Your submission was sent successfully! Close

USN-3554-2: curl vulnerability

1 February 2018

curl could be made to expose sensitive information.



  • curl - HTTP, HTTPS, and FTP client and client libraries


USN-3554-1 fixed vulnerabilities in curl. This update
provides the corresponding update for Ubuntu 12.04 ESM.

Original advisory details:

It was discovered that curl could accidentally leak authentication data.
An attacker could possibly use this to get access to sensitive information.

Update instructions

The problem can be corrected by updating your system to the following package versions:

Ubuntu 12.04

In general, a standard system update will make all the necessary changes.


Related notices

  • USN-3554-1: libcurl3-gnutls, libcurl3, libcurl3-nss, libcurl4-nss-dev, curl-udeb, libcurl3-udeb, curl, libcurl4-gnutls-dev, libcurl4-doc, libcurl4-openssl-dev