New CURL Advisory (fixed in 7.19.4)
Peter Pentchev
roam at ringlet.net
Wed Mar 4 08:49:18 PST 2009
On Wed, Mar 04, 2009 at 03:29:04PM +0100, Daniel Bond wrote:
> Hi,
>
> Noticed quite an ugly bug in CURL today:
> http://curl.haxx.se/docs/adv_20090303.html
> .. If you didn't see this allready :)
>
> here is also the CVE entry for it:
> http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0037
>
> Thanks to the freebsd security team for doing great work, and Neil
> Blakey-Milner for maintaining this port.
Yes, thanks for reporting this :) Actually, Mark Foster had already
filed a PR about this, and I committed the VuXML entry a while ago.
I'll update the curl port ASAP now.
G'luck,
Peter
--
Peter Pentchev roam at ringlet.net roam at space.bg roam at FreeBSD.org
PGP key: http://people.FreeBSD.org/~roam/roam.key.asc
Key fingerprint FDBA FD79 C26F 3C51 C95E DF9E ED18 B68D 1619 4553
This sentence was in the past tense.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 196 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/freebsd-security/attachments/20090304/9f9e43bb/attachment.pgp
More information about the freebsd-security
mailing list