Alerts This Week
Warning Icon 1 609
Alerts This Week
Warning Icon 1 609

Slackware 14.0: 2013-174-01 Moderate: Curl Heap Corruption

slackware
Calendar Grey June 23, 2013
Dist Slackware Esm H88
Updated curl modules released for Slackware addressing a heap overflow vulnerability in libcurl.
New curl packages are available for Slackware 12.1, 12.2, 13.0, 13.1, 13.37, 14.0, and -current to fix a security issue

Summary

Here are the details from the Slackware 14.0 ChangeLog: patches/packages/curl-7.29.0-i486-3_slack14.0.txz: Rebuilt. This fixes a minor security issue where a decode buffer boundary flaw in libcurl could lead to heap corruption. For more information, see: https://curl.se/docs/CVE-2013-2174.html https://www.cve.org/CVERecord?id=CVE-2013-2174 (* Security fix *)

Topics%20covered

Topics Covered

security advisory heap corruption software update slackware curl

Where Find New Packages

Thanks to the friendly folks at the OSU Open Source Lab (https://osuosl.org/) for donating FTP and rsync hosting to the Slackware project! :-)
Also see the "Get Slack" section on http://www.slackware.com/ for additional mirror sites near you.
Updated package for Slackware 12.1: ftp://ftp.slackware.com/pub/slackware/slackware-12.1/patches/packages/curl-7.16.2-i486-4_slack12.1.tgz
Updated package for Slackware 12.2: ftp://ftp.slackware.com/pub/slackware/slackware-12.2/patches/packages/curl-7.19.6-i486-2_slack12.2.tgz
Updated package for Slackware 13.0:
Updated package for Slackware x86_64 13.0:
Updated package for Slackware 13.1:
Updated package for Slackware x86_64 13.1:
Updated package for Slackware 13.37:
Updated package for Slackware x86_64 13.37:
Updated package for Slackware 14.0:
Updated package for Slackware x86_64 14.0:
Updated package for Slackware -current:
Updated package for Slackware x86_64 -current:

MD5 Signatures

Slackware 12.1 package: 039f86b776fa836abe4f4153329bf4ab curl-7.16.2-i486-4_slack12.1.tgz
Slackware 12.2 package: 4cd279f928fa4e261f7b25cd5623ca1f curl-7.19.6-i486-2_slack12.2.tgz
Slackware 13.0 package: 271bb8f3842426959bd8dc62c9f91513 curl-7.19.6-i486-2_slack13.0.txz
Slackware x86_64 13.0 package: b480f2128bf50e14a8943909b6aae236 curl-7.19.6-x86_64-2_slack13.0.txz
Slackware 13.1 package: dc472f71102bec4454ee8cb9e01ab5ca curl-7.20.1-i486-2_slack13.1.txz
Slackware x86_64 13.1 package: 156aaad5fe806e6fdf8c2d01cf9a8f9d curl-7.20.1-x86_64-2_slack13.1.txz
Slackware 13.37 package: a52a03c063bf8e7fec021fbfb0bee2d7 curl-7.21.4-i486-2_slack13.37.txz
Slackware x86_64 13.37 package: 555ac66549322d731bf1e9940a145584 curl-7.21.4-x86_64-2_slack13.37.txz
Slackware 14.0 package: 4073372f0426b39c992f370b72638f4b curl-7.29.0-i486-3_slack14.0.txz
Slackware x86_64 14.0 package: a1580d839db13701f8775e77eeb4920b curl-7.29.0-x86_64-3_slack14.0.txz
Slackware -current package: 4ba53a308a7cf0545a1ecff82f216e20 n/curl-7.31.0-i486-1.txz
Slackware x86_64 -current package: ce783176b2c2e1bc117917ceb4fbfbdf n/curl-7.31.0-x86_64-1.txz

Severity
important
Lowest
Low
Medium
High
Critical

Topics%20covered

Topics Covered

security advisory heap corruption software update slackware curl

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Installation Instructions

Installation instructions: Upgrade the package as root: # upgradepkg curl-7.29.0-i486-3_slack14.0.txz

Related News

Your message here