On Thu, 29 Sep 2016, Daniel Stenberg wrote:
INFO
----
The Common Vulnerabilities and Exposures (CVE) project has assigned the name
CVE-2016-5180 to this issue.
AFFECTED VERSIONS
-----------------
This flaw exists in the following c-ares versions.
- Affected versions: libcurl 1.0.0 to and including 1.11.0
- Not affected versions: c-ares >= 1.12.0
Sorry for being sloppy. I meant to write c-ares above and not libcurl. This
was a copy and paste error that is already fixed in the web version of this
advisory at
https://c-ares.haxx.se/adv_20160929.html
--
/ daniel.haxx.se
