Synopsis: Moderate: curl security, bug fix, and enhancement update Advisory ID: SLSA-2017:2016-1 Issue Date: 2017-08-01 CVE Numbers: CVE-2016-7167 -- Security Fix(es): * Multiple integer overflow flaws leading to heap-based buffer overflows were found in the way curl handled escaping and unescaping of data. An attacker could potentially use these flaws to crash an application using libcurl by sending a specially crafted input to the affected libcurl functions. (CVE-2016-7167) -- SL7 x86_64 curl-7.29.0-42.el7.x86_64.rpm curl-debuginfo-7.29.0-42.el7.i686.rpm curl-debuginfo-7.29.0-42.el7.x86_64.rpm libcurl-7.29.0-42.el7.i686.rpm libcurl-7.29.0-42.el7.x86_64.rpm libcurl-devel-7.29.0-42.el7.i686.rpm libcurl-devel-7.29.0-42.el7.x86_64.rpm - Scientific Linux Development Team