Curl -7.24.0_4 heap corruption

Reggie Euser reggie at
Tue Jul 2 14:49:16 UTC 2013

We're running FreeBSD 8.3-RELEASE-p3 and portaudit says:

Affected package: curl-7.24.0_2
Type of problem: cURL library -- heap corruption in curl_easy_unescape.

1 problem(s) in your installed packages found.

You are advised to update or deinstall the affected package(s) immediately.

Have updated ports tree, checked UPDATING (nothing on curl since 2010). For 
last several days, portmaster curl has attempted to install curl-7.24.0_3 - 
same heap corruption issue.

Today, portmaster curl attempted to install curl-7.24.0_4. I thought, great, 
the port has been updated!

Except that the heap corruption issue persists and the update fails.

Anyone have any insights into this issue?


More information about the freebsd-questions mailing list