Parent Directory
| 
Revision Log
Adding sec advisory for curl mga#10595
| 1 | claire | 78 | type: security |
| 2 | subject: Updated curl packages fix CVE-2013-2174 | ||
| 3 | CVE: | ||
| 4 | - CVE-2013-2174 | ||
| 5 | src: | ||
| 6 | 2: | ||
| 7 | core: | ||
| 8 | - curl-7.24.0-1.2.mga2 | ||
| 9 | 3: | ||
| 10 | core: | ||
| 11 | - curl-7.28.1-6.1.mga3 | ||
| 12 | description: | | ||
| 13 | libcurl is vulnerable to a case of bad checking of the input data which may | ||
| 14 | lead to heap corruption. The function curl_easy_unescape() decodes URL encoded | ||
| 15 | strings to raw binary data. URL encoded octets are represented with %HH | ||
| 16 | combinations where HH is a two-digit hexadecimal number. The decoded string is | ||
| 17 | written to an allocated memory area that the function returns to the caller | ||
| 18 | (CVE-2013-2174) | ||
| 19 | references: | ||
| 20 | - http://curl.haxx.se/docs/adv_20130622.html | ||
| 21 | - https://bugs.mageia.org/show_bug.cgi?id=10595 |
| ViewVC Help | |
| Powered by ViewVC 1.1.30 |