[Fwd: [Bug 1234] New: Security flaws in cURL 7.13.0]
Dan.Osterrath at gmx.de
Wed Feb 23 23:51:32 PST 2005
PS: What a nice bug id. Any awards for me? ;-)
-------- Original-Nachricht --------
Betreff: [Bug 1234] New: Security flaws in cURL 7.13.0
Datum: Thu, 24 Feb 2005 00:23:16 -0700 (MST)
Von: blfs-bugs at linuxfromscratch.org
Antwort an: BLFS Book Maintenance List <blfs-book at linuxfromscratch.org>
An: blfs-book at linuxfromscratch.org
Summary: Security flaws in cURL 7.13.0
Product: Beyond LinuxFromScratch
AssignedTo: blfs-book at linuxfromscratch.org
ReportedBy: Dan.Osterrath at gmx.de
QAContact: blfs-book at linuxfromscratch.org
There are two security leaks in the current version of cURL.
iDefense only verified verison 7.12.1 but the cURL news page doesn't state
explicitely that 7.13.0 is clean.
Unfortunately there seems to be only one official patch for the first issue
The date of revision 1.36 confirms the suspicion that even the current version
The second issue (kerberos authentication) seems to be still unpatched. At least
there is a suggestion on the website from iDefense. (see upper links)
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
You are the QA contact for the bug, or are watching the QA contact.
Unsubscribe: See the above information page
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 187 bytes
Desc: OpenPGP digital signature
More information about the lfs-security