From: Daniel Stenberg Date: Mon, 20 Mar 2006 22:25:14 +0000 (+0000) Subject: mention today's fixes X-Git-Tag: upstream/7.37.1~10462 X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=18081e30e1b76f3bd021b42e12e4a9f4f90554e8;p=platform%2Fupstream%2Fcurl.git mention today's fixes --- diff --git a/CHANGES b/CHANGES index ab2f4ce..a67e4d5 100644 --- a/CHANGES +++ b/CHANGES @@ -6,8 +6,35 @@ Changelog +Daniel (20 March 2006) +- Dan Fandrich fixed two TFTP problems: Fixed a bug whereby a received file + whose length was a multiple of 512 bytes could have random garbage + appended. Also, stop processing TFTP packets which are too short to be + legal. + +- Ilja van Sprundel reported a possible crash in the curl tool when using + "curl hostwithoutslash -d data -G" + Version 7.15.3 (20 March 2006) +Daniel (20 March 2006) +- VULNERABILITY reported to us by Ulf Harnhammar. + + libcurl uses the given file part of a TFTP URL in a manner that allows a + malicious user to overflow a heap-based memory buffer due to the lack of + boundary check. + + This overflow happens if you pass in a URL with a TFTP protocol prefix + ("tftp://"), using a valid host and a path part that is longer than 512 + bytes. + + The affected flaw can be triggered by a redirect, if curl/libcurl is told to + follow redirects and an HTTP server points the client to a tftp URL with the + characteristics described above. + + The Common Vulnerabilities and Exposures (CVE) project has assigned the name + CVE-2006-1061 to this issue. + Daniel (16 March 2006) - Tor Arntsen provided a RPM spec file for AIX Toolbox, that now is included in the release archive. diff --git a/RELEASE-NOTES b/RELEASE-NOTES index c60bae2..619ff8c 100644 --- a/RELEASE-NOTES +++ b/RELEASE-NOTES @@ -7,7 +7,7 @@ Curl and libcurl 7.15.4 Number of public functions in libcurl: 46 Amount of public web site mirrors: 31 Number of known libcurl bindings: 32 - Number of contributors: 487 + Number of contributors: 492 This release includes the following changes: @@ -15,7 +15,8 @@ This release includes the following changes: This release includes the following bugfixes: - o + o TFTP transfers could trash data + o -d + -G combo crash Other curl-related news since the previous public release: @@ -24,6 +25,6 @@ Other curl-related news since the previous public release: This release would not have looked like this without help, code, reports and advice from friends like these: - + Dan Fandrich, Ilja van Sprundel Thanks! (and sorry if I forgot to mention someone)