Slackware Security Advisory - New curl packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, and -current to fix security issues.
6f8f1ea7ca7722d48810e15411398875a23f2427d517d29aaf9be8d59d9f7ffbGentoo Linux Security Advisory 201509-2 - Multiple vulnerabilities have been found in cURL, the worst of which can allow remote attackers to cause Denial of Service condition. Versions less than 7.43.0 are affected.
f5b5b9e3238bd4c9cdd7e927d7530352831a5a3d3d388eaff85cf3fbcee5d92eUbuntu Security Notice 2591-1 - Paras Sethia discovered that curl could incorrectly re-use NTLM HTTP credentials when subsequently connecting to the same host over HTTP. Hanno B=C3=B6ck discovered that curl incorrectly handled zero-length host names. If a user or automated system were tricked into using a specially crafted host name, an attacker could possibly use this issue to cause curl to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 14.10 and Ubuntu 15.04. Various other issues were also addressed.
58aa927ae5cde26c640c5b1fad0d3a84b7a2049bd1bb1094b604b1a5687488f4Debian Linux Security Advisory 3232-1 - Several vulnerabilities were discovered in cURL, an URL transfer library.
6e86f20ed47c4e7cfc2468ed008bfa64388d16455652fa11cf828b15cf453f31
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed