Type : Bug fix
Severity : High
cURL is a tool for getting files from FTP, HTTP, Gopher, Telnet, and Dict servers, using any of the supported protocols. cURL is designed to work without user interaction or any kind of interactivity. cURL offers many useful capabilities, like proxy support, user authentication, FTP upload, HTTP post, and file transfer resume.
• In the FTP implementation, a stack overflow could sometimes happen because libcurl called the accept() function from a system library. This was incorrect and has been fixed.
• Previously, sending an LDAP request through an HTTP proxy tunnel ended up with cURL attempting to directly connect to the LDAP server using a wrong port number: this has been fixed.
• The git push" command did not work correctly over the WebDAV protocol because the "multi" interface of libcurl was broken. This has been fixed and "git push" now works as expected over WebDAV.
• For security reasons, the GSSAPI credential delegation was disabled: this broke the application functionality relying on delegation. The CURLOPT_GSSAPI_DELEGATION libcurl option has been introduced in order to enable delegation explicitly when applications need it and restore the functionality.
• Despite the libcurl library supporting Kerberos credential delegation, cURL did not allow it. It now does, through the new option "--delegation"
• curl now supports proxy authentication using Kerberos by using the "--proxy-negotiate" option.
Solution : Update packages.
1、tar zxvf curl-7.15.5-15.AXS3.i386.tar.gz
3、rpm -Uvh *.rpm