Release date:
2022-07-04 18:29:29 UTC
Description:
* SECURITY UPDATE: libcurl would reuse a previously created connection even
when a TLS or SSH related option had been changed that should have
prohibited reuse.
- debian/patches/CVE-2022-27782-tls.patch: add missing primary checks of
tls parameters before connection reuse
- CVE-2022-27782
Updated packages:
-
curl_7.47.0-1ubuntu2.23+tuxcare.els3_amd64.deb
sha:e7ef05477ede92c663ecf12a504ab970c2920a67
-
libcurl3_7.47.0-1ubuntu2.23+tuxcare.els3_amd64.deb
sha:7731a3c373d68cd4f7ccbb3edf7269f999e9e975
-
libcurl3-gnutls_7.47.0-1ubuntu2.23+tuxcare.els3_amd64.deb
sha:42ffc5b25d99876f48d83f6ae1e26c9e4d13a221
-
libcurl3-nss_7.47.0-1ubuntu2.23+tuxcare.els3_amd64.deb
sha:030187e7ee25e217fc413ff216a2f9529027d896
-
libcurl4-doc_7.47.0-1ubuntu2.23+tuxcare.els3_all.deb
sha:b8a43e0a15e0bee900241ce59391fc5d7c7f9386
-
libcurl4-gnutls-dev_7.47.0-1ubuntu2.23+tuxcare.els3_amd64.deb
sha:d212e22c12a9d93dd96d4fc3619e4736628d4d45
-
libcurl4-nss-dev_7.47.0-1ubuntu2.23+tuxcare.els3_amd64.deb
sha:f6c7a271f5fa5ebbe43263abf74ea999886caa69
-
libcurl4-openssl-dev_7.47.0-1ubuntu2.23+tuxcare.els3_amd64.deb
sha:67ddbb8faeb1443ae1aac678d2c7e7f3d88025ee
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.
