Overview

File _patchinfo of Package patchinfo.3001

<patchinfo>
  <issue id="894575" tracker="bnc">VUL-0: CVE-2014-3613: curl: libcurl cookie leaks</issue>
  <issue id="895991" tracker="bnc">VUL-0: CVE-2014-3620: curl: cookies accepted for TLDs</issue>
  <issue id="CVE-2014-3620" tracker="cve" />
  <issue id="CVE-2014-3613" tracker="cve" />
  <category>security</category>
  <rating>important</rating>
  <packager>vitezslav_cizek</packager>
  <description>
libcurl was updated to fix security issues:

CVE-2014-3613: Cookies for hosts specified by numeric IP could be assigned or used for other numeric IP hosts
if portions of the numerics were the same.

CVE-2014-3620: libcurl allowed cookies to be set for toplevel domains, making them to broad.
</description>
  <summary>curl: security update</summary>
</patchinfo>
openSUSE Build Service is sponsored by
Places