curl 보안 업데이트
Web Browser 로는 FTP 접속이 불가능 합니다.
문서번호 : 1311091585
업데이트 : 2011.07.20
상세내용
7.12.1-17.el48 update
- fixed CVE-2011-2192
CVE-2011-2192:
The Curl_input_negotiate function in http_negotiate.c in libcurl
7.10.6 through 7.21.6, as used in curl and other products, always
performs credential delegation during GSSAPI authentication, which
allows remote servers to impersonate clients via GSSAPI requests.
Autoupdates 지원 : 지원
pkgsysupdate
"span class="title">update 패키지
RPMS :
. curl-7.12.1-17.el48.i686.rpm
. curl-devel-7.12.1-17.el48.i686.rpm
SRPMS :
. curl-7.12.1-17.el48.src.rpm
참고 :
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2192
|