Login
Login-Name Passwort


 
Newsletter
Werbung

Sicherheit: Mehrere Probleme in mingw-curl
Aktuelle Meldungen Distributionen
Name: Mehrere Probleme in mingw-curl
ID: FEDORA-2015-6864
Distribution: Fedora
Plattformen: Fedora 22
Datum: Sa, 2. Mai 2015, 10:48
Referenzen: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8150
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3143
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3144
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3145
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3148

Originalnachricht

Name        : mingw-curl
Product : Fedora 22
Version : 7.42.0
Release : 1.fc22
URL : http://curl.haxx.se/
Summary : MinGW Windows port of curl and libcurl
Description :
cURL is a tool for getting files from HTTP, FTP, FILE, LDAP, LDAPS,
DICT, TELNET and TFTP servers, using any of the supported protocols.
cURL is designed to work without user interaction or any kind of
interactivity. cURL offers many useful capabilities, like proxy
support, user authentication, FTP upload, HTTP post, and file transfer
resume.

This is the MinGW cross-compiled Windows library.

-------------------------------------------------------------------------------
-
Update Information:

Update to 7.42.0 which fixes various CVE's
-------------------------------------------------------------------------------
-
References:

[ 1 ] Bug #1180063 - CVE-2014-8150 mingw-curl: curl: URL request injection
vulnerability in parseurlandfillconn() [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1180063
[ 2 ] Bug #1214795 - CVE-2015-3143 CVE-2015-3148 CVE-2015-3145 CVE-2015-3144
mingw-curl: various flaws [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1214795
-------------------------------------------------------------------------------
-

This update can be installed with the "yum" update program. Use
su -c 'yum update mingw-curl' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
-------------------------------------------------------------------------------
-
_______________________________________________
package-announce mailing list
package-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/package-announce
Pro-Linux
Traut euch!
Neue Nachrichten
Werbung