LinuxSecurity.com
Share your story
The central voice for Linux and Open Source security news
Home News Topics Advisories HOWTOs Features Newsletters About Register

Welcome!
Sign up!
EnGarde Community
Login
Polls
What is the most important Linux security technology?
 
Advisories
Community
Linux Events
Linux User Groups
Link to Us
Security Center
Book Reviews
Security Dictionary
Security Tips
SELinux
White Papers
Featured Blogs
All About Linux
DanWalsh LiveJournal
Securitydistro
Latest Newsletters
Linux Security Week: September 8th, 2014
Linux Advisory Watch: September 5th, 2014
Subscribe
LinuxSecurity Newsletters
E-mail:
Choose Lists:
About our Newsletters
RSS Feeds
Get the LinuxSecurity news you want faster with RSS
Powered By

  
Fedora Core 5 Update: curl-7.15.1-3 Print E-mail
User Rating:      How can I rate this item?
Posted by Benjamin D. Thomas   
Fedora This curl update fixes security vulnerability CVE-2006-1061 - curl can overflow a heap-based memory buffer if very long TFTP URL with valid host name is passed to curl. This update fixes instalation problems on multilib architectures, too.
---------------------------------------------------------------------
Fedora Update Notification
FEDORA-2006-189
2006-03-21
---------------------------------------------------------------------

Product     : Fedora Core 5
Name        : curl
Version     : 7.15.1                      
Release     : 3                  
Summary     : A utility for getting files from remote servers (FTP, HTTP, and others).
Description :
cURL is a tool for getting files from FTP, HTTP, Gopher, Telnet, and
Dict servers, using any of the supported protocols. cURL is designed
to work without user interaction or any kind of interactivity. cURL
offers many useful capabilities, like proxy support, user
authentication, FTP upload, HTTP post, and file transfer resume.

---------------------------------------------------------------------
Update Information:

This curl update fixes security vulnerability CVE-2006-1061 - 
curl can overflow a heap-based memory buffer if very long
TFTP URL with valid host name is passed to curl.
This update fixes instalation problems on multilib
architectures, too.
---------------------------------------------------------------------
* Mon Mar 20 2006 Ivana Varekova  - 7.15.1-3
- fix multilib problem using pkg-config 
- fix cve-2006-1061 problem - cURL tftp buffer overflow
* Thu Feb 23 2006 Ivana Varekova  - 7.15.1-2
- fix multilib problem - #181290 - 
  curl-devel.i386 not installable together with curl-devel.x86-64

---------------------------------------------------------------------
This update can be downloaded from:
  http://download.fedora.redhat.com/pub/fedora/linux/core/updates/5/

22d285846edc9415777275be1a4040a182abb1b4  SRPMS/curl-7.15.1-3.src.rpm
89b873c628d9f9c3cf0e031571dba23a02ca47e1  ppc/curl-7.15.1-3.ppc.rpm
d9a98e61bddf2a976bcd0bbca3f567dd2f971b0b  ppc/curl-devel-7.15.1-3.ppc.rpm
64fd2d8247ddcea9ead35a579eacb76825a95f0e  ppc/debug/curl-debuginfo-7.15.1-3.ppc.rpm
b0f239c8622507a072776d2764be959445827487  x86_64/curl-7.15.1-3.x86_64.rpm
8240e70642da75927e081787266ce1c0dfb64fa6  x86_64/curl-devel-7.15.1-3.x86_64.rpm
b5bdf46987d7d1169b3034d2395f3129c3ab1300  x86_64/debug/curl-debuginfo-7.15.1-3.x86_64.rpm
d776e7f0b98d697ec747819d68f4fb5a97fb595c  i386/curl-7.15.1-3.i386.rpm
aafda2d4f423cf2821fb3361aadb59b8c80d63dd  i386/curl-devel-7.15.1-3.i386.rpm
d4a454a27855497b2e01a19486dd045f1a7009da  i386/debug/curl-debuginfo-7.15.1-3.i386.rpm

This update can be installed with the 'yum' update program.  Use 'yum update
package-name' at the command line.  For more information, refer to 'Managing
Software with yum,' available at http://fedora.redhat.com/docs/yum/.
---------------------------------------------------------------------

-- 
fedora-announce-list mailing list
fedora-announce-list@redhat.com
https://www.redhat.com/mailman/listinfo/fedora-announce-list
 
< Prev   Next >
    
Partner

 

Latest Features
Peter Smith Releases Linux Network Security Online
Securing a Linux Web Server
Password guessing with Medusa 2.0
Password guessing as an attack vector
Squid and Digest Authentication
Squid and Basic Authentication
Demystifying the Chinese Hacking Industry: Earning 6 Million a Night
Free Online security course (LearnSIA) - A Call for Help
What You Need to Know About Linux Rootkits
Review: A Practical Guide to Fedora and Red Hat Enterprise Linux - Fifth Edition
Weekend Edition
Apache Warns of Tomcat Remote Code Execution Vulnerability
Cloud security: We're asking the wrong questions
Partner Sponsor

Community | HOWTOs | Blogs | Features | Book Reviews | Networking
 Security Projects |  Latest News |  Newsletters |  SELinux |  Privacy |  Home
 Hardening |   About Us |   Advertise |   Legal Notice |   RSS |   Guardian Digital
(c)Copyright 2014 Guardian Digital, Inc. All rights reserved.