Hello community, here is the log from the commit of package patchinfo.3001 for openSUSE:13.1:Update checked in at 2014-09-17 22:48:15 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:13.1:Update/patchinfo.3001 (Old) and /work/SRC/openSUSE:13.1:Update/.patchinfo.3001.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "patchinfo.3001" Changes: -------- New Changes file: NO CHANGES FILE!!! New: ---- _patchinfo ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ _patchinfo ++++++ <patchinfo> <issue id="894575" tracker="bnc">VUL-0: CVE-2014-3613: curl: libcurl cookie leaks</issue> <issue id="895991" tracker="bnc">VUL-0: CVE-2014-3620: curl: cookies accepted for TLDs</issue> <issue id="CVE-2014-3620" tracker="cve" /> <issue id="CVE-2014-3613" tracker="cve" /> <category>security</category> <rating>important</rating> <packager>vitezslav_cizek</packager> <description> libcurl was updated to fix security issues: CVE-2014-3613: Cookies for hosts specified by numeric IP could be assigned or used for other numeric IP hosts if portions of the numerics were the same. CVE-2014-3620: libcurl allowed cookies to be set for toplevel domains, making them to broad. </description> <summary>curl: security update</summary> </patchinfo> -- To unsubscribe, e-mail: opensuse-commit+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-commit+help@opensuse.org