Bug #988

[v2.1] Multiple vulnerabilities in curl < 7.24.0 may allow remote code execution

Added by Leonardo Arena 4 months ago. Updated 4 months ago.

Status:Closed Start date:02/01/2012
Priority:High Due date:
Assignee:Natanael Copa % Done:

100%
Category:-
Target version:Alpine 2.1.7

Description

http://curl.haxx.se/docs/adv_20120124B.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3389

http://curl.haxx.se/docs/adv_20120124.html

Solution

- Patch: http://curl.haxx.se/curl-dont-insert-empty-fragments.patch
- Patch: http://curl.haxx.se/curl-url-sanitize.patch

Associated revisions

Revision 6e5c47e2
Added by Natanael Copa 4 months ago

main/curl: security upgrade to 7.24.0 (CVE-2011-3389, CVE-2012-0036)

fixes #988

History

#1
Updated by Leonardo Arena 4 months ago

  • Project changed from Alpine Linux to Alpine Security
  • Category deleted (Aports)

#2
Updated by Natanael Copa 4 months ago

  • Status changed from New to Resolved
  • % Done changed from 0 to 100

#3
Updated by Natanael Copa 4 months ago

  • Status changed from Resolved to Closed

#4
Updated by Natanael Copa 4 months ago

  • Project changed from Alpine Security to Alpine Linux

Also available in: Atom PDF