SUSE-SU-2018:3608-1

Advisory lineage Upstream: 2 Downstream: 0
Published: 02 Nov 2018, 16:09
Last modified:02 May 2025, 04:07

Vulnerability Summary

Overall Risk (default)
minimal
0/100
CVSS Score
No data
EPSS Score
No data
KEV
Not listed
Ransomware
No reports
Public exploits
None found
Dark Web
Not detected

Timeline

02 Nov 2018, 16:09
Published
Vulnerability first disclosed
02 May 2025, 04:07
Last Modified
Vulnerability information updated

Description

Security update for curl This update for curl fixes the following issues: - CVE-2018-16840: A use after free in closing SASL handles was fixed (bsc#1112758) - CVE-2018-16842: A Out-of-bounds Read in tool_msgs.c was fixed which could lead to crashes (bsc#1113660)

Affected Systems

  • susecurl&distro=SUSE Linux Enterprise Desktop 12 SP3

    < 7.37.0-37.31.1

  • susecurl&distro=SUSE Linux Enterprise Server 12 SP3

    < 7.37.0-37.31.1

  • susecurl&distro=SUSE Linux Enterprise Server for SAP Applications 12 SP3

    < 7.37.0-37.31.1

  • susecurl&distro=SUSE Linux Enterprise Software Development Kit 12 SP3

    < 7.37.0-37.31.1

References (5)