Mandriva Linux Security Advisory 2012-058 - curl is vulnerable to a SSL CBC IV vulnerability when built to use OpenSSL for the SSL/TLS layer. A work-around has been added to mitigate the problem. curl is vulnerable to a data injection attack for certain protocols through control characters embedded or percent-encoded in URLs. The updated packages have been patched to correct these issues.
6c85f20b4131fa33986edd84817e884952953310762c6a2e6f462a08eee4cb99