UbuntuUpdates.org

Bugs fixes in "curl"

Origin Bug number Title Date fixed
CVE CVE-2014-3143 RESERVED 2016-02-01
CVE CVE-2014-0015 cURL and libcurl 7.10.6 through 7.34.0, when more than one authentication method is enabled, re-uses NTLM connections, which might allow context-depe 2016-02-01
CVE CVE-2016-0755 NTLM credentials not-checked for proxy connection re-use 2016-01-27
CVE CVE-2016-0755 NTLM credentials not-checked for proxy connection re-use 2016-01-27
CVE CVE-2014-3143 RESERVED 2016-01-27
CVE CVE-2014-0015 cURL and libcurl 7.10.6 through 7.34.0, when more than one authentication method is enabled, re-uses NTLM connections, which might allow context-depe 2016-01-27
CVE CVE-2016-0755 NTLM credentials not-checked for proxy connection re-use 2016-01-27
CVE CVE-2015-3148 cURL and libcurl 7.10.6 through 7.41.0 does not properly re-use authenticated Negotiate connections, which allows remote attackers to connect as othe 2015-04-30
CVE CVE-2015-3143 cURL and libcurl 7.10.6 through 7.41.0 does not properly re-use NTLM connections, which allows remote attackers to connect as other users via an unau 2015-04-30
CVE CVE-2015-3148 cURL and libcurl 7.10.6 through 7.41.0 does not properly re-use authenticated Negotiate connections, which allows remote attackers to connect as othe 2015-04-30
CVE CVE-2015-3143 cURL and libcurl 7.10.6 through 7.41.0 does not properly re-use NTLM connections, which allows remote attackers to connect as other users via an unau 2015-04-30
CVE CVE-2015-3148 cURL and libcurl 7.10.6 through 7.41.0 does not properly re-use authenticated Negotiate connections, which allows remote attackers to connect as othe 2015-04-30
CVE CVE-2015-3143 cURL and libcurl 7.10.6 through 7.41.0 does not properly re-use NTLM connections, which allows remote attackers to connect as other users via an unau 2015-04-30
CVE CVE-2015-3148 cURL and libcurl 7.10.6 through 7.41.0 does not properly re-use authenticated Negotiate connections, which allows remote attackers to connect as othe 2015-04-30
CVE CVE-2015-3143 cURL and libcurl 7.10.6 through 7.41.0 does not properly re-use NTLM connections, which allows remote attackers to connect as other users via an unau 2015-04-30
CVE CVE-2014-8150 URL request injection 2015-01-15
CVE CVE-2014-8150 URL request injection 2015-01-15
CVE CVE-2014-8150 URL request injection 2015-01-15
CVE CVE-2014-8150 URL request injection 2015-01-15
CVE CVE-2014-3707 duphandle read out of bounds 2014-11-10



About   -   Send Feedback to @ubuntu_updates