Oval Definition:	oval:org.mitre.oval:def:25193
Revision Date: 2014-09-08 Version: 4 Title: SUSE-SU-2013:1165-1 -- Security update for libcurl4 Description: This update of curl fixes several security issues: * libcurl URL decode buffer boundary flaw (bnc#824517 /CVE-2013-2174) * cookie domain tailmatch (bnc#814655 / CVE-2013-1944) * curl sets SSL_OP_ALL (bnc#742306 / CVE-2011-3389) * When SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG isenabled, does not properly prevent modification of theciphersuite in the session cache, which allows remoteattackers to force the downgrade to an unintended ciphervia vectors involving sniffing network traffic to discovera session identifier (CVE-2010-4180) Family: unix Class: patch Status: ACCEPTED Reference(s): CVE-2010-4180 CVE-2011-3389 CVE-2013-1944 CVE-2013-2174 SUSE-SU-2013:1165-1 Platform(s): SUSE Linux Enterprise Desktop 10 Product(s): libcurl4 Definition Synopsis SUSE Linux Enterprise Desktop 10 is installed AND Packages match section libcurl4-32bit RPM is earlier than 0:7.19.0-11.6.1 OR libcurl4 RPM is earlier than 0:7.19.0-11.6.1
BACK