From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <mike@altlinux.org>
Date: Thu, 3 Nov 2016 14:39:26 +0300
From: Michael Shigorin <mike@altlinux.org>
To: devel@lists.altlinux.org
Message-ID: <20161103113926.GC5377@imap.altlinux.org>
References: <20161103044325.GA2782@gyle.altlinux.org>
MIME-Version: 1.0
Content-Type: text/plain; charset=koi8-r
Content-Disposition: inline
Content-Transfer-Encoding: 8bit
In-Reply-To: <20161103044325.GA2782@gyle.altlinux.org>
User-Agent: Mutt/1.5.23.88.hg577987ca2d02 (2014-03-12)
Subject: Re: [devel] [cyber] I: Sisyphus-20161103 packages: +2! +73 (17599)
X-BeenThere: devel@lists.altlinux.org
X-Mailman-Version: 2.1.12
Precedence: list
Reply-To: ALT Linux Team development discussions <devel@lists.altlinux.org>
List-Id: ALT Linux Team development discussions <devel.lists.altlinux.org>
List-Unsubscribe: <https://lists.altlinux.org/mailman/options/devel>,
 <mailto:devel-request@lists.altlinux.org?subject=unsubscribe>
List-Archive: <http://lists.altlinux.org/pipermail/devel>
List-Post: <mailto:devel@lists.altlinux.org>
List-Help: <mailto:devel-request@lists.altlinux.org?subject=help>
List-Subscribe: <https://lists.altlinux.org/mailman/listinfo/devel>,
 <mailto:devel-request@lists.altlinux.org?subject=subscribe>
X-List-Received-Date: Thu, 03 Nov 2016 11:39:27 -0000
Archived-At: <http://lore.altlinux.org/devel/20161103113926.GC5377@imap.altlinux.org/>
List-Archive: <http://lore.altlinux.org/devel/>
List-Post: <mailto:devel@altlinux.org>

On Thu, Nov 03, 2016 at 04:43:25AM +0000, QA Team Robot wrote:
> curl - Gets a file from a FTP, GOPHER or HTTP server
> * Wed Nov 02 2016 Anton Farygin <rider@altlinux> 7.51.0-alt1
> - new version with security fixes:
>   CVE-2016-8615: cookie injection for other servers 
>   CVE-2016-8616: case insensitive password comparison 
>   CVE-2016-8617: OOB write via unchecked multiplication 
>   CVE-2016-8618: double-free in curl_maprintf 
>   CVE-2016-8619: double-free in krb5 code 
>   CVE-2016-8620: glob parser write/read out of bounds 
>   CVE-2016-8621: curl_getdate read out of bounds 
>   CVE-2016-8622: URL unescape heap overflow via integer truncation 
>   CVE-2016-8623: Use-after-free via shared cookies 
>   CVE-2016-8624: invalid URL parsing with '#'
>   CVE-2016-8625: IDNA 2003 makes curl use wrong host
> * Thu Oct 27 2016 Vladimir D. Seleznev <vseleznv@altlinux> 7.50.3-alt2

Хорошо бы его в p8 скопировать или пересобрать.

-- 
 ---- WBR, Michael Shigorin / http://altlinux.org
  ------ http://opennet.ru / http://anna-news.info