TSEC NEWS: 06.05.21 Cron-Job Fehlerhaft nach PHP Update + PWA mobile + Desktop / 04.05.21 - Android App von TSECURITY 28.04.21 - NEUER SERVER // 26.04.21 ++ Download the Electron-App für tsecurity.de // Über 550 Feed-Quellen


❈ haxx.se cURL 7.26.0/7.27.0/7.28.0/7.28.1 lib/curl_sasl.c Curl_sasl_create_digest_md5_message memory corruption

Sicherheitslücken / Exploits vuldb.com

A vulnerability was found in haxx.se cURL 7.26.0/7.27.0/7.28.0/7.28.1 (Network Utility Software). It has been declared as very critical. Affected by this vulnerability is the function Curl_sasl_create_digest_md5_message of the file lib/curl_sasl.c. Upgrading to version 7.29.0 eliminates this vulnerability. The upgrade is hosted for download at curl.haxx.se. Applying a patch is able to eliminate this problem. The bugfix is ready for download at curl.haxx.se. The best possible mitigation is suggested to be upgrading to the latest version. A possible mitigation has been published immediately after the disclosure of the vulnerability....


Kompletten Artikel lesen (externe Quelle: https://vuldb.com/?id.7621)

Zur Startseite

➤ Weitere Beiträge von Team Security | IT Sicherheit (tsecurity.de)

warning: file /usr/lib/node_modules/npm/scripts/index-build.js: remove failed: No such file or directory warning: file

vom 1696.38 Punkte
Hello everyone , I have to update amazon linux server for partners, I encounter many warnings that there are no files or folders in nodejs like this, will it affect the system? , I think yum update has this warning because it didn't have any files or folde

Some of these libraries may not be found correctly (Anaconda the cause here?)

vom 460.33 Punkte
Does anyone have experience with this kind of error when installing a QT application? My guess is, anaconda has something to do with it in the present case. I am thankful for any help. aking package: lightly-qt 0.4-1 (Mon 08 Feb 2021 10:05:23 CET) ==&g

USN-3123-1: curl vulnerabilities

vom 440.22 Punkte
Ubuntu Security Notice USN-3123-1 3rd November, 2016 curl vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 16.10 Ubuntu 16.04 LTS Ubuntu 14.04 LTS Ubuntu 12.04 LTS Summary Several secu

USN-3123-1: curl vulnerabilities

vom 440.22 Punkte
Ubuntu Security Notice USN-3123-1 3rd November, 2016 curl vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 16.10 Ubuntu 16.04 LTS Ubuntu 14.04 LTS Ubuntu 12.04 LTS Summary Several secu

cURL bis 7.54.1 URL Globbing Heap-based Information Disclosure

vom 428.78 Punkte
Eine problematische Schwachstelle wurde in cURL bis 7.54.1 entdeckt. Hierbei geht es um eine unbekannte Funktion der Komponente URL Globbing. Durch die Manipulation mit der Eingabe http://ur%20[0-60000000000000000000 kann eine Information Disclosure-S

USN-3498-1: curl vulnerabilities

vom 396.86 Punkte
Ubuntu Security Notice USN-3498-1 29th November, 2017 curl vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 17.10 Ubuntu 17.04 Ubuntu 16.04 LTS Ubuntu 14.04 LTS Summary Several security issues w

USN-4402-1: curl vulnerabilities

vom 396.86 Punkte
curl vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 20.04 LTS Ubuntu 19.10 Ubuntu 18.04 LTS Ubuntu 16.04 LTS Ubuntu 14.04 ESM Ubuntu 12.04 ESM Summary Several security issues were fixed in curl. Soft

USN-3457-1: curl vulnerability

vom 378.82 Punkte
Ubuntu Security Notice USN-3457-1 23rd October, 2017 curl vulnerability A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 17.10 Ubuntu 17.04 Ubuntu 16.04 LTS Ubuntu 14.04 LTS Summary curl could be made to cra

curl: Parallel upload hangs curl if upload file not found

vom 378.82 Punkte
Attempting to upload (-T) a not found file with parallel (-Z) flag present, will cause curl to get stuck and never terminate, potentially stalling scripts that make use of this particular flags. curl -T blabla-notexists -Z upload.example.com www.google.

haxx.se cURL bis 7.48.0 mbedTLS/PolarSSL lib/vtls/mbedtls.c sslsethostname() Spoofing

vom 371.24 Punkte
Eine Schwachstelle wurde in haxx.se cURL bis 7.48.0 entdeckt. Sie wurde als kritisch eingestuft. Davon betroffen ist die Funktion sslsethostname() der Bibliothek lib/vtls/mbedtls.c der Komponente mbedTLS/PolarSSL. Durch das Manipulieren mit einer unbeka

haxx.se cURL bis 7.48.0 mbedTLS/PolarSSL lib/vtls/mbedtls.c sslsethostname() Spoofing

vom 371.24 Punkte
Eine Schwachstelle wurde in haxx.se cURL bis 7.48.0 entdeckt. Sie wurde als kritisch eingestuft. Davon betroffen ist die Funktion sslsethostname() der Bibliothek lib/vtls/mbedtls.c der Komponente mbedTLS/PolarSSL. Durch das Manipulieren mit einer unbeka

USN-3441-1: curl vulnerabilities

vom 368.06 Punkte
Ubuntu Security Notice USN-3441-1 10th October, 2017 curl vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 17.04 Ubuntu 16.04 LTS Ubuntu 14.04 LTS Summary Several security issues were fixed

Team Security Diskussion über haxx.se cURL 7.26.0/7.27.0/7.28.0/7.28.1 lib/curl_sasl.c Curl_sasl_create_digest_md5_message memory corruption