LISTSERV - SCIENTIFIC-LINUX-ERRATA Archives

SCIENTIFIC-LINUX-ERRATA Archives

April 2010

SCIENTIFIC-LINUX-ERRATA@LISTSERV.FNAL.GOV

	LISTSERV Archives
	SCIENTIFIC-LINUX-ERRATA Home
	SCIENTIFIC-LINUX-ERRATA April 2010

	Log In
	Register

	Subscribe or Unsubscribe

	Search Archives

Options:	Use Monospaced Font Show Text Part by Default Show All Mail Headers
Message:	[<< First] [< Prev] [Next >] [Last >>]
Topic:	[<< First] [< Prev] [Next >] [Last >>]
Author:	[<< First] [< Prev] [Next >] [Last >>]

Subject:	Security ERRATA Moderate: curl on SL5.x i386/x86_64
From:	Troy Dawson <[log in to unmask]>
Reply To:	Troy Dawson <[log in to unmask]>
Date:	Wed, 7 Apr 2010 13:30:19 -0500
Content-Type:	text/plain
Parts/Attachments:	text/plain (61 lines)

Synopsis:	Moderate: curl security, bug fix and enhancement update
Issue date:	2010-03-30
CVE Names:	CVE-2010-0734

Wesley Miaw discovered that when deflate compression was used, libcurl
could call the registered write callback function with data exceeding 
the documented limit. A malicious server could use this flaw to crash an
application using libcurl or, potentially, execute arbitrary code. Note:
This issue only affected applications using libcurl that rely on the
documented data size limit, and that copy the data to the insufficiently
sized buffer. (CVE-2010-0734)

This update also fixes the following bugs:

* when using curl to upload a file, if the connection was broken or 
reset by the server during the transfer, curl immediately started using 
100% CPU and failed to acknowledge that the transfer had failed. With 
this update, curl displays an appropriate error message and exits when 
an upload fails mid-transfer due to a broken or reset connection. 
(BZ#479967)

* libcurl experienced a segmentation fault when attempting to reuse a
connection after performing GSS-negotiate authentication, which in turn
caused the curl program to crash. This update fixes this bug so that 
reused connections are able to be successfully established even after
GSS-negotiate authentication has been performed. (BZ#517199)

As well, this update adds the following enhancements:

* curl now supports loading Certificate Revocation Lists (CRLs) from a
Privacy Enhanced Mail (PEM) file. When curl attempts to access sites 
that have had their certificate revoked in a CRL, curl refuses access to 
those sites. (BZ#532069)

* the curl(1) manual page has been updated to clarify that the 
"--socks4" and "--socks5" options do not work with the IPv6, FTPS, or 
LDAP protocols. (BZ#473128)

* the curl utility's program help, which is accessed by running "curl 
-h", has been updated with descriptions for the "--ftp-account" and
"--ftp-alternative-to-user" options. (BZ#517084)

All running applications using libcurl must be restarted for the update 
to take effect.

SL 5.x

     SRPMS:
curl-7.15.5-9.el5.src.rpm
     i386:
curl-7.15.5-9.el5.i386.rpm
curl-devel-7.15.5-9.el5.i386.rpm
     x86_64:
curl-7.15.5-9.el5.i386.rpm
curl-7.15.5-9.el5.x86_64.rpm
curl-devel-7.15.5-9.el5.i386.rpm
curl-devel-7.15.5-9.el5.x86_64.rpm

-Connie Sieh
-Troy Dawson

ATOM RSS1 RSS2

LISTSERV.FNAL.GOV