generic-library/curl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

mention buffer overflows fixed

Browse Source
This commit is contained in:
Daniel Stenberg 2005-03-03 13:13:21 +00:00
parent f61917594e
commit 861b5e608b
2 changed files with 9 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
CHANGES
View File

@ -7,6 +7,14 @@
Changelog Changelog
Daniel (22 February 2005)
- NTLM and ftp-krb4 buffer overflow fixed, as reported here:
http://www.securityfocus.com/archive/1/391042 and the CAN report here:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0490
If these security guys were serious, we'd been notified in advance and we
could've saved a few of you a little surprise, but now we weren't.
Daniel (19 February 2005) Daniel (19 February 2005)
- Ralph Mitchell reported a flaw when you used a proxy with auth, and you - Ralph Mitchell reported a flaw when you used a proxy with auth, and you
requested data from a host and then followed a redirect to another requested data from a host and then followed a redirect to another

1
RELEASE-NOTES
View File

@ -16,6 +16,7 @@ This release includes the following changes:
This release includes the following bugfixes: This release includes the following bugfixes:
o NTLM/krb4 buffer overflow fixed (CAN-2005-0490)
o proxy auth bug when following redirects to another host o proxy auth bug when following redirects to another host
o socket leak when local bind failed o socket leak when local bind failed
o HTTP POST with --anyauth picking NTLM o HTTP POST with --anyauth picking NTLM