-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Package : curl Version : 7.26.0-1+wheezy22 CVE ID : CVE-2017-1000257
Brian Carpenter, Geeknik Labs, 0xd34db347, and independently reported by the OSS-Fuzz project, detected a out of bounds read during IMAP FETCH response.
For Debian 7 "Wheezy", this problem has been fixed in version 7.26.0-1+wheezy22. We recommend that you upgrade your curl packages. Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQJ8BAEBCgBmBQJZ76S3XxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXQ2MjAxRkJGRkRCQkRFMDc4MjJFQUJCOTY5 NkZDQUMwRDM4N0I1ODQ3AAoJEJb8rA04e1hH7DIQAJgrtl76JcsSu7VhKUTk+Ea9 uua8nU3ZLGHSwKlxkWcEgDhfz03kkgNPKWUYr7D+btbDucgnDQ2irub16s6neMAZ LVbwiK3ObHcYc8iJNyJjFGuMVkCBOui3pCZcDw5gcXjE/DCFeMXFyqszcaD4N2ir /5/3tOrkY+OeBRkKxkEnxlyfGkJL2ZtyqDmn5F/RWC9NkJCbAlwrpMJvRtRMoDli dpWGGcNtVBJ8+6EJ+cYLVUzFq45HgrxIHvywlnIM7JHjj9xyHuXwIrOtrnV3POdn a+gcZbHoJe7e6NNiZhlWGh00T4NSGYhuBjxXkNfZSjJ10sXLuKsKYfgYqy2zPQwk ZNRlnTfA3dXJr5wKn0g32d4r92v92QhLkYHgDUFpIhAxL9pRO3P31ihfezD9PF2U IKOeW3DKB+WgJQOMajeiUJugYIlU32cx76KkM0Ksp61Ivt/vZ/W7mF+1exV32qLp VOrnJ/cOjsgbz1I7YlCuMcrWnTi/PfoNYHh7N1K62AsL7MAernVd6xDm6Anj4a+V A8HSCHYrk0Da794eV64mK3ANN1/gTn5oRkBF6ebEv5/IYxDBSYwJVyr2UNFb79Ey /K4itnE5zZ9VnGtnhz0rHWqn/AN6nvWHm65UKehgU38WrzyvuZEolz7pmod3lzva A3sdb4ODvyRGeSeBisgF =484g -----END PGP SIGNATURE-----
