[devel] [cyber] I: Sisyphus-20161103 packages: +2! +73 (17599)

[Michael Shigorin]

On Thu, Nov 03, 2016 at 04:43:25AM +0000, QA Team Robot wrote:
> curl - Gets a file from a FTP, GOPHER or HTTP server
> * Wed Nov 02 2016 Anton Farygin <rider на altlinux> 7.51.0-alt1
> - new version with security fixes:
>   CVE-2016-8615: cookie injection for other servers 
>   CVE-2016-8616: case insensitive password comparison 
>   CVE-2016-8617: OOB write via unchecked multiplication 
>   CVE-2016-8618: double-free in curl_maprintf 
>   CVE-2016-8619: double-free in krb5 code 
>   CVE-2016-8620: glob parser write/read out of bounds 
>   CVE-2016-8621: curl_getdate read out of bounds 
>   CVE-2016-8622: URL unescape heap overflow via integer truncation 
>   CVE-2016-8623: Use-after-free via shared cookies 
>   CVE-2016-8624: invalid URL parsing with '#'
>   CVE-2016-8625: IDNA 2003 makes curl use wrong host
> * Thu Oct 27 2016 Vladimir D. Seleznev <vseleznv на altlinux> 7.50.3-alt2

Хорошо бы его в p8 скопировать или пересобрать.

-- 
 ---- WBR, Michael Shigorin / http://altlinux.org
  ------ http://opennet.ru / http://anna-news.info