(RHSA-2013:0771) Moderate: curl security update

cURL provides the libcurl library and a command line tool for downloading
files from servers using various protocols, including HTTP, FTP, and LDAP.

A flaw was found in the way libcurl matched domains associated with
cookies. This could lead to cURL or an application linked against libcurl
sending the wrong cookie if only part of the domain name matched the domain
associated with the cookie, disclosing the cookie to unrelated hosts.
(CVE-2013-1944)

Red Hat would like to thank the cURL project for reporting this issue.
Upstream acknowledges YAMADA Yasuharu as the original reporter.

Users of curl should upgrade to these updated packages, which contain a
backported patch to correct this issue. All running applications using
libcurl must be restarted for the update to take effect.