Scientific Linux Security Update : curl on SL5.x i386/x86_64

This script is Copyright (C) 2012 Tenable Network Security, Inc.

Synopsis :

The remote Scientific Linux host is missing one or more security

Description :

Wesley Miaw discovered that when deflate compression was used, libcurl
could call the registered write callback function with data exceeding
the documented limit. A malicious server could use this flaw to crash
an application using libcurl or, potentially, execute arbitrary code.
Note: This issue only affected applications using libcurl that rely on
the documented data size limit, and that copy the data to the
insufficiently sized buffer. (CVE-2010-0734)

This update also fixes the following bugs :

- when using curl to upload a file, if the connection was
broken or reset by the server during the transfer, curl
immediately started using 100% CPU and failed to
acknowledge that the transfer had failed. With this
update, curl displays an appropriate error message and
exits when an upload fails mid-transfer due to a broken
or reset connection. (BZ#479967)

- libcurl experienced a segmentation fault when attempting
to reuse a connection after performing GSS-negotiate
authentication, which in turn caused the curl program to
crash. This update fixes this bug so that reused
connections are able to be successfully established even
after GSS-negotiate authentication has been performed.

As well, this update adds the following enhancements :

- curl now supports loading Certificate Revocation Lists
(CRLs) from a Privacy Enhanced Mail (PEM) file. When
curl attempts to access sites that have had their
certificate revoked in a CRL, curl refuses access to
those sites. (BZ#532069)

- the curl(1) manual page has been updated to clarify that
the '--socks4' and '--socks5' options do not work with
the IPv6, FTPS, or LDAP protocols. (BZ#473128)

- the curl utility's program help, which is accessed by
running 'curl -h', has been updated with descriptions
for the '--ftp-account' and '--ftp-alternative-to-user'
options. (BZ#517084)

All running applications using libcurl must be restarted for the
update to take effect.

See also :

Solution :

Update the affected curl and / or curl-devel packages.

Risk factor :

Medium / CVSS Base Score : 6.8

Family: Scientific Linux Local Security Checks

Nessus Plugin ID: 60765 ()

Bugtraq ID:

CVE ID: CVE-2010-0734