[El-errata] ELSA-2014-0561 Moderate: Oracle Linux 6 curl security and bug fix update
Errata Announcements for Oracle Linux
el-errata at oss.oracle.com
Tue May 27 16:05:13 PDT 2014
Oracle Linux Security Advisory ELSA-2014-0561
https://rhn.redhat.com/errata/RHSA-2014-0561.html
The following updated rpms for Oracle Linux 6 have been uploaded to the
Unbreakable Linux Network:
i386:
curl-7.19.7-37.el6_5.3.i686.rpm
libcurl-7.19.7-37.el6_5.3.i686.rpm
libcurl-devel-7.19.7-37.el6_5.3.i686.rpm
x86_64:
curl-7.19.7-37.el6_5.3.x86_64.rpm
libcurl-7.19.7-37.el6_5.3.i686.rpm
libcurl-7.19.7-37.el6_5.3.x86_64.rpm
libcurl-devel-7.19.7-37.el6_5.3.i686.rpm
libcurl-devel-7.19.7-37.el6_5.3.x86_64.rpm
SRPMS:
http://oss.oracle.com/ol6/SRPMS-updates/curl-7.19.7-37.el6_5.3.src.rpm
Description of changes:
[7.19.7-37.el6_5.3]
- fix re-use of wrong HTTP NTLM connection (CVE-2014-0015)
- fix connection re-use when using different log-in credentials
(CVE-2014-0138)
[7.19.7-37.el6_5.2]
- fix authentication failure when server offers multiple auth options
(#1096797)
[7.19.7-37.el6_5.1]
- refresh expired cookie in test172 from upstream test-suite (#1092486)
- fix a memory leak caused by write after close (#1092479)
- nss: implement non-blocking SSL handshake (#1092480)
More information about the El-errata
mailing list