Mandriva Update for curl MDVSA-2012:058 (curl)

Solution
Please Install the Updated Packages.
Insight
Multiple vulnerabilities has been found and corrected in curl: curl is vulnerable to a SSL CBC IV vulnerability when built to use OpenSSL for the SSL/TLS layer. A work-around has been added to mitigate the problem (CVE-2011-3389). curl is vulnerable to a data injection attack for certain protocols through control characters embedded or percent-encoded in URLs (CVE-2012-0036). The updated packages have been patched to correct these issues.
Affected
curl on Mandriva Linux 2011.0, Mandriva Linux 2010.1