MGASA-2013-0188

See a problem?
Please try reporting it to the source first.

Source

https://advisories.mageia.org/MGASA-2013-0188.html

Import Source

https://advisories.mageia.org/MGASA-2013-0188.json

JSON Data

https://api.test.osv.dev/v1/vulns/MGASA-2013-0188

Related

CVE-2013-2174

Published

2013-06-26T18:44:41Z

Modified

2013-06-26T18:44:34Z

Summary

Updated curl packages fix CVE-2013-2174

Details

libcurl is vulnerable to a case of bad checking of the input data which may lead to heap corruption. The function curleasyunescape() decodes URL encoded strings to raw binary data. URL encoded octets are represented with %HH combinations where HH is a two-digit hexadecimal number. The decoded string is written to an allocated memory area that the function returns to the caller (CVE-2013-2174)

References

Credits

- Mageia - COORDINATOR
- - https://wiki.mageia.org/en/Packages_Security_Team

Affected packages

Mageia:2 / curl

Package

Name: curl
Purl: pkg:rpm/mageia/curl?distro=mageia-2

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

7.24.0-1.2.mga2

Ecosystem specific

{
    "section": "core"
}

Mageia:3 / curl

Package

Name: curl
Purl: pkg:rpm/mageia/curl?distro=mageia-3

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

7.28.1-6.1.mga3

Ecosystem specific

{
    "section": "core"
}