Revision Date: | 2014-09-08 | Version: | 4 |
Title: | SUSE-SU-2013:1165-1 -- Security update for libcurl4 |
Description: | This update of curl fixes several security issues: * libcurl URL decode buffer boundary flaw (bnc#824517 /CVE-2013-2174) * cookie domain tailmatch (bnc#814655 / CVE-2013-1944) * curl sets SSL_OP_ALL (bnc#742306 / CVE-2011-3389) * When SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG isenabled, does not properly prevent modification of theciphersuite in the session cache, which allows remoteattackers to force the downgrade to an unintended ciphervia vectors involving sniffing network traffic to discovera session identifier (CVE-2010-4180) |
Family: | unix | Class: | patch |
Status: | ACCEPTED | Reference(s): | CVE-2010-4180 CVE-2011-3389 CVE-2013-1944 CVE-2013-2174 SUSE-SU-2013:1165-1
|
Platform(s): | SUSE Linux Enterprise Desktop 10
| Product(s): | libcurl4
|
Definition Synopsis |
SUSE Linux Enterprise Desktop 10 is installed AND Packages match section
libcurl4-32bit RPM is earlier than 0:7.19.0-11.6.1
OR libcurl4 RPM is earlier than 0:7.19.0-11.6.1
|