This script is Copyright (C) 2015-2016 Tenable Network Security, Inc.
The remote openSUSE host is missing a security update.
Curl was updated to fix two security issues and enable metalink
The following vulnerabilities were fixed :
- CVE-2015-3236: libcurl could have wrongly send HTTP
credentials when re-using connections (boo#934501)
- CVE-2015-3237: libcurl could have been tricked by a
malicious SMB server to send off data it did not intend
The following feature was enabled :
- boo#851126: enable metalink support.
See also :
Update the affected curl packages.
Risk factor :
Medium / CVSS Base Score : 6.4