USN-4466-2: curl vulnerability

  • Thread starter Ubuntu security notices
  • Start date

Ubuntu security notices

USN-4466-1 fixed a vulnerability in curl. This update provides the corresponding update for Ubuntu 14.04 ESM. Original advisory details: Marc Aldorasi discovered that curl incorrectly handled the libcurl CURLOPT_CONNECT_ONLY option. This could result in data being sent to the wrong destination, possibly exposing sensitive information.

Continue reading...