+++ This bug was initially created as a clone of Bug #175191 +++ 'Stefan Esser has reported a vulnerability in cURL/libcURL, which has an unknown impact.' 'The vulnerability is caused due to an off-by-one error when parsing an URL that is longer than 256 bytes. By using a specially crafted URL, a two-byte overflow is reportedly possible. This may be exploited to corrupt memory allocation structures. The vulnerability is reportedly exploitable only via a direct request to cURL and not via a redirect.' 'The vulnerability has been reported in version 7.15.0 and prior.'
fc3 version (curl-7.12.3-5.fc3) and fc4 version (curl-7.13.1-4.fc4) are fixed (devel version is fixed too - bug 175191 - curl-7.15.1-1 ).