On Thu, 29 Sep 2016, Daniel Stenberg wrote:
> INFO
> ----
>
> The Common Vulnerabilities and Exposures (CVE) project has assigned the name
> CVE-2016-5180 to this issue.
>
> AFFECTED VERSIONS
> -----------------
>
> This flaw exists in the following c-ares versions.
>
> - Affected versions: libcurl 1.0.0 to and including 1.11.0
> - Not affected versions: c-ares >= 1.12.0
Sorry for being sloppy. I meant to write c-ares above and not libcurl. This
was a copy and paste error that is already fixed in the web version of this
advisory at
https://c-ares.haxx.se/adv_20160929.html
-- / daniel.haxx.seReceived on 2016-09-29