[security-announce] Security Update: cURL: multiple CVEs fix

Sona Sarmadi sona.sarmadi at enea.com
Tue Feb 14 14:43:25 CET 2017


		Enea Linux Security Advisory

====================================================================
Product/package: Enea Linux 6.0: (curl 7.47.1)
Architecture: all
====================================================================

Following vulnerabilities have been fixed in Enea Linux 6.0 in curl 7.47.1:

CVE-2016-8615 cookie injection for other servers
============================================================
Severity: Medium

Affected versions: curl 7.1 to and including 7.50.3

References
Upstream fix: https://curl.haxx.se/docs/adv_20161102A.html

Correction for Enea Linux:
http://git.enea.com/cgit/linux/poky.git/patch/?id=b9d34c10e7ff7222130488c11fdf44b401f254c1

CVE-2016-8616 case insensitive password comparison
============================================================
Severity: Low

Affected versions: curl 7.7 to and including 7.50.3

References
Upstream fix: https://curl.haxx.se/docs/adv_20161102B.html

Correction for Enea Linux:
http://git.enea.com/cgit/linux/poky.git/patch/?id=e225939e7d4a3adf377eb354557148572a508cc7

CVE-2016-8617 OOB write via unchecked multiplication
============================================================
Severity: Medium

Affected versions: curl 7.1 to and including 7.50.3

References:
Upstream fix: https://curl.haxx.se/docs/adv_20161102C.html

Correction for Enea Linux:
http://git.enea.com/cgit/linux/poky.git/patch/?id=f896298d12f2295e3193f81c8126b3142828bd4d

CVE-2016-8618 double-free in curl_maprintf
============================================================
Severity: Medium

Affected versions: curl 7.1 to and including 7.50.3

References:
Upstream fix: https://curl.haxx.se/docs/adv_20161102D.html

Correction for Enea Linux:
http://git.enea.com/cgit/linux/poky.git/patch/?id=e959182ba2941f29882d52c9fa700a83c477a504

CVE-2016-8619 double-free in krb5 code
============================================================
Severity: Medium

Affected versions: curl 7.3 to and including 7.50.3

References
Upstream fix: https://curl.haxx.se/docs/adv_20161102E.html

Correction for Enea Linux:
http://git.enea.com/cgit/linux/poky.git/patch/?id=68e224826ee278d35d01b2bd9678dd52d6352da1

CVE-2016-8620 glob parser write/read out of bounds
============================================================
Severity: Medium

Affected versions: curl 7.34.0 to and including 7.50.3

References
Upstream fix: https://curl.haxx.se/docs/adv_20161102F.html

Correction for Enea Linux:
http://git.enea.com/cgit/linux/poky.git/patch/?id=3b8cc15b749578c70ddd1a2bd2d18dea16f93c0d

CVE-2016-8621 curl_getdate read out of bounds
============================================================
Severity: Low

Affected versions: curl 7.12.2 to and including 7.50.3

References
Upstream fix: https://curl.haxx.se/docs/adv_20161102G.html

Correction for Enea Linux:
http://git.enea.com/cgit/linux/poky.git/patch/?id=a4929f6e17d37f619cd279f14ae2ab828ae9e52e

CVE-2016-8622 URL unescape heap overflow via integer truncation
============================================================
Severity: Low

Affected versions: curl 7.24.0 to and including 7.50.3

References
Upstream fix: https://curl.haxx.se/docs/adv_20161102H.html

Correction for Enea Linux:
http://git.enea.com/cgit/linux/poky.git/patch/?id=61ef07eb823a58d9f5f5b84722434ab6c3733230

CVE-2016-8623 Use-after-free via shared cookies
============================================================
Severity: Low

Affected versions: curl 7.10.7 to and including 7.50.3

References
Upstream fix: https://curl.haxx.se/docs/adv_20161102I.html

Correction for Enea Linux:
http://git.enea.com/cgit/linux/poky.git/patch/?id=102d84d61fdbce2d91e4d300f75c593d0a16d74f

CVE-2016-8624 invalid URL parsing with '#'
============================================================
Severity: Medium

Affected versions: curl 7.1 to and including 7.50.3

References
Upstream fix: https://curl.haxx.se/docs/adv_20161102J.html

Correction for Enea Linux:
http://git.enea.com/cgit/linux/poky.git/patch/?id=848ec2723a569c847f61f50e677f9a38ed03552a

CVE-2016-8625 IDNA 2003 makes curl use wrong host
============================================================
Severity: Medium

Affected versions: curl 7.12.0 to and including 7.50.3

References
Upstream fix: https://curl.haxx.se/docs/adv_20161102K.html

Correction for Enea Linux:
http://git.enea.com/cgit/linux/poky.git/patch/?id=9cc3e1c2ce4a572dce6329f161e549029d84ad30

How to get the latest patches
=============================
- If you have already cloned needed repositories, update it to get new
security patches.

cd Enea-Linux-6.0
$ repo sync

- If you have not yet cloned needed repositories, do it as described
below. (Security patches are fetched implicitly when cloning the repos).

Use repo tool to download the source for the Enea Linux 6.0 standard,
follow the steps below:
1. Make sure that the repo tool is installed. If not, follow the
instructions below:

$ curl https://storage.googleapis.com/git-repo-downloads/repo >
~/bin/repo $ chmod a+x ~/bin/repo

The instruction assumes that ~/bin exists and is included in the PATH
variable.

2.Use the repo tool to download the source:
$ mkdir Enea-Linux-6.0
$ cd Enea-Linux-6.0
$ repo init \
-u git://git.enea.com/linux/el_manifests-standard.git \ -b krogoth\ -m
<manifest file> $ repo sync

The parameter <manifest file> depends on the target:
P2041RDB: p2041rdb/default.xml
LS1021a-IoT: ls1021aiot/default.xml
QEMUARM: qemuarm/default.xml
QEMUPCC: qemuppc/default.xml
QEMUX86: qemux86/default.xml

If you have any questions regarding the security patches and security
updates please contact security at enea.com.

For gerneral security refer to Enea Linux Security page:
http://www.enea.com/solutions/Enea-Linux/Security/

For the CVEs fixed at Enea Linux releases see CVE list:
http://www.enea.com/solutions/Enea-Linux/Security/CVEs-list/

For custom packages/releases please use the Support Channel:
http://www.enea.com/solutions/support.

Enea Security Team
Sona Sarmadi
Mobile: +46 70 971 4475
www.enea.com








-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 473 bytes
Desc: OpenPGP digital signature
URL: <http://mail.lists.enea.com/pipermail/security-announce/attachments/20170214/7bd67544/attachment.sig>


More information about the security-announce mailing list