Home page logo
/

oss-sec logo oss-sec mailing list archives

Re: CVE request: Curl insecure usage
From: Kurt Seifried <kseifried () redhat com>
Date: Thu, 27 Dec 2012 10:34:34 -0700

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 12/26/2012 04:38 AM, Moritz Muehlenhoff wrote:
On Thu, Nov 29, 2012 at 10:44:36PM +0100, Moritz Mühlenhoff wrote:
Also can someone collate and post a list of all the other apps
using curl insecurely and need CVE's with appropriate links to
the upstreams/etc? Thanks.

There are some, which are potentially affected, but where
discussion with upstream is still pending.

Here are two more, please assign CVE IDs (both discovered by 
Alessandro Ghedini):

1. Falcon programming language: 
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=696681

Please use CVE-2012-6070 for this issue.

2. NuSOAP PHP package: 
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=696707

Please use CVE-2012-6071 for this issue.

Cheers, Moritz




- -- 
Kurt Seifried Red Hat Security Response Team (SRT)
PGP: 0x5E267993 A90B F995 7350 148F 66BF 7554 160D 4553 5E26 7993
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
Comment: Using GnuPG with undefined - http://www.enigmail.net/

iQIcBAEBAgAGBQJQ3IaqAAoJEBYNRVNeJnmTM7gQAI0notT9HWHAejaFh0wX5eV3
t/DThiMq41KvczOLibEdyjuOnS4aVfrlwaj/oNs36m4YprDoU9Ggh18gGboC7/5s
eRhfdzYy9lmhCKhq2mjG3IJVZKfZBCC670dlAvOHPdjEOH6/5Te+ZHhzPNlwYy5Z
uTIL3SJDxH9uUTsA2g5AydZNlNB5tv52Vr8vrVlqXgRxJPn7GeXXoHozFbwf9MJ+
2dsCiXaoZAUIJPacZqwVdtR0lBxD8VPw9rH3/f5KNG8NwzAjtkKy5rT3UcKmv14c
cXzbJi+9tT6VV7+mCukImoO/GNbx637O/cU8/J3yz8NTFDSHStJn6KKzA9sAuy0m
PyYGphOLHAQZRduTE5qGBN0HAVHpaROY6vIZLeSyq2wrG+G56wzOgzaNS90FTUJc
Dn5ScEZOoy6mwKnO2B1m48NLYE8KdHUPcxjzeEv0oIH1kyvVh+D2UfUP6Q7zPvaG
oMuU0R15HnsCQpVYJtiqAHXNb8O1iQi8TSPbQrrr5/FQthGZPi1m04RNEsrahfat
a+l6SjvcgzHf5CmRjKs9n21jbUt/95UiXTKg9ZpLTPqBM6K8JTnhK6NnK72FGvDg
u4iY2ART4UAM52d5U0p0yYUB2kgRVc59dl2Zn5CXsO+qL8IHeSGjMvYzQeglvpAS
XokT44eCQNLJZuIyyAZE
=XOex
-----END PGP SIGNATURE-----


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault