Release date:
2023-04-14 16:55:52 UTC
Description:
* SECURITY UPDATE: Telnet option IAC injection
- debian/patches/CVE-2023-27533.patch: only accept option arguments in
ascii to avoid embedded telnet negotiation commands
- CVE-2023-27533
* SECURITY UPDATE: FTP too eager connection reuse
- debian/patches/CVE-2023-27535.patch: add more conditions for connection
reuse
- CVE-2023-27535
* SECURITY UPDATE: GSS delegation too eager connection re-use
- debian/patches/CVE-2023-27536.patch: only reuse connections with same
GSS delegation
- CVE-2023-27536
Updated packages:
-
curl_7.47.0-1ubuntu2.23+tuxcare.els8_amd64.deb
sha:80e725d077fed3798ffbaf1929b9cee4dd751365
-
libcurl3_7.47.0-1ubuntu2.23+tuxcare.els8_amd64.deb
sha:7c95eba8837368711efaa3d5961c1728af014592
-
libcurl3-gnutls_7.47.0-1ubuntu2.23+tuxcare.els8_amd64.deb
sha:2386fc6e68cc9f34630ed3439c87baecbab7c729
-
libcurl3-nss_7.47.0-1ubuntu2.23+tuxcare.els8_amd64.deb
sha:b220bc544c2aa735005619f54948b3c0393a8853
-
libcurl4-doc_7.47.0-1ubuntu2.23+tuxcare.els8_all.deb
sha:2091a11abb777ecaa0f01d457c731220515a5859
-
libcurl4-gnutls-dev_7.47.0-1ubuntu2.23+tuxcare.els8_amd64.deb
sha:b28a91df6bd2c22c9983443b479f51ead8e9494d
-
libcurl4-nss-dev_7.47.0-1ubuntu2.23+tuxcare.els8_amd64.deb
sha:6172f449695795a212b1bbfd1ef5cc7ab26d608d
-
libcurl4-openssl-dev_7.47.0-1ubuntu2.23+tuxcare.els8_amd64.deb
sha:5fcbb4c58b4eedfe9e0d312e0f4e391232cbb784
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.
