Date: Wed, 4 Mar 2009 18:22:31 +0200 From: Peter Pentchev <roam@ringlet.net> To: Daniel Bond <db@danielbond.org> Cc: freebsd-security@freebsd.org Subject: Re: New CURL Advisory (fixed in 7.19.4) Message-ID: <20090304162231.GA1043@straylight.m.ringlet.net> In-Reply-To: <268B6D1D-474F-4D59-AA2D-C495F2F55B67@danielbond.org> References: <268B6D1D-474F-4D59-AA2D-C495F2F55B67@danielbond.org>
next in thread | previous in thread | raw e-mail | index | archive | help
[-- Attachment #1 --] On Wed, Mar 04, 2009 at 03:29:04PM +0100, Daniel Bond wrote: > Hi, > > Noticed quite an ugly bug in CURL today: > http://curl.haxx.se/docs/adv_20090303.html > .. If you didn't see this allready :) > > here is also the CVE entry for it: > http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0037 > > Thanks to the freebsd security team for doing great work, and Neil > Blakey-Milner for maintaining this port. Yes, thanks for reporting this :) Actually, Mark Foster had already filed a PR about this, and I committed the VuXML entry a while ago. I'll update the curl port ASAP now. G'luck, Peter -- Peter Pentchev roam@ringlet.net roam@space.bg roam@FreeBSD.org PGP key: http://people.FreeBSD.org/~roam/roam.key.asc Key fingerprint FDBA FD79 C26F 3C51 C95E DF9E ED18 B68D 1619 4553 This sentence was in the past tense. [-- Attachment #2 --] -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.10 (FreeBSD) iEYEARECAAYFAkmuqscACgkQ7Ri2jRYZRVMa2QCeIQmyWEwHJrYO+Ntnb/XLISad Q1kAoJFUSeS7KdSc31GLEWM7orXyFIrn =/bK7 -----END PGP SIGNATURE-----
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20090304162231.GA1043>