A vulnerability in the versions of curl used in VL 5.9, VL 5.9.1 and VL 6.0 can allow files to be redirected in an inappropriate way. For details see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0037
New packages close this vulnerability.UPDATE:
New curl packages for VL 5.9, VL 5.9.1 and VL 6.0 are now available in the testing repository. They will be moved to patches once we have had adequate user testing.
« Last Edit: March 14, 2009, 06:52:18 pm by caitlyn »
eMachines EL-1300G desktop, 1.6GHz AMD Athlon 2650e CPU, 4GB RAM, nVidia GeForce 6150 SE video
CentOS 6.5 (will try VL64-7.1 soon)
Toshiba Satellite A135-S4727, Intel Pentium T2080 / 1.73 GHz, 2GB RAM, Intel GMA 950
HP Mini 110 netbook, 1.6GHz Intel Atom CPU, 2GB RAM, Intel 950 video, VL 7.1