[CLSA-2026:1771664389] curl: Fix of 2 CVEs
Type:
security
Severity:
Low
Release date:
2026-02-21 08:59:53 UTC
Description:
- CVE-2025-14524: fix OAuth2 bearer token leak on cross-protocol redirect - CVE-2025-15224: fix libssh public-key auth fallback to SSH agent
Updated packages:
  • curl-7.76.1-31.el9_6.1.tuxcare.els5.x86_64.rpm
    sha:5ecd8527043c6cb8eee12bf127b2ce752ab63c25900bbbc6b5122b6980186c2d
  • curl-minimal-7.76.1-31.el9_6.1.tuxcare.els5.x86_64.rpm
    sha:f538d66ce5aa66ac072099da427464808cb06739107ad6b993c7c4d0d3400283
  • libcurl-7.76.1-31.el9_6.1.tuxcare.els5.i686.rpm
    sha:9dd044ba25ee6283e95076f2f05ab270433318201c647b5dae192df7e80207b2
  • libcurl-7.76.1-31.el9_6.1.tuxcare.els5.x86_64.rpm
    sha:d337243e1315529ae0ebbe7b97a196b4165073cd854b41ddd334d5a8a6b6a2f3
  • libcurl-devel-7.76.1-31.el9_6.1.tuxcare.els5.i686.rpm
    sha:06f1edc4d00d56f858993546581b91e70514679524cd02302a8b2612cfc28335
  • libcurl-devel-7.76.1-31.el9_6.1.tuxcare.els5.x86_64.rpm
    sha:8366e63cfff0e70e5a7512b6a2077872a22f1403121c9a43931402fa4849b998
  • libcurl-minimal-7.76.1-31.el9_6.1.tuxcare.els5.i686.rpm
    sha:7f0bb623590a413f5d20beeac951aaadee50196f5493141facc82e63cd531072
  • libcurl-minimal-7.76.1-31.el9_6.1.tuxcare.els5.x86_64.rpm
    sha:9dbcba235d69d6459838abdad62fe1548e23f374f8ddf3f2a3af0a702bc01b40
Notes:
This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.