USN-1894-1: curl vulnerability
2 July 2013
libcurl could be made to crash or run programs as your login if it received specially crafted input.
- curl - HTTP, HTTPS, and FTP client and client libraries
Timo Sirainen discovered that libcurl incorrectly handled memory when
parsing URL encoded strings. An attacker could possibly use this issue to
cause libcurl to crash, leading to a denial of service, or execute
The problem can be corrected by updating your system to the following package versions:
In general, a standard system update will make all the necessary changes.