Details

    • Template:
    • Team:
      Night's Watch
    • Story Points:
      1
    • Sprint:
      NW - 2019-10-16
    • Release Notes:
      Security Fix
    • Release Notes Summary:
      Hide
      Update curl to 7.66.0 to address the following vulnerabilities:
      - CVE-2019-5481: FTP-KRB double-free (https://curl.haxx.se/docs/CVE-2019-5481.html)
      - CVE-2019-5482: TFTP small blocksize heap buffer overflow (https://curl.haxx.se/docs/CVE-2019-5482.html)
      Show
      Update curl to 7.66.0 to address the following vulnerabilities: - CVE-2019-5481: FTP-KRB double-free ( https://curl.haxx.se/docs/CVE-2019-5481.html ) - CVE-2019-5482: TFTP small blocksize heap buffer overflow ( https://curl.haxx.se/docs/CVE-2019-5482.html )
    • QA Risk Assessment:
      Needs Assessment

      Description

      All active streams should be updated to curl 7.66.0 to address security fixes..

      You should verify relevant updates have been made to puppet-runtime and a new runtime containing the updates has been promoted to puppet-agent.

        Attachments

          Activity

            People

            • Assignee:
              gabriel.nagy Gabriel Nagy
              Reporter:
              morgan Morgan Rhodes
            • Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved:

                Zendesk Support