Univention Bugzilla – Attachment 6939 Details for
Bug 37257
curl: Multiple issues (ES 3.1)
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
3.1-curl.txt
3.1-curl.txt (text/plain), 869 bytes, created by
Janek Walkenhorst
on 2015-06-03 14:56 CEST
(
hide
)
Description:
3.1-curl.txt
Filename:
MIME Type:
Creator:
Janek Walkenhorst
Created:
2015-06-03 14:56 CEST
Size:
869 bytes
patch
obsolete
>A new update is available for Univention Corporate Server 3.1 as >part of the extended security maintenance. >It addresses the following problem: > >Program component: curl >Reference: CVE-2014-3613 CVE-2014-3707 CVE-2015-3143 CVE-2015-3148 > CVE-2014-8150 >Fixed version: 7.21.0-7.52.201506031400 > >* Information leak in cookie handling (CVE-2014-3613) >* Information leak in curl_easy_duphandle() (CVE-2014-3707) >* Re-using authenticated connection when unauthenticated (CVE-2015-3143) >* Negotiate not treated as connection-oriented (CVE-2015-3148) >* Fix URL request injection (CVE-2014-8150) > >-- >Univention GmbH >be open. >Mary-Somerville-Str.1 >28359 Bremen >Tel. : +49 421 22232-0 >Fax : +49 421 22232-99 > ><info@univention.de> >http://www.univention.de/ > >Geschäftsführer: Peter H. Ganten >HRB 20755 Amtsgericht Bremen >Steuer-Nr.: 71-597-02876
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=6939">View the attachment on a separate page</a>.</b>
Actions:
View
Attachments on
bug 37257
: 6939