Paketname
curl
Datum
2005-03-04
Advisory ID
MDKSA-2005:048
Betroffene Versionen
10.0 amd64 , 10.1 i586 , 10.0 i586 , CS3.0 x86_64 , CS3.0 i586 , 10.1 x86_64

Problembeschreibung

"infamous41md" discovered a buffer overflow vulnerability in
libcurl's NTLM authorization base64 decoding. This could allow a
remote attacker using a prepared remote server to execute arbitrary
code as the user running curl.

The updated packages are patched to deal with these issues.

Aktualisierte Pakete

10.0 amd64

 0386f15dd07dffdafcc74c8957a4dc00  amd64/10.0/RPMS/curl-7.11.0-2.1.100mdk.amd64.rpm
 cb3ac9ad77a6e68e9f6d7bcdb8776bee  amd64/10.0/RPMS/lib64curl2-7.11.0-2.1.100mdk.amd64.rpm
 b5118a34cf3436c68ba3c0081a2681af  amd64/10.0/RPMS/lib64curl2-devel-7.11.0-2.1.100mdk.amd64.rpm
 53b2ac18baa15810a7f0321d24bbdea8  amd64/10.0/SRPMS/curl-7.11.0-2.1.100mdk.src.rpm

10.1 i586

 a9a5c3b2af793fbfdc4f897a01788f27  10.1/RPMS/curl-7.12.1-1.1.101mdk.i586.rpm
 caad27287f1db33094ac2171e6cfa860  10.1/RPMS/libcurl3-7.12.1-1.1.101mdk.i586.rpm
 61bea15f364b11ba85ee708b48f8fe6a  10.1/RPMS/libcurl3-devel-7.12.1-1.1.101mdk.i586.rpm
 e140c850303eb14c12b318538f2266ce  10.1/SRPMS/curl-7.12.1-1.1.101mdk.src.rpm

10.0 i586

 5e359e1440af3150fff501af3337f8f6  10.0/RPMS/curl-7.11.0-2.1.100mdk.i586.rpm
 ed2893b0a0cd269175cc8e27c2d04a06  10.0/RPMS/libcurl2-7.11.0-2.1.100mdk.i586.rpm
 34d0da12d64d6f27d17fb0dd46676870  10.0/RPMS/libcurl2-devel-7.11.0-2.1.100mdk.i586.rpm
 53b2ac18baa15810a7f0321d24bbdea8  10.0/SRPMS/curl-7.11.0-2.1.100mdk.src.rpm

CS3.0 x86_64

 7ed8e6b6e1611c97c02b357482694a3c  x86_64/corporate/3.0/RPMS/curl-7.11.0-2.1.C30mdk.x86_64.rpm
 ff8bd600e1229333e14d25f9323a462d  x86_64/corporate/3.0/RPMS/lib64curl2-7.11.0-2.1.C30mdk.x86_64.rpm
 4c01c4a92bfeca71b818b723fd4752f4  x86_64/corporate/3.0/RPMS/lib64curl2-devel-7.11.0-2.1.C30mdk.x86_64.rpm
 8766893d25c2fccefa90d32f9da6500e  x86_64/corporate/3.0/SRPMS/curl-7.11.0-2.1.C30mdk.src.rpm

CS3.0 i586

 f99dfd0c67f16bbe2e57869c3c3ca7ea  corporate/3.0/RPMS/curl-7.11.0-2.1.C30mdk.i586.rpm
 07547b2c4a4dc7051db43fd968af591d  corporate/3.0/RPMS/libcurl2-7.11.0-2.1.C30mdk.i586.rpm
 695e859f8cc2ec503188722b606854d4  corporate/3.0/RPMS/libcurl2-devel-7.11.0-2.1.C30mdk.i586.rpm
 8766893d25c2fccefa90d32f9da6500e  corporate/3.0/SRPMS/curl-7.11.0-2.1.C30mdk.src.rpm

10.1 x86_64

 9cc7757d89a688c3464f1f95a260d0eb  x86_64/10.1/RPMS/curl-7.12.1-1.1.101mdk.x86_64.rpm
 37ad8e8e677c36655b36be00d0243201  x86_64/10.1/RPMS/lib64curl3-7.12.1-1.1.101mdk.x86_64.rpm
 1328bfd561b123d7c49fc68345910c24  x86_64/10.1/RPMS/lib64curl3-devel-7.12.1-1.1.101mdk.x86_64.rpm
 e140c850303eb14c12b318538f2266ce  x86_64/10.1/SRPMS/curl-7.12.1-1.1.101mdk.src.rpm

Referenzen