MDVSA-2013:276 -- Mandriva curlID: oval:org.secpod.oval:def:1300253 | Date: (C)2013-12-10 (M)2022-10-10 |
Class: PATCH | Family: unix |
Updated curl packages fix security vulnerability: Scott Cantor discovered that curl, a file retrieval tool, would disable the CURLOPT_SSLVERIFYHOST check when the CURLOPT_SSL_VERIFYPEER setting was disabled. This would also disable ssl certificate host name checks when it should have only disabled verification of the certificate trust chain .
Platform: |
Mandriva Enterprise Server 5.2 |