On Wed, Mar 04, 2009 at 03:29:04PM +0100, Daniel Bond
wrote:> Hi,
>
> Noticed quite an ugly bug in CURL today:
> http://curl.haxx.se/docs/adv_20090303.html
> .. If you didn't see this allready :)
>
> here is also the CVE entry for it:
> http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0037
>
> Thanks to the freebsd security team for doing great work, and Neil
> Blakey-Milner for maintaining this port.
Yes, thanks for reporting this :) Actually, Mark Foster had already
filed a PR about this, and I committed the VuXML entry a while ago.
I'll update the curl port ASAP now.
G'luck,
Peter
--
Peter Pentchev roam@ringlet.net roam@space.bg roam@FreeBSD.org
PGP key: http://people.FreeBSD.org/~roam/roam.key.asc
Key fingerprint FDBA FD79 C26F 3C51 C95E DF9E ED18 B68D 1619 4553
This sentence was in the past tense.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 196 bytes
Desc: not available
Url :
http://lists.freebsd.org/pipermail/freebsd-security/attachments/20090304/9f9e43bb/attachment.pgp