curl: security update
libcurl was updated to fix security issues:
CVE-2014-3613: Cookies for hosts specified by numeric IP could be assigned or used for other numeric IP hosts
if portions of the numerics were the same.
CVE-2014-3620: libcurl allowed cookies to be set for toplevel domains, making them to broad.
-
Submitted by
Vítězslav Čížek (vitezslav_cizek)
Fixed bugs
bnc#894575
VUL-0: CVE-2014-3613: curl: libcurl cookie leaks
bnc#895991
VUL-0: CVE-2014-3620: curl: cookies accepted for TLDs
