Canonical has announced that a couple of curl vulnerabilities have been found and fixed in its Ubuntu 14.04 LTS, Ubuntu 12.04 LTS, and Ubuntu 10.04 LTS operating systems.
The developers have released a new update for the curl package and it looks like a number of security issues have been corrected.
“Tim Ruehsen discovered that curl incorrectly handled partial literal IP addresses. This could lead to the disclosure of cookies to the wrong site, and malicious sites being able to set cookies for others,” reads the security notice.
Source:
http://news.softpedia.com/news/Curl-Exploits-Close-in-All-Supported-Ubuntu-OSes-458899.shtml
Submitted by: Silviu Stahie