This bug was fixed in the package curl - 7.27.0-1ubuntu1.6
---------------
curl (7.27.0-1ubuntu1.6) quantal-security; urgency=low
* SECURITY REGRESSION: can't disable cert checking in command line tool
(LP: #1258366)
- debian/patches/CVE-2013-4545.patch: properly disable host
verification when insecure mode is used in src/tool_operate.c.
- CVE-2013-4545
-- Marc Deslauriers <[email protected]> Fri, 06 Dec 2013 07:47:06
-0500
** Changed in: curl (Ubuntu Quantal)
Status: Confirmed => Fix Released
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2013-4545
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1258366
Title:
curl -k breaks for some certificates after USN-2048-1
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/curl/+bug/1258366/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
