Fedora Linux 8524 Published by

A new update is available for Fedora Core - [SECURITY] Fedora Core 3 Update: curl-7.12.3-5.fc3. Here the announcement:



Fedora Update Notification
FEDORA-2005-1130
2005-12-08
---------------------------------------------------------------------

Product : Fedora Core 3
Name : curl
Version : 7.12.3
Release : 5.fc3
Summary : A utility for getting files from remote servers (FTP, HTTP, and others).
Description :
cURL is a tool for getting files from FTP, HTTP, Gopher, Telnet, and
Dict servers, using any of the supported protocols. cURL is designed
to work without user interaction or any kind of interactivity. cURL
offers many useful capabilities, like proxy support, user
authentication, FTP upload, HTTP post, and file transfer resume.

---------------------------------------------------------------------
Update Information:

This package fixes a security buffer overflow bug in URL
authentication code of curl (CVE-2005-4077).
---------------------------------------------------------------------
* Thu Dec 8 2005 Ivana Varekova <varekova@redhat.com> 7.12.3-5.fc3
- fix bug 175265 – CVE-2005-4077 SA17907 cURL/libcURL URL
Parsing Off-By-One Vulnerability


---------------------------------------------------------------------
This update can be downloaded from:
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/

d77288accaa52f1a3e1e8962b1bb71bc SRPMS/curl-7.12.3-5.fc3.src.rpm
44947bef582527e53923bdc11019c845 x86_64/curl-7.12.3-5.fc3.x86_64.rpm
be3f7def626bb055d27d3774cd491ab3 x86_64/curl-devel-7.12.3-5.fc3.x86_64.rpm
3cf3db58fcec9f8d884ea622c976e3f8 x86_64/debug/curl-debuginfo-7.12.3-5.fc3.x86_64.rpm
6f8c289bf75596520d0b187a7a4f8c36 x86_64/curl-7.12.3-5.fc3.i386.rpm
6f8c289bf75596520d0b187a7a4f8c36 i386/curl-7.12.3-5.fc3.i386.rpm
64e7511fc130812f80f9998317b63f3d i386/curl-devel-7.12.3-5.fc3.i386.rpm
cb7b31af4f5604b42f975251ae2751dc i386/debug/curl-debuginfo-7.12.3-5.fc3.i386.rpm

This update can also be installed with the Update Agent; you can
launch the Update Agent with the 'up2date' command.