Preisgabe von Informationen in curl
ID: | FEDORA-2014-1876 |
Distribution: | Fedora |
Plattformen: | Fedora 20 |
Datum: | Mo, 3. Februar 2014, 18:34 |
Referenzen: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0015 |
Applikationen: | curl |
Originalnachricht |
|
Name : curl Product : Fedora 20 Version : 7.32.0 Release : 4.fc20 URL : http://curl.haxx.se/ Summary : A utility for getting files from remote servers (FTP, HTTP, and others) Description : curl is a command line tool for transferring data with URL syntax, supporting FTP, FTPS, HTTP, HTTPS, SCP, SFTP, TFTP, TELNET, DICT, LDAP, LDAPS, FILE, IMAP, SMTP, POP3 and RTSP. curl supports SSL certificates, HTTP POST, HTTP PUT, FTP uploading, HTTP form based upload, proxies, cookies, user+password authentication (Basic, Digest, NTLM, Negotiate, kerberos...), file transfer resume, proxy tunneling and a busload of other useful tricks. -------------------------------------------------------------------------------- Update Information: - re-use of wrong HTTP NTLM connection in libcurl (CVE-2014-0015) -------------------------------------------------------------------------------- ChangeLog: * Fri Jan 31 2014 Kamil Dudka |