Synopsis: Moderate: curl security, bug fix and enhancement update Issue date: 2010-03-30 CVE Names: CVE-2010-0734 Wesley Miaw discovered that when deflate compression was used, libcurl could call the registered write callback function with data exceeding the documented limit. A malicious server could use this flaw to crash an application using libcurl or, potentially, execute arbitrary code. Note: This issue only affected applications using libcurl that rely on the documented data size limit, and that copy the data to the insufficiently sized buffer. (CVE-2010-0734) This update also fixes the following bugs: * when using curl to upload a file, if the connection was broken or reset by the server during the transfer, curl immediately started using 100% CPU and failed to acknowledge that the transfer had failed. With this update, curl displays an appropriate error message and exits when an upload fails mid-transfer due to a broken or reset connection. (BZ#479967) * libcurl experienced a segmentation fault when attempting to reuse a connection after performing GSS-negotiate authentication, which in turn caused the curl program to crash. This update fixes this bug so that reused connections are able to be successfully established even after GSS-negotiate authentication has been performed. (BZ#517199) As well, this update adds the following enhancements: * curl now supports loading Certificate Revocation Lists (CRLs) from a Privacy Enhanced Mail (PEM) file. When curl attempts to access sites that have had their certificate revoked in a CRL, curl refuses access to those sites. (BZ#532069) * the curl(1) manual page has been updated to clarify that the "--socks4" and "--socks5" options do not work with the IPv6, FTPS, or LDAP protocols. (BZ#473128) * the curl utility's program help, which is accessed by running "curl -h", has been updated with descriptions for the "--ftp-account" and "--ftp-alternative-to-user" options. (BZ#517084) All running applications using libcurl must be restarted for the update to take effect. SL 5.x SRPMS: curl-7.15.5-9.el5.src.rpm i386: curl-7.15.5-9.el5.i386.rpm curl-devel-7.15.5-9.el5.i386.rpm x86_64: curl-7.15.5-9.el5.i386.rpm curl-7.15.5-9.el5.x86_64.rpm curl-devel-7.15.5-9.el5.i386.rpm curl-devel-7.15.5-9.el5.x86_64.rpm -Connie Sieh -Troy Dawson