Bug 1911

Summary: Curl security issue with GSSAPI authentication
Product: Mageia Reporter: Stew Benedict <stewbintn>
Component: SecurityAssignee: QA Team <qa-bugs>
Status: RESOLVED FIXED QA Contact:
Severity: normal    
Priority: Normal    
Version: Cauldron   
Target Milestone: ---   
Hardware: i586   
OS: Linux   
URL: http://curl.haxx.se/docs/adv_20110623.html
Whiteboard:
Source RPM: curl-7.21.5-1.mga1.src.rpm CVE:
Status comment:
Bug Depends on: 1813, 1910    
Bug Blocks:    

Description Stew Benedict 2011-06-24 13:43:14 CEST 
Description of problem:

When doing GSSAPI authentication, libcurl unconditionally performs
  credential delegation. This hands the server a copy of the client's security
  credentials, allowing the server to impersonate the client to any other
  using the same GSSAPI mechanism. This is obviously a very sensitive
  operation, which should only be done when the user explicitly so directs.

Issue is discussed in detail at the above link. Mitre has issued CVE-2011-2192 for this issue.


Version-Release number of selected component (if applicable):

7.21.5-1mga1

How reproducible:

N/A


Patch:
http://curl.haxx.se/curl-gssapi-delegation.patch

If would be good to address bug 1813 and the other open curl bugs in the same update.

Possible update release text:

Richard Silverman discovered a security issue with curl's GSSAPI authentication, where the client hands the server a copy of the client credentials. While there are no known exploits at this time, updated packages have corrected the issue.
This issue has been reserved the CVE identifier of CVE-2011-2192 at http://cve.mitre.org.
Comment 1 Ahmad Samir 2011-06-24 13:56:05 CEST 
Bug 1910, curl too.
Nicolas Vigier 2011-06-27 21:40:03 CEST

CC: (none) => boklm
Depends on: (none) => 1813, 1910

Comment 2 Nicolas Vigier 2011-06-27 23:12:59 CEST 
Package curl-7.21.5-1.1.mga1 submitted to updates_testing repository should fix this issue, and bugs #1910 and #1813.

Status: NEW => ASSIGNED
Assignee: bugsquad => qa-bugs

Comment 3 Nicolas Vigier 2011-06-30 15:18:51 CEST 
Package moved to updates.

Status: ASSIGNED => RESOLVED
Resolution: (none) => FIXED

Nicolas Vigier 2014-05-08 18:05:09 CEST

CC: boklm => (none)