---
- branch: MAIN
  date: Thu Sep 18 11:10:51 UTC 2014
  files:
  - new: '1.6'
    old: '1.5'
    path: pkgsrc/emulators/suse131_libcurl/Makefile
    pathrev: pkgsrc/emulators/suse131_libcurl/Makefile@1.6
    type: modified
  - new: '1.5'
    old: '1.4'
    path: pkgsrc/emulators/suse131_libcurl/distinfo
    pathrev: pkgsrc/emulators/suse131_libcurl/distinfo@1.5
    type: modified
  id: 20140918T111051Z.7b8c6eeea8667fc07b0c614b163baa81099d4dea
  log: |
    security fix update for suse131_libcurl.

       openSUSE Security Update: curl
    ______________________________________________________________________________

    Announcement ID:    openSUSE-SU-2014:1139-1
    Rating:             important
    References:         #894575 #895991
    Cross-References:   CVE-2014-3613 CVE-2014-3620
    Affected Products:
                        openSUSE 13.1
                        openSUSE 12.3
    ______________________________________________________________________________

       An update that fixes two vulnerabilities is now available.

    Description:

       libcurl was updated to fix security issues:

       CVE-2014-3613: Cookies for hosts specified by numeric IP could be assigned
       or used for other numeric IP hosts if portions of the numerics were the
       same.

       CVE-2014-3620: libcurl allowed cookies to be set for toplevel domains,
       making them to broad.
  module: pkgsrc
  subject: 'CVS commit: pkgsrc/emulators/suse131_libcurl'
  unixtime: '1411038651'
  user: obache