libcurl contains two integer overflows in the curl_url_set()
function that
if triggered, can lead to a too small buffer allocation and a subsequent heap
buffer overflow.
The flaws only exist on 32 bit architectures and require excessive string input lengths.