mirror of
https://github.com/PartialVolume/shredos.x86_64.git
synced 2026-02-28 05:22:12 +00:00
bf3476e5b1
CVE-2018-1000120: curl could be fooled into writing a zero byte out of bounds when curl is told to work on an FTP URL with the setting to only issue a single CWD command, if the directory part of the URL contains a "%00" sequence. https://curl.haxx.se/docs/adv_2018-9cd6.html CVE-2018-1000121: curl might dereference a near-NULL address when getting an LDAP URL. https://curl.haxx.se/docs/adv_2018-97a2.html CVE-2018-1000122: When asked to transfer an RTSP URL, curl could calculate a wrong data length to copy from the read buffer. https://curl.haxx.se/docs/adv_2018-b047.html Signed-off-by: Baruch Siach <baruch@tkos.co.il> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>