Ulf Harnhammar told vendor-sec about a buffer overflow in cURL's tftp handling
code. If you pass a very long tftp URL ("tftp://") to cURL with a valid
hostname, it becomes possible to overflow a buffer.
This issue only affects version 7.15.X.
The fixed versions are curl-7.15.3-1 (devel), curl-7.15.1-3 (fc5). If there is
any problem please reopen this bug.