/[advisories]/10595.adv
ViewVC logotype

Contents of /10595.adv

Parent Directory Parent Directory | Revision Log Revision Log


Revision 100 - (show annotations) (download)
Wed Jun 26 18:44:34 2013 UTC (4 years, 4 months ago) by boklm
File size: 728 byte(s)
MGASA-2013-0188
1 type: security
2 subject: Updated curl packages fix CVE-2013-2174
3 CVE:
4 - CVE-2013-2174
5 src:
6 2:
7 core:
8 - curl-7.24.0-1.2.mga2
9 3:
10 core:
11 - curl-7.28.1-6.1.mga3
12 description: |
13 libcurl is vulnerable to a case of bad checking of the input data which may
14 lead to heap corruption. The function curl_easy_unescape() decodes URL encoded
15 strings to raw binary data. URL encoded octets are represented with %HH
16 combinations where HH is a two-digit hexadecimal number. The decoded string is
17 written to an allocated memory area that the function returns to the caller
18 (CVE-2013-2174)
19 references:
20 - http://curl.haxx.se/docs/adv_20130622.html
21 - https://bugs.mageia.org/show_bug.cgi?id=10595
22 ID: MGASA-2013-0188

  ViewVC Help
Powered by ViewVC 1.1.26