Fedora: FEDORA-2022-045 Moderate: wget Buffer Overflow Vulnerability

cURL is a tool for getting files from FTP, HTTP, Gopher, Telnet, and

Dict servers, using any of the supported protocols. cURL is designed

to work without user interaction or any kind of interactivity. cURL

offers many useful capabilities, like proxy support, user

authentication, FTP upload, HTTP post, and file transfer resume.

This curl update fixes security vulnerability CVE-2006-1061 -

curl can overflow a heap-based memory buffer if very long

TFTP URL with valid host name is passed to curl.

This update fixes instalation problems on multilib

architectures, too.

- fix multilib problem using pkg-config

- fix cve-2006-1061 problem - cURL tftp buffer overflow

* Thu Feb 23 2006 Ivana Varekova - 7.15.1-2

- fix multilib problem - #181290 -

curl-devel.i386 not installable together with curl-devel.x86-64

22d285846edc9415777275be1a4040a182abb1b4 SRPMS/curl-7.15.1-3.src.rpm

89b873c628d9f9c3cf0e031571dba23a02ca47e1 ppc/curl-7.15.1-3.ppc.rpm

d9a98e61bddf2a976bcd0bbca3f567dd2f971b0b ppc/curl-devel-7.15.1-3.ppc.rpm

64fd2d8247ddcea9ead35a579eacb76825a95f0e ppc/debug/curl-debuginfo-7.15.1-3.ppc.rpm

b0f239c8622507a072776d2764be959445827487 x86_64/curl-7.15.1-3.x86_64.rpm

8240e70642da75927e081787266ce1c0dfb64fa6 x86_64/curl-devel-7.15.1-3.x86_64.rpm

b5bdf46987d7d1169b3034d2395f3129c3ab1300 x86_64/debug/curl-debuginfo-7.15.1-3.x86_64.rpm

d776e7f0b98d697ec747819d68f4fb5a97fb595c i386/curl-7.15.1-3.i386.rpm

aafda2d4f423cf2821fb3361aadb59b8c80d63dd i386/curl-devel-7.15.1-3.i386.rpm

d4a454a27855497b2e01a19486dd045f1a7009da i386/debug/curl-debuginfo-7.15.1-3.i386.rpm

This update can be installed with the 'yum' update program. Use 'yum update

package-name' at the command line. For more information, refer to 'Managing

Software with yum,' available at .

fedora-announce-list mailing list

fedora-announce-list@redhat.com