You are here
Home > Preporuke > Ranjivosti programskog paketa mingw-curl

Ranjivosti programskog paketa mingw-curl

  • Detalji os-a: FED
  • Važnost: IMP
  • Operativni sustavi: L
  • Kategorije: LFE

Fedora Update Notification
2015-04-26 07:26:06

Name : mingw-curl
Product : Fedora 21
Version : 7.42.0
Release : 1.fc21
Summary : MinGW Windows port of curl and libcurl
Description :
cURL is a tool for getting files from HTTP, FTP, FILE, LDAP, LDAPS,
DICT, TELNET and TFTP servers, using any of the supported protocols.
cURL is designed to work without user interaction or any kind of
interactivity. cURL offers many useful capabilities, like proxy
support, user authentication, FTP upload, HTTP post, and file transfer

This is the MinGW cross-compiled Windows library.

Update Information:

Update to 7.42.0 which fixes various CVE’s

* Fri Apr 24 2015 Erik van Pienbroek <> – 7.42.0-1
– Update to 7.42.0
– Fixes CVE-2015-3143, CVE-2015-3144, CVE-2015-3145, CVE-2015-3148 (RHBZ #1214795 #1214796)
– Fixes CVE-2014-8150 (RHBZ #1180063 #1180064)
* Tue Dec 23 2014 Erik van Pienbroek <> – 7.39.0-1
– Update to 7.39.0
– Fixes CVE-2014-3707 (RHBZ #1160724)
– Fixes CVE-2014-3620 CVE-2014-3613 (RHBZ #1140037)

[ 1 ] Bug #1180063 – CVE-2014-8150 mingw-curl: curl: URL request injection vulnerability in parseurlandfillconn() [fedora-all]
[ 2 ] Bug #1214795 – CVE-2015-3143 CVE-2015-3148 CVE-2015-3145 CVE-2015-3144 mingw-curl: various flaws [fedora-all]

This update can be installed with the “yum” update program. Use
su -c ‘yum update mingw-curl’ at the command line.
For more information, refer to “Managing Software with yum”,
available at

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
package-announce mailing list

AutorTomislav Protega
Cert idNCERT-REF-2015-05-0008-ADV
CveCVE-2015-3143 CVE-2015-3144 CVE-2015-3145 CVE-2015-3148 CVE-2014-8150 CVE-2014-3707 CVE-2014-3620 CVE-2014-3613
ID izvornikaFEDORA-2015-6853
More in Preporuke
Ranjivosti programskog paketa mingw-openssl

Otkriveno je više ranjivosti u programskom paketu mingw-openssl za Fedoru. Ranjivosti su uzrokovane brojnim nepravilnostima, a što se odnosi na...