CVE-2017-7468 Notification for cURL Ubuntu安全脆弱性 (USN-3262-1)

It was discovered that curl incorrectly handled client certificates when resuming a TLS session.

A remote attacker could use this to hijack a previously authenticated connection.

Refer to Ubuntu advisory USN-3262-1 for affected packages and patching details, or update with your package manager.

Patch:
Following are links for downloading patches to fix the vulnerabilities:

USN-3262-1: 17.04 (zesty) on src (libcurl3-gnutls)

USN-3262-1: 17.04 (zesty) on src (curl)

USN-3262-1: 17.04 (zesty) on src (libcurl3)

USN-3262-1: 17.04 (zesty) on src (libcurl3-nss)