Explore top 10 tips to secure your open-source projects now. Read More
×
Date: Wed, 26 Jun 2013 00:59:01 +0000 Reply-To: scientific-linux-users@ Sender: Security Errata for Scientific LinuxFrom: Bonnie King Subject: Security ERRATA Moderate: curl on SL5.x, SL6.x i386/srpm/x86_64 MIME-Version: 1.0 Synopsis: Moderate: curl security update Advisory ID: SLSA-2013:0983-1 Issue Date: 2013-06-25 CVE Numbers: CVE-2013-2174 -- A heap-based buffer overflow flaw was found in the way libcurl unescaped URLs. A remote attacker could provide a specially-crafted URL that, when processed by an application using libcurl that handles untrusted URLs, would possibly cause it to crash or, potentially, execute arbitrary code. (CVE-2013-2174) All running applications using libcurl must be restarted for the update to take effect. -- SL5 x86_64 curl-7.15.5-17.el5_9.i386.rpm curl-devel-7.15.5-17.el5_9.i386.rpm curl-7.15.5-17.el5_9.x86_64.rpm curl-devel-7.15.5-17.el5_9.x86_64.rpm curl-debuginfo-7.15.5-17.el5_9.i386.rpm curl-debuginfo-7.15.5-17.el5_9.x86_64.rpm i386 curl-7.15.5-17.el5_9.i386.rpm curl-devel-7.15.5-17.el5_9.i386.rpm curl-debuginfo-7.15.5-17.el5_9.i386.rpm srpm curl-7.15.5-17.el5_9.src.rpm noarch curl-debuginfo-7.15.5-17.el5_9.i386.rpm curl-debuginfo-7.15.5-17.el5_9.x86_64.rpm SL6 x86_64 libcurl-7.19.7-37.el6_4.x86_64.rpm libcurl-devel-7.19.7-37.el6_4.i686.rpm curl-7.19.7-37.el6_4.x86_64.rpm libcurl-devel-7.19.7-37.el6_4.x86_64.rpm libcurl-7.19.7-37.el6_4.i686.rpm curl-debuginfo-7.19.7-37.el6_4.i686.rpm curl-debuginfo-7.19.7-37.el6_4.x86_64.rpm srpm curl-7.19.7-37.el6_4.src.rpm i386 curl-7.19.7-37.el6_4.i686.rpm libcurl-devel-7.19.7-37.el6_4.i686.rpm libcurl-7.19.7-37.el6_4.i686.rpm curl-debuginfo-7.19.7-37.el6_4.i686.rpm noarch curl-debuginfo-7.19.7-37.el6_4.x86_64.rpm curl-debuginfo-7.19.7-37.el6_4.i686.rpm - Scientific Linux Development Team