USN-2882-1: curl vulnerability

27 January 2016

curl would incorrectly re-use credentials.

Releases

Packages

  • curl - HTTP, HTTPS, and FTP client and client libraries

Details

Isaac Boukris discovered that curl could incorrectly re-use NTLM proxy
credentials when subsequently connecting to the same host.

Update instructions

The problem can be corrected by updating your system to the following package versions:

Ubuntu 15.10
Ubuntu 15.04
Ubuntu 14.04
Ubuntu 12.04

In general, a standard system update will make all the necessary changes.

References