curl 보안 업데이트
Web Browser 로는 FTP 접속이 불가능 합니다.
문서번호 : 1135132760
업데이트 : 2005.12.21
상세내용
CVE-2005-4077:
Multiple off-by-one errors in the cURL library (libcurl) 7.11.2 through
7.15.0 allow local users to trigger a buffer overflow and cause a denial
of service or bypass PHP security restrictions via certain URLs that (1)
are malformed in a way that prevents a terminating null byte from being
added to either a hostname or path buffer, or (2) contain a "?" separator
in the hostname portion, which causes a "/" to be prepended to the
resulting string.
Autoupdates 지원 : 지원
update 패키지
RPMS :
. curl-7.12.1-8.i686.rpm
. curl-devel-7.12.1-8.i686.rpm
SRPMS :
. curl-7.12.1-8.src.rpm
참고 :
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-4077
|