- Detalji os-a: FED
- Važnost: IMP
- Operativni sustavi: L
- Kategorije: LFE
——————————————————————————–
Fedora Update Notification
FEDORA-2014-17601
2014-12-25 04:36:17
——————————————————————————–
Name : mingw-curl
Product : Fedora 21
Version : 7.39.0
Release : 1.fc21
URL : http://curl.haxx.se/
Summary : MinGW Windows port of curl and libcurl
Description :
cURL is a tool for getting files from HTTP, FTP, FILE, LDAP, LDAPS,
DICT, TELNET and TFTP servers, using any of the supported protocols.
cURL is designed to work without user interaction or any kind of
interactivity. cURL offers many useful capabilities, like proxy
support, user authentication, FTP upload, HTTP post, and file transfer
resume.
This is the MinGW cross-compiled Windows library.
——————————————————————————–
Update Information:
* Update to 7.39.0
——————————————————————————–
ChangeLog:
* Tue Dec 23 2014 Erik van Pienbroek <epienbro@fedoraproject.org> – 7.39.0-1
– Update to 7.39.0
– Fixes CVE-2014-3707 (RHBZ #1160724)
– Fixes CVE-2014-3620 CVE-2014-3613 (RHBZ #1140037)
——————————————————————————–
References:
[ 1 ] Bug #1160724 – CVE-2014-3707 mingw-curl: curl: incorrect handle duplication after COPYPOSTFIELDS [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1160724
[ 2 ] Bug #1140037 – CVE-2014-3620 CVE-2014-3613 mingw-curl: various flaws [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1140037
——————————————————————————–
This update can be installed with the “yum” update program. Use
su -c ‘yum update mingw-curl’ at the command line.
For more information, refer to “Managing Software with yum”,
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
——————————————————————————–
_______________________________________________
package-announce mailing list
package-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/package-announce
——————————————————————————–
Fedora Update Notification
FEDORA-2014-17596
2014-12-25 04:36:05
——————————————————————————–
Name : mingw-curl
Product : Fedora 20
Version : 7.39.0
Release : 1.fc20
URL : http://curl.haxx.se/
Summary : MinGW Windows port of curl and libcurl
Description :
cURL is a tool for getting files from HTTP, FTP, FILE, LDAP, LDAPS,
DICT, TELNET and TFTP servers, using any of the supported protocols.
cURL is designed to work without user interaction or any kind of
interactivity. cURL offers many useful capabilities, like proxy
support, user authentication, FTP upload, HTTP post, and file transfer
resume.
This is the MinGW cross-compiled Windows library.
——————————————————————————–
Update Information:
* Update to 7.39.0
——————————————————————————–
ChangeLog:
* Tue Dec 23 2014 Erik van Pienbroek <epienbro@fedoraproject.org> – 7.39.0-1
– Update to 7.39.0
– Fixes CVE-2014-3707 (RHBZ #1160724)
– Fixes CVE-2014-3620 CVE-2014-3613 (RHBZ #1140037)
* Sat Jun 7 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> – 7.37.0-2
– Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
* Thu May 29 2014 Erik van Pienbroek <epienbro@fedoraproject.org> – 7.37.0-1
– Update to 7.37.0
– Fixes CVE-2014-0138 and CVE-2014-0139 (RHBZ #1080880)
* Wed Nov 20 2013 Erik van Pienbroek <epienbro@fedoraproject.org> – 7.33.0-1
– Update to 7.33.0
– Fixes CVE-2013-4545, RHBZ #1031429
——————————————————————————–
References:
[ 1 ] Bug #1140037 – CVE-2014-3620 CVE-2014-3613 mingw-curl: various flaws [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1140037
[ 2 ] Bug #1160724 – CVE-2014-3707 mingw-curl: curl: incorrect handle duplication after COPYPOSTFIELDS [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1160724
——————————————————————————–
This update can be installed with the “yum” update program. Use
su -c ‘yum update mingw-curl’ at the command line.
For more information, refer to “Managing Software with yum”,
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
——————————————————————————–
_______________________________________________
package-announce mailing list
package-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/package-announce
| Autor | Tomislav Protega |
| Cert id | NCERT-REF-2015-01-0012-ADV |
| Cve | CVE-2014-3707 CVE-2014-3620 CVE-2014-3613 CVE-2014-0138 CVE-2014-0139 CVE-2013-4545 |
| ID izvornika | FEDORA-2014-17601 FEDORA-2014-17596 |
| Proizvod | mingw-curl |
| Izvor | http://www.redhat.com |
