-
Language:
English
-
Language:
English
Red Hat Training
A Red Hat training course is available for Red Hat JBoss Core Services
Chapter 3. Security Fixes
This update includes fixes for the following security related issues:
ID | Impact | Summary |
---|---|---|
Moderate | expat: Out-of-bounds heap read on crafted input causing crash | |
Low | curl: escape and unescape integer overflows | |
Moderate | curl: Cookie injection for other servers | |
Low | curl: Case insensitive password comparison | |
Moderate | curl: Out-of-bounds write via unchecked multiplication | |
Moderate | curl: Double-free in curl_maprintf | |
Moderate | curl: Double-free in krb5 code | |
Low | curl: curl_getdate out-of-bounds read | |
Low | curl: URL unescape heap overflow via integer truncation | |
Low | curl: Use-after-free via shared cookies | |
Moderate | curl: Invalid URL parsing with '#' | |
Moderate | curl: IDNA 2003 makes curl use wrong host | |
Moderate | libxml2: out-of-bounds read (unfixed CVE-2016-4483 in JBCS) | |
Moderate | pcre: Out-of-bounds read in compile_bracket_matchingpath function (8.41/3) | |
Moderate | pcre: Invalid Unicode property lookup (8.41/7, 10.24/2) | |
Low | pcre: invalid memory read in _pcre32_xclass (pcre_xclass.c) | |
Low | pcre: stack-based buffer overflow write in pcre32_copy_substring | |
Low | pcre: stack-based buffer overflow write in pcre32_copy_substring | |
Moderate | curl: FTP PWD response parser out of bounds read | |
Moderate | curl: IMAP FETCH response out of bounds read | |
Moderate | curl: Heap-based buffer overflow in Curl_smtp_escape_eob() when uploading data over SMTP |