[v2.1] Multiple vulnerabilities in curl < 7.24.0 may allow remote code execution
http://curl.haxx.se/docs/adv\_20120124B.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3389
http://curl.haxx.se/docs/adv\_20120124.html
Solution
- Patch: http://curl.haxx.se/curl-dont-insert-empty-fragments.patch
(from redmine: issue id 988, created on 2012-02-01, closed on 2012-02-03)
- Changesets:
- Revision 6e5c47e2 by Natanael Copa on 2012-02-02T15:38:37Z:
main/curl: security upgrade to 7.24.0 (CVE-2011-3389, CVE-2012-0036)
fixes #988