

CVE-2017-8817

Fuzzing by the OSS-Fuzz project led to the discovery of a read out of
bounds flaw in the FTP wildcard function in libcurl. A malicious
server could redirect a libcurl-based client to an URL using a
wildcard pattern, triggering the out-of-bound read.