cURL / Mailing Lists / curl-users / Single Mail


Is my (lib)curl vulnerable?

From: Daniel Stenberg <>
Date: Mon, 20 Mar 2006 16:30:15 +0100 (CET)


Today's security advisory is the 7th publicly announced security flaw in curl
and libcurl.

To help you figure out which of these vulnerabilities you should be concerned
about, I've created a little table:

NOTICE! Most linux distros and other parties that distribute curl and libcurl
packages do so with a set of custom patches applied (like for example security
related patches!). If you are using a (lib)curl installed from a package
provided from somewhere or someone else than from the curl project itself, you
will need to check how your version deviates from the public "original"
version as shipped and released by our project.

  Commercial curl and libcurl Technical Support:
Received on 2006-03-20