From owner-freebsd-ports  Tue Oct 17  4: 5: 4 2000
Delivered-To: freebsd-ports@freebsd.org
Received: from pm1.contactor.se (gw.contactor.se [193.15.23.130])
	by hub.freebsd.org (Postfix) with ESMTP
	id 9C01437B4E5; Tue, 17 Oct 2000 04:05:00 -0700 (PDT)
Received: from localhost (dast@localhost)
	by pm1.contactor.se (8.9.3/8.9.1) with ESMTP id NAA21179;
	Tue, 17 Oct 2000 13:09:31 +0200 (MET DST)
X-Authentication-Warning: pm1.contactor.se: dast owned process doing -bs
Date: Tue, 17 Oct 2000 13:09:31 +0200 (MET DST)
From: Daniel Stenberg <daniel@haxx.se>
X-Sender: dast@pm1.contactor.se
To: kris@freebsd.org
Cc: ports@freebsd.org
Subject: curl 7.2.1 - security alert
Message-ID: <Pine.GSO.4.21.0010171303380.21055-100000@pm1.contactor.se>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-ports@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

Hi

On friday the 13th of October, there was a security alert posted to bugtraq
regarding curl:

	http://www.securityfocus.com/archive/1/139753

While that posting talked about a much earlier version, the mentioned problem
was not fixed until the recently released curl 7.4.1.

Feel free to forward his message to whom it may concern. Please consider
making the 7.4.1 package available from your ports section instead of the
currently available 7.2.1.

I am of course willing to answer to any questions regarding this or other
curl related ones.

-- 
  Daniel Stenberg -- curl project maintainer -- http://curl.haxx.se/



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-ports" in the body of the message