Subject: | |
From: | |
Reply To: | |
Date: | Wed, 26 Jun 2013 00:59:01 +0000 |
Content-Type: | text/plain |
Parts/Attachments: |
|
|
Synopsis: Moderate: curl security update
Advisory ID: SLSA-2013:0983-1
Issue Date: 2013-06-25
CVE Numbers: CVE-2013-2174
--
A heap-based buffer overflow flaw was found in the way libcurl unescaped
URLs. A remote attacker could provide a specially-crafted URL that, when
processed by an application using libcurl that handles untrusted URLs,
would possibly cause it to crash or, potentially, execute arbitrary code.
(CVE-2013-2174)
All running applications using libcurl must be restarted for the update to
take effect.
--
SL5
x86_64
curl-7.15.5-17.el5_9.i386.rpm
curl-devel-7.15.5-17.el5_9.i386.rpm
curl-7.15.5-17.el5_9.x86_64.rpm
curl-devel-7.15.5-17.el5_9.x86_64.rpm
curl-debuginfo-7.15.5-17.el5_9.i386.rpm
curl-debuginfo-7.15.5-17.el5_9.x86_64.rpm
i386
curl-7.15.5-17.el5_9.i386.rpm
curl-devel-7.15.5-17.el5_9.i386.rpm
curl-debuginfo-7.15.5-17.el5_9.i386.rpm
srpm
curl-7.15.5-17.el5_9.src.rpm
noarch
curl-debuginfo-7.15.5-17.el5_9.i386.rpm
curl-debuginfo-7.15.5-17.el5_9.x86_64.rpm
SL6
x86_64
libcurl-7.19.7-37.el6_4.x86_64.rpm
libcurl-devel-7.19.7-37.el6_4.i686.rpm
curl-7.19.7-37.el6_4.x86_64.rpm
libcurl-devel-7.19.7-37.el6_4.x86_64.rpm
libcurl-7.19.7-37.el6_4.i686.rpm
curl-debuginfo-7.19.7-37.el6_4.i686.rpm
curl-debuginfo-7.19.7-37.el6_4.x86_64.rpm
srpm
curl-7.19.7-37.el6_4.src.rpm
i386
curl-7.19.7-37.el6_4.i686.rpm
libcurl-devel-7.19.7-37.el6_4.i686.rpm
libcurl-7.19.7-37.el6_4.i686.rpm
curl-debuginfo-7.19.7-37.el6_4.i686.rpm
noarch
curl-debuginfo-7.19.7-37.el6_4.x86_64.rpm
curl-debuginfo-7.19.7-37.el6_4.i686.rpm
- Scientific Linux Development Team
|
|
|