Dov Murik discovered that curl incorrectly handled parsing ASN.1 Generalized Time fields. A remote attacker could use this issue to cause curl to crash, resulting in a denial of service, or possibly obtain sensitive memory contents.
{ "availability": "No subscription required", "binaries": [ { "curl-dbgsym": "7.68.0-1ubuntu2.23", "curl": "7.68.0-1ubuntu2.23", "libcurl4": "7.68.0-1ubuntu2.23", "libcurl4-gnutls-dev": "7.68.0-1ubuntu2.23", "libcurl4-dbgsym": "7.68.0-1ubuntu2.23", "libcurl3-nss": "7.68.0-1ubuntu2.23", "libcurl4-doc": "7.68.0-1ubuntu2.23", "libcurl3-nss-dbgsym": "7.68.0-1ubuntu2.23", "libcurl3-gnutls": "7.68.0-1ubuntu2.23", "libcurl3-gnutls-dbgsym": "7.68.0-1ubuntu2.23", "libcurl4-openssl-dev": "7.68.0-1ubuntu2.23", "libcurl4-nss-dev": "7.68.0-1ubuntu2.23" } ] }
{ "availability": "No subscription required", "binaries": [ { "curl-dbgsym": "7.81.0-1ubuntu1.17", "curl": "7.81.0-1ubuntu1.17", "libcurl4": "7.81.0-1ubuntu1.17", "libcurl4-gnutls-dev": "7.81.0-1ubuntu1.17", "libcurl4-dbgsym": "7.81.0-1ubuntu1.17", "libcurl3-nss": "7.81.0-1ubuntu1.17", "libcurl4-doc": "7.81.0-1ubuntu1.17", "libcurl3-nss-dbgsym": "7.81.0-1ubuntu1.17", "libcurl3-gnutls": "7.81.0-1ubuntu1.17", "libcurl3-gnutls-dbgsym": "7.81.0-1ubuntu1.17", "libcurl4-openssl-dev": "7.81.0-1ubuntu1.17", "libcurl4-nss-dev": "7.81.0-1ubuntu1.17" } ] }
{ "availability": "No subscription required", "binaries": [ { "curl-dbgsym": "8.5.0-2ubuntu10.2", "curl": "8.5.0-2ubuntu10.2", "libcurl3t64-gnutls-dbgsym": "8.5.0-2ubuntu10.2", "libcurl4-gnutls-dev": "8.5.0-2ubuntu10.2", "libcurl4-doc": "8.5.0-2ubuntu10.2", "libcurl4t64": "8.5.0-2ubuntu10.2", "libcurl4-openssl-dev": "8.5.0-2ubuntu10.2", "libcurl4t64-dbgsym": "8.5.0-2ubuntu10.2", "libcurl3t64-gnutls": "8.5.0-2ubuntu10.2" } ] }