/[advisories]/10595.adv
ViewVC logotype

Annotation of /10595.adv

Parent Directory Parent Directory | Revision Log Revision Log


Revision 78 - (hide annotations) (download)
Wed Jun 26 10:02:26 2013 UTC (7 years, 4 months ago) by claire
File size: 708 byte(s)
Adding sec advisory for curl mga#10595
1 claire 78 type: security
2     subject: Updated curl packages fix CVE-2013-2174
3     CVE:
4     - CVE-2013-2174
5     src:
6     2:
7     core:
8     - curl-7.24.0-1.2.mga2
9     3:
10     core:
11     - curl-7.28.1-6.1.mga3
12     description: |
13     libcurl is vulnerable to a case of bad checking of the input data which may
14     lead to heap corruption. The function curl_easy_unescape() decodes URL encoded
15     strings to raw binary data. URL encoded octets are represented with %HH
16     combinations where HH is a two-digit hexadecimal number. The decoded string is
17     written to an allocated memory area that the function returns to the caller
18     (CVE-2013-2174)
19     references:
20     - http://curl.haxx.se/docs/adv_20130622.html
21     - https://bugs.mageia.org/show_bug.cgi?id=10595

  ViewVC Help
Powered by ViewVC 1.1.28