CVSROOT: /cvs Module name: ports Changes by: na...@cvs.openbsd.org 2015/05/01 14:39:43
Modified files: net/curl : Tag: OPENBSD_5_6 Makefile net/curl/patches: Tag: OPENBSD_5_6 patch-lib_cookie_c patch-lib_url_c Added files: net/curl/patches: Tag: OPENBSD_5_6 patch-lib_http_c patch-lib_http_negotiate_c patch-lib_http_negotiate_sspi_c patch-tests_data_test1527 patch-tests_data_test287 patch-tests_libtest_lib1527_c Log message: Security fixes: CVE-2015-3143: Re-using authenticated connection when unauthenticated CVE-2015-3144: host name out of boundary memory access CVE-2015-3145: cookie parser out of boundary memory access CVE-2015-3148: Negotiate not treated as connection-oriented CVE-2015-3153: sensitive HTTP server headers also sent to proxies Backport for CVE-2015-3148 from Ubuntu.