Synopsis: Moderate: curl security update Advisory ID: SLSA-2013:0771-1 Issue Date: 2013-04-24 CVE Numbers: CVE-2013-1944 -- A flaw was found in the way libcurl matched domains associated with cookies. This could lead to cURL or an application linked against libcurl sending the wrong cookie if only part of the domain name matched the domain associated with the cookie, disclosing the cookie to unrelated hosts. (CVE-2013-1944) All running applications using libcurl must be restarted for the update to take effect. -- SL5 x86_64 curl-7.15.5-16.el5_9.i386.rpm curl-7.15.5-16.el5_9.x86_64.rpm curl-debuginfo-7.15.5-16.el5_9.i386.rpm curl-debuginfo-7.15.5-16.el5_9.x86_64.rpm curl-devel-7.15.5-16.el5_9.i386.rpm curl-devel-7.15.5-16.el5_9.x86_64.rpm i386 curl-7.15.5-16.el5_9.i386.rpm curl-debuginfo-7.15.5-16.el5_9.i386.rpm curl-devel-7.15.5-16.el5_9.i386.rpm SL6 x86_64 curl-7.19.7-36.el6_4.x86_64.rpm curl-debuginfo-7.19.7-36.el6_4.i686.rpm curl-debuginfo-7.19.7-36.el6_4.x86_64.rpm libcurl-7.19.7-36.el6_4.i686.rpm libcurl-7.19.7-36.el6_4.x86_64.rpm libcurl-devel-7.19.7-36.el6_4.i686.rpm libcurl-devel-7.19.7-36.el6_4.x86_64.rpm i386 curl-7.19.7-36.el6_4.i686.rpm curl-debuginfo-7.19.7-36.el6_4.i686.rpm libcurl-7.19.7-36.el6_4.i686.rpm libcurl-devel-7.19.7-36.el6_4.i686.rpm For dependency resolution the following packages were added to SL6 x86_64 libssh2-1.4.2-1.el6.i686.rpm libssh2-1.4.2-1.el6.x86_64.rpm libssh2-devel-1.4.2-1.el6.i686.rpm libssh2-devel-1.4.2-1.el6.x86_64.rpm libssh2-docs-1.4.2-1.el6.x86_64.rpm i386 libssh2-1.4.2-1.el6.i686.rpm libssh2-devel-1.4.2-1.el6.i686.rpm libssh2-docs-1.4.2-1.el6.i686.rpm - Scientific Linux Development Team