Parent Directory | Revision Log
Adding sec advisory for curl mga#10595
1 | type: security |
2 | subject: Updated curl packages fix CVE-2013-2174 |
3 | CVE: |
4 | - CVE-2013-2174 |
5 | src: |
6 | 2: |
7 | core: |
8 | - curl-7.24.0-1.2.mga2 |
9 | 3: |
10 | core: |
11 | - curl-7.28.1-6.1.mga3 |
12 | description: | |
13 | libcurl is vulnerable to a case of bad checking of the input data which may |
14 | lead to heap corruption. The function curl_easy_unescape() decodes URL encoded |
15 | strings to raw binary data. URL encoded octets are represented with %HH |
16 | combinations where HH is a two-digit hexadecimal number. The decoded string is |
17 | written to an allocated memory area that the function returns to the caller |
18 | (CVE-2013-2174) |
19 | references: |
20 | - http://curl.haxx.se/docs/adv_20130622.html |
21 | - https://bugs.mageia.org/show_bug.cgi?id=10595 |
ViewVC Help | |
Powered by ViewVC 1.1.30 |