| Package | curl |
|---|---|
| Version | 7.26.0-1+wheezy25+deb7u2 |
| Related CVEs | CVE-2018-14618 |
Zhaoyang Wu discovered that cURL, an URL transfer library, contains a buffer overflow in the NTLM authentication code triggered by passwords that exceed 2GB in length on 32bit systems.
For Debian 7 Wheezy, these problems have been fixed in version 7.26.0-1+wheezy25+deb7u2.
We recommend that you upgrade your curl packages.
Further information about Extended LTS security advisories can be found in the dedicated section of our website.