USN-2097-1: curl vulnerability
3 February 2014
libcurl could be made to expose sensitive information.
- curl - HTTP, HTTPS, and FTP client and client libraries
Paras Sethia and Yehezkel Horowitz discovered that libcurl incorrectly
reused connections when NTLM authentication was being used. This could lead
to the use of unintended credentials, possibly exposing sensitive
The problem can be corrected by updating your system to the following package versions:
In general, a standard system update will make all the necessary changes.