Overview

File _patchinfo of Package patchinfo.import5702

<patchinfo incident="curl" version="5702">
  <issue tracker="bnc" id="740452" />
  <issue tracker="bnc" id="742306" />
  <issue tracker="CVE" id="CVE-2012-0036" />
  <issue tracker="CVE" id="CVE-2011-3389" />
  <issue tracker="CVE" id="CVE-2010-4180" />
  <category>security</category>
  <rating>low</rating>
  <summary>Fixing curl URL sanitizing vulnerability and SSL weakness</summary>
  <description>The following vulnerabilities have been fixed in curl:

- IMAP, POP3 and SMTP URL sanitization vulnerability
  (CVE-2012-0036)
- disable SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS (CVE-2011-3389)
- disable SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG option
  for older openssl versions (CVE-2010-4180)
</description>
  <packager>adrianSuSE</packager>
</patchinfo>
openSUSE Build Service is sponsored by
Places