[3.1] curl: Multiple issues (CVE-2016-8615, CVE-2016-8616, CVE-2016-8617, CVE-2016-8618, CVE-2016-8619, CVE-2016-8620, CVE-2016-8621 CVE-2016-8622, CVE-2016-8623, CVE-2016-8624)

CVE-2016-8615: Cookie injection for other servers

CVE-2016-8616: Case insensitive password comparison

CVE-2016-8617: Out-of-bounds write via unchecked multiplication

CVE-2016-8618: Double-free in curl_maprintf

CVE-2016-8619: Double-free in krb5 code

CVE-2016-8620: Glob parser write/read out of bounds

CVE-2016-8621: curl_getdate out-of-bounds read

CVE-2016-8622: URL unescape heap overflow via integer truncation

CVE-2016-8623: curl: Use-after-free via shared cookies

CVE-2016-8624: Invalid URL parsing with ‘#’

Fixed In Version:

curl 7.51.0

References:

https://curl.haxx.se/docs/adv\_20161102A.html
https://curl.haxx.se/docs/adv\_20161102B.html
https://curl.haxx.se/docs/adv\_20161102C.html
https://curl.haxx.se/docs/adv\_20161102D.html
https://curl.haxx.se/docs/adv\_20161102E.html
https://curl.haxx.se/docs/adv\_20161102F.html
https://curl.haxx.se/docs/adv\_20161102G.html
https://curl.haxx.se/docs/adv\_20161102H.html
https://curl.haxx.se/docs/adv\_20161102I.html
https://curl.haxx.se/docs/adv\_20161102J.html

Patches:

https://curl.haxx.se/CVE-2016-8615.patch
https://curl.haxx.se/CVE-2016-8616.patch
https://curl.haxx.se/CVE-2016-8617.patch
https://curl.haxx.se/CVE-2016-8618.patch
https://curl.haxx.se/CVE-2016-8619.patch
https://curl.haxx.se/CVE-2016-8620.patch
https://curl.haxx.se/CVE-2016-8621.patch
https://curl.haxx.se/CVE-2016-8622.patch
https://curl.haxx.se/CVE-2016-8623.patch
https://curl.haxx.se/CVE-2016-8624.patch

(from redmine: issue id 6437, created on 2016-11-08, closed on 2016-12-27)

• Relations:
  • parent #6433 (closed)
• Changesets:
  • Revision ba3dc3d2 by Sergei Lukin on 2016-12-26T09:46:12Z:

main/curl: security upgrade - fixes #6437

CVE-2016-8615, CVE-2016-8616, CVE-2016-8617, CVE-2016-8618, CVE-2016-8619,
CVE-2016-8620, CVE-2016-8621 CVE-2016-8622, CVE-2016-8623, CVE-2016-8624