Arch Linux ASA-201411-7 Medium Severity: Curl Out-Of-Bounds Read

The package curl before version 7.39.0-1 is vulnerable to out-of-bounds read which may lead to information disclosure.

Arch Linux Security Advisory ASA-201411-7
========================================
Severity: Medium
Date    : 2014-11-11
CVE-ID  : CVE-2014-3707
Package : curl
Type    : out-of-bounds read
Remote  : No
Link    : https://wiki.archlinux.org/title/CVE-2014

Summary
======
The package curl before version 7.39.0-1 is vulnerable to out-of-bounds
read which may lead to information disclosure.

Resolution
=========
Upgrade to 7.39.0-1.

# pacman -Syu "curl>=7.39.0-1"

The problem has been fixed upstream [0] in version 7.39.0.

Workaround
=========
None.

Description
==========
Symeon Paraschoudis discovered that the curl_easy_duphandle() function
has a bug that can lead to libcurl eventually sending off sensitive data
that was not intended for sending.

Impact
=====
This bug requires CURLOPT_COPYPOSTFIELDS and curl_easy_duphandle() to be
used in that order, and then the duplicate handle must be used to
perform the HTTP POST. The curl command line tool is not affected by
this problem as it does not use this sequence.

References
=========
[0] https://access.redhat.com/security/cve/CVE-2014-3707
https://curl.se/docs/CVE-2014-3707.html