similar to: AST-2015-002: Mitigation for libcURL HTTP request injection vulnerability

Asterisk Project Security Advisory - AST-2015-002 Product Asterisk Summary Mitigation for libcURL HTTP request injection vulnerability Nature of Advisory HTTP request injection Susceptibility Remote

The Asterisk Development Team has announced security releases for Certified Asterisk 1.8.28 and 11.6 and Asterisk 1.8, 11, 12, and 13. The available security releases are released as versions 1.8.28.cert-4, 1.8.32.2, 11.6-cert10, 11.15.1, 12.8.1, and 13.1.1. These releases are available for immediate download at http://downloads.asterisk.org/pub/telephony/asterisk/releases The release of these

The Asterisk Development Team has announced security releases for Certified Asterisk 1.8.28 and 11.6 and Asterisk 1.8, 11, 12, and 13. The available security releases are released as versions 1.8.28.cert-4, 1.8.32.2, 11.6-cert10, 11.15.1, 12.8.1, and 13.1.1. These releases are available for immediate download at http://downloads.asterisk.org/pub/telephony/asterisk/releases The release of these

Asterisk Project Security Advisory - AST-2015-001 Product Asterisk Summary File descriptor leak when incompatible codecs are offered Nature of Advisory Resource exhaustion Susceptibility Remote

Asterisk Project Security Advisory - AST-2015-001 Product Asterisk Summary File descriptor leak when incompatible codecs are offered Nature of Advisory Resource exhaustion Susceptibility Remote

Asterisk Project Security Advisory - AST-2014-012 Product Asterisk Summary Mixed IP address families in access control lists may permit unwanted traffic. Nature of Advisory Unauthorized Access Susceptibility Remote

Asterisk Project Security Advisory - AST-2014-012 Product Asterisk Summary Mixed IP address families in access control lists may permit unwanted traffic. Nature of Advisory Unauthorized Access Susceptibility Remote

Asterisk Project Security Advisory - AST-2016-002 Product Asterisk Summary File descriptor exhaustion in chan_sip Nature of Advisory Denial of Service Susceptibility Remote Unauthenticated Sessions Severity Minor

Asterisk Project Security Advisory - AST-2014-011 Product Asterisk Summary Asterisk Susceptibility to POODLE Vulnerability Nature of Advisory Unauthorized Data Disclosure Susceptibility Remote Unauthenticated Sessions Severity Medium

Asterisk Project Security Advisory - AST-2014-011 Product Asterisk Summary Asterisk Susceptibility to POODLE Vulnerability Nature of Advisory Unauthorized Data Disclosure Susceptibility Remote Unauthenticated Sessions Severity Medium

Asterisk Project Security Advisory - AST-2016-003 Product Asterisk Summary Remote crash vulnerability when receiving UDPTL FAX data. Nature of Advisory Denial of Service Susceptibility Remote

Asterisk Project Security Advisory - AST-2016-001 Product Asterisk Summary BEAST vulnerability in HTTP server Nature of Advisory Unauthorized data disclosure due to man-in-the-middle attack Susceptibility Remote

On 27.01.2015 22:09, Skye Bender-deMoll wrote: > Dear R devel, > > Is libcurl support required to run R.devel, or is it optional? > > I'm compiling R.devel on an older Debian machine that only has libcurl > version 7.21.0 > > The R news file says > > " > Sun, 25 Jan 2015 > CHANGES IN R-devel NEW FEATURES > > Optional use of ?libcurl?

On 5 November 2015 at 11:44, Michael Coyne wrote: | What do you have installed as far as libcurl goes? Would you mind | listing your packages and greping for libcurl entries. The distribution works with proper dependencies. When R is built with libcurl, the R package already depends on libcurl: edd at max:~$ dpkg -s r-base-core | grep curl Depends: zip, unzip, libpaper-utils, xdg-utils, libblas3

The one strange thing I am now noticing is that precise does not have libcurl listed as a dependency. If you go to https://cran.r-project.org/bin/linux/ubuntu/precise/Packages and look for "libcurl" it is not listed. The other Ubuntu builds, such as trusty or wily do list it. On Thu, Nov 5, 2015 at 12:01 PM, Michael Coyne <mikeycgto at gmail.com> wrote: > Thanks for the advice.

Dear R devel, Is libcurl support required to run R.devel, or is it optional? I'm compiling R.devel on an older Debian machine that only has libcurl version 7.21.0 The R news file says " Sun, 25 Jan 2015 CHANGES IN R-devel NEW FEATURES Optional use of ?libcurl? (version 7.28.0 from Oct 2012 or later) for Internet access (including on Windows): ... CHANGES IN R-devel

I'm trying to upgrade my version of icecast to version 2 from CVS but am getting an error on autogen: checking for libcurl... no *** Could not run libcurl test program, checking why... *** The test program failed to compile or link. See the file config.log for the *** exact error that occured. This usually means libcurl was incorrectly installed *** or that you have moved libcurl since it was

Asterisk Project Security Advisory - AST-2015-003 Product Asterisk Summary TLS Certificate Common name NULL byte exploit Nature of Advisory Man in the Middle Attack Susceptibility Remote Authenticated Sessions Severity Major

Asterisk Project Security Advisory - AST-2015-003 Product Asterisk Summary TLS Certificate Common name NULL byte exploit Nature of Advisory Man in the Middle Attack Susceptibility Remote Authenticated Sessions Severity Major

On 08/25/2015 12:54 PM, Kevin Ushey wrote: > Hi all, > > The following fails for me (on OS X, although I imagine it's the same > on other platforms using libcurl): > > options(download.file.method = "libcurl") > options(repos = c(CRAN = "https://cran.rstudio.com/", CRANextra = > "http://www.stats.ox.ac.uk/pub/RWin")) >