Stay Connected:

ELSA-2014-0561

ELSA-2014-0561 - curl security and bug fix update

Type:SECURITY
Severity:MODERATE
Release Date:2014-05-27

Description


[7.19.7-37.el6_5.3]
- fix re-use of wrong HTTP NTLM connection (CVE-2014-0015)
- fix connection re-use when using different log-in credentials (CVE-2014-0138)

[7.19.7-37.el6_5.2]
- fix authentication failure when server offers multiple auth options (#1096797)

[7.19.7-37.el6_5.1]
- refresh expired cookie in test172 from upstream test-suite (#1092486)
- fix a memory leak caused by write after close (#1092479)
- nss: implement non-blocking SSL handshake (#1092480)


Related CVEs


CVE-2014-0015
CVE-2014-0138

Updated Packages


Release/ArchitectureFilenameMD5sumSuperseded By Advisory
Oracle Linux 6 (i386) curl-7.19.7-37.el6_5.3.src.rpmbd2c46825cf2543929573d60d7f4abf4ELSA-2020-5561
curl-7.19.7-37.el6_5.3.i686.rpm7d90f31372a86b1cb69ddf5869aa52d6ELSA-2020-5561
libcurl-7.19.7-37.el6_5.3.i686.rpm8e1868f1fec674fbc26855aee8270b78ELSA-2020-5561
libcurl-devel-7.19.7-37.el6_5.3.i686.rpm7659d1b9a1bcf2c2825a0f460ddaef74ELSA-2020-5561
Oracle Linux 6 (x86_64) curl-7.19.7-37.el6_5.3.src.rpmbd2c46825cf2543929573d60d7f4abf4ELSA-2020-5561
curl-7.19.7-37.el6_5.3.x86_64.rpm0ec4bbc772522d203668163b3984dc0bELSA-2020-5561
libcurl-7.19.7-37.el6_5.3.i686.rpm8e1868f1fec674fbc26855aee8270b78ELSA-2020-5561
libcurl-7.19.7-37.el6_5.3.x86_64.rpm94cd240228a8b7a413a80353ddcd49deELSA-2020-5561
libcurl-devel-7.19.7-37.el6_5.3.i686.rpm7659d1b9a1bcf2c2825a0f460ddaef74ELSA-2020-5561
libcurl-devel-7.19.7-37.el6_5.3.x86_64.rpm2e00b1b68a661aa9381435ee91b68911ELSA-2020-5561



This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

software.hardware.complete
Subscribe | Careers | Contact Us | Legal Notices | Terms of Use | Your Privacy Rights