NAS Posted October 22, 2016 Share Posted October 22, 2016 https://curl.haxx.se/mail/lib-2016-10/0076.html Bad timing since its so soon after 6.2.2 Quote Link to comment
NAS Posted November 4, 2016 Author Share Posted November 4, 2016 CVE-2016-8615: cookie injection for other servers CVE-2016-8616: case insensitive password comparison CVE-2016-8617: OOB write via unchecked multiplication CVE-2016-8618: double-free in curl_maprintf CVE-2016-8619: double-free in krb5 code CVE-2016-8620: glob parser write/read out of bounds CVE-2016-8621: curl_getdate read out of bounds CVE-2016-8622: URL unescape heap overflow via integer truncation CVE-2016-8623: Use-after-free via shared cookies CVE-2016-8624: invalid URL parsing with '#' CVE-2016-8625: IDNA 2003 makes curl use wrong host Quote Link to comment
limetech Posted November 6, 2016 Share Posted November 6, 2016 unRAID OS 6.2.4 has been released that updates this package. Quote Link to comment
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.