Ubuntu CVE Tracker
Home
Main
Universe
Partner
CVE-2016-8617
Priority
Medium
Description
The base64 encode function in curl before version 7.51.0 is prone to a
buffer being under allocated in 32bit systems if it receives at least 1Gb
as input via `CURLOPT_USERNAME`.
References
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8617
https://curl.haxx.se/docs/adv_20161102C.html
https://ubuntu.com/security/notices/USN-3123-1
Assigned-to
mdeslaur
Notes
Package
Source:
curl
(
LP
Ubuntu
Debian
)
Upstream:
released
(7.51.0)
Ubuntu 16.04 ESM:
released
(7.47.0-1ubuntu2.2)
Ubuntu 14.04 ESM:
released
(7.35.0-1ubuntu2.10)
Patches:
More Information
Mitre
NVD
Launchpad
Debian
Updated
: 2022-04-13 12:40:44 UTC (commit
f411bd370d482ef4385c4e751d121a4055fbc009
)