advisories/16140.adv

type: security
subject: Updated curl package fixes security vulnerability
CVE:
 - CVE-2015-3236
 - CVE-2015-3237
src:
  5:
   core:
     - curl-7.40.0-3.1.mga5
description: |
  libcurl can wrongly send HTTP credentials when re-using connections. Even
  if the handle for an HTTP connection is reset, it retains the credentials,
  which can cause them to be unintentionally leaked in subsequent requests
  (CVE-2015-3236).

  libcurl can get tricked by a malicious SMB server to send off data it did
  not intend to. A malicious SMB server can use this to access arbitrary
  process memory, or to crash the client, causing a denial of service
  (CVE-2015-3237).
references:
 - https://bugs.mageia.org/show_bug.cgi?id=16140
 - http://curl.haxx.se/docs/adv_20150617A.html
 - http://curl.haxx.se/docs/adv_20150617B.html
ID: MGASA-2015-0263
1	type: security
2	subject: Updated curl package fixes security vulnerability
3	CVE:
4	- CVE-2015-3236
5	- CVE-2015-3237
6	src:
7	5:
8	core:
9	- curl-7.40.0-3.1.mga5
10	description: \|
11	libcurl can wrongly send HTTP credentials when re-using connections. Even
12	if the handle for an HTTP connection is reset, it retains the credentials,
13	which can cause them to be unintentionally leaked in subsequent requests
14	(CVE-2015-3236).
15
16	libcurl can get tricked by a malicious SMB server to send off data it did
17	not intend to. A malicious SMB server can use this to access arbitrary
18	process memory, or to crash the client, causing a denial of service
19	(CVE-2015-3237).
20	references:
21	- https://bugs.mageia.org/show_bug.cgi?id=16140
22	- http://curl.haxx.se/docs/adv_20150617A.html
23	- http://curl.haxx.se/docs/adv_20150617B.html
24	ID: MGASA-2015-0263