[CLSA-2023:1688068016] curl: Fix of 2 CVEs
Type:
security
Severity:
Moderate
Release date:
2023-06-29
Description:
- CVE-2023-28322: fix errouneous behaviour and possible use-after-free due to mess in upload/method handling - CVE-2023-28321: fix incorrect IDN wildcard match due to errouneous wildcard logic handling; drop support for wildcards in the middle of domain name - Update certificates used on test HTTPS server
Updated packages:
  • curl-7.61.1-22.el8.tuxcare.els10.x86_64.rpm
    sha:76d3dc44913d8dc73019d27f0c8669dd04f51d7d
  • curl-minimal-7.61.1-22.el8.tuxcare.els10.x86_64.rpm
    sha:0a899b0a832c385a38f695afb6b723fe9e9c0f2d
  • libcurl-7.61.1-22.el8.tuxcare.els10.i686.rpm
    sha:c08201db3b5d01cd9bea7cb4a024d4b41bc392fc
  • libcurl-7.61.1-22.el8.tuxcare.els10.x86_64.rpm
    sha:108d782c80569177e7e051998e277336396eff68
  • libcurl-devel-7.61.1-22.el8.tuxcare.els10.i686.rpm
    sha:c99983b41c723077eb7c4242a0ec1805d31c4338
  • libcurl-devel-7.61.1-22.el8.tuxcare.els10.x86_64.rpm
    sha:52d8eb923ac9fa69aa583d031f3afc2a7414300c
  • libcurl-minimal-7.61.1-22.el8.tuxcare.els10.i686.rpm
    sha:8b993d0bbf88b29921e78f96a7b0953b26dcdb9f
  • libcurl-minimal-7.61.1-22.el8.tuxcare.els10.x86_64.rpm
    sha:8b50789eaf1d493053ce758324c5c97d10436d2e
Notes:
This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.