[v2.7] curl: multiple vulnerabilities (CVE-2014-0138 CVE-2014-0139)
CVE-2014-0138 (affected versions: from libcurl 7.10.6 to and including
7.35.0):
A patch for this problem is available at:
http://curl.haxx.se/libcurl-bad-reuse.patch
Source: http://curl.haxx.se/docs/adv\_20140326A.html
CVE-2014-0139 (affected versions: from libcurl 7.1 to and including
7.35.0):
A patch for this problem is available at:
http://curl.haxx.se/libcurl-reject-cert-ip-wildcards.patch
Source: http://curl.haxx.se/docs/adv\_20140326B.html
(from redmine: issue id 2820, created on 2014-04-03, closed on 2014-04-21)
- Relations:
- parent #2816 (closed)