A new update is available for Fedora Core - [SECURITY] Fedora Core 4 Update: curl-7.13.1-4.fc4. Here the announcement:
Fedora Update Notification
FEDORA-2005-1129
2005-12-08
---------------------------------------------------------------------
Product : Fedora Core 4
Name : curl
Version : 7.13.1
Release : 4.fc4
Summary : A utility for getting files from remote servers (FTP, HTTP, and others).
Description :
cURL is a tool for getting files from FTP, HTTP, Gopher, Telnet, and
Dict servers, using any of the supported protocols. cURL is designed
to work without user interaction or any kind of interactivity. cURL
offers many useful capabilities, like proxy support, user
authentication, FTP upload, HTTP post, and file transfer resume.
---------------------------------------------------------------------
Update Information:
This package fixes a security buffer overflow bug in URL
authentication code of curl (CVE-2005-4077).
---------------------------------------------------------------------
* Thu Dec 8 2005 Ivana Varekova <varekova@redhat.com> 7.13.1-4.fc4
- fix bug 175265 - CVE-2005-4077 SA17907 cURL/libcURL
URL Parsing Off-By-One Vulnerability
* Wed Oct 19 2005 Ivana Varekova <varekova@redhat.com> 7.13.1-4
- fix bug 170682 - CAN-2005-3185 NTLM buffer overflow
(this change is only in cvs - not build and not create update)
---------------------------------------------------------------------
This update can be downloaded from:
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/4/
74b3bde858c6abdf1f6173ea3458ebd5 SRPMS/curl-7.13.1-4.fc4.src.rpm
8cea2486a41145f679f874ee2b34a95a ppc/curl-7.13.1-4.fc4.ppc.rpm
f9073446909237a740d65c91e07c0b19 ppc/curl-devel-7.13.1-4.fc4.ppc.rpm
29605be75615315af71cdbd630415c9e ppc/debug/curl-debuginfo-7.13.1-4.fc4.ppc.rpm
c1b306563f458643580eda3dde3c005c ppc/curl-7.13.1-4.fc4.ppc64.rpm
06a2524c2d80370fa476638e4c533eaf x86_64/curl-7.13.1-4.fc4.x86_64.rpm
d79a0c56021eb3c9bb330bf9b5bba02c x86_64/curl-devel-7.13.1-4.fc4.x86_64.rpm
08f9f0fd6d073a56f66256e431b3cdee x86_64/debug/curl-debuginfo-7.13.1-4.fc4.x86_64.rpm
d837fbe6934a6cf6b93400229a8957f5 x86_64/curl-7.13.1-4.fc4.i386.rpm
d837fbe6934a6cf6b93400229a8957f5 i386/curl-7.13.1-4.fc4.i386.rpm
46eeb963c21692012022757a0a2b134d i386/curl-devel-7.13.1-4.fc4.i386.rpm
81f4181f4bf33ebcb4a31946bfd1b26b i386/debug/curl-debuginfo-7.13.1-4.fc4.i386.rpm
This update can also be installed with the Update Agent; you can
launch the Update Agent with the 'up2date' command.