- Vulnerability/
- RHSA-2010:0273
RHSA-2010:0273: Moderate: curl security, bug fix and enhancement update
First published: Tue Mar 30 2010(Updated: )
cURL is a tool for getting files from FTP, HTTP, Gopher, Telnet, and DICT<br>servers, using any of the supported protocols. cURL is designed to work<br>without user interaction or any kind of interactivity.<br>Wesley Miaw discovered that when deflate compression was used, libcurl<br>could call the registered write callback function with data exceeding the<br>documented limit. A malicious server could use this flaw to crash an<br>application using libcurl or, potentially, execute arbitrary code. Note:<br>This issue only affected applications using libcurl that rely on the<br>documented data size limit, and that copy the data to the insufficiently<br>sized buffer. (CVE-2010-0734)<br>This update also fixes the following bugs:<br><li> when using curl to upload a file, if the connection was broken or reset</li> by the server during the transfer, curl immediately started using 100% CPU<br>and failed to acknowledge that the transfer had failed. With this update,<br>curl displays an appropriate error message and exits when an upload fails<br>mid-transfer due to a broken or reset connection. (BZ#479967)<br><li> libcurl experienced a segmentation fault when attempting to reuse a</li> connection after performing GSS-negotiate authentication, which in turn<br>caused the curl program to crash. This update fixes this bug so that reused<br>connections are able to be successfully established even after<br>GSS-negotiate authentication has been performed. (BZ#517199)<br>As well, this update adds the following enhancements:<br><li> curl now supports loading Certificate Revocation Lists (CRLs) from a</li> Privacy Enhanced Mail (PEM) file. When curl attempts to access sites that<br>have had their certificate revoked in a CRL, curl refuses access to those<br>sites. (BZ#532069)<br><li> the curl(1) manual page has been updated to clarify that the "--socks4"</li> and "--socks5" options do not work with the IPv6, FTPS, or LDAP protocols.<br>(BZ#473128)<br><li> the curl utility's program help, which is accessed by running "curl -h",</li> has been updated with descriptions for the "--ftp-account" and<br>"--ftp-alternative-to-user" options. (BZ#517084)<br>Users of curl should upgrade to these updated packages, which contain<br>backported patches to correct these issues and add these enhancements. All<br>running applications using libcurl must be restarted for the update to take<br>effect.
| Affected Software | Affected Version | How to fix |
|---|---|---|
| redhat/curl | <7.15.5-9.el5 | 7.15.5-9.el5 |
| redhat/curl | <7.15.5-9.el5 | 7.15.5-9.el5 |
| redhat/curl-devel | <7.15.5-9.el5 | 7.15.5-9.el5 |
| redhat/curl-devel | <7.15.5-9.el5 | 7.15.5-9.el5 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=479967
- https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=517084
- https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=517199
- https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=563220
- http://www.redhat.com/security/updates/classification/#moderate
- https://access.redhat.com/errata/RHSA-2010:0273 (Advisory)
- agent/description
- agent/event
- agent/first-publish-date
- agent/last-modified-date
- agent/references
- agent/remedy
- agent/severity
- agent/softwarecombine
- agent/tags
- agent/title
- agent/type
- collector/redhat-errata
- source/Red Hat
- anchor-id/RHSA-2010:0273
- agent/software-canonical-lookup
- package-manager/redhat