Mandriva Linux Security Advisory : curl (MDVSA-2013:276)
Medium Nessus Plugin ID 71030
SynopsisThe remote Mandriva Linux host is missing one or more security updates.
DescriptionUpdated curl packages fix security vulnerability :
Scott Cantor discovered that curl, a file retrieval tool, would disable the CURLOPT_SSLVERIFYHOST check when the CURLOPT_SSL_VERIFYPEER setting was disabled. This would also disable ssl certificate host name checks when it should have only disabled verification of the certificate trust chain (CVE-2013-4545).
SolutionUpdate the affected packages.