AlmaLinux 2324 Published by

A curl security update has been released for AlmaLinux 8.



ALSA-2022:5313 ALSA-2022:5313: curl security update (Moderate)


Type:
security

Severity:
moderate

Release date:
2022-07-25

Description
Security Fix(es):
* curl: OAUTH2 bearer bypass in connection re-use (CVE-2022-22576)
* curl: credential leak on redirect (CVE-2022-27774)
* curl: auth/cookie leak on redirect (CVE-2022-27776)
* curl: TLS and SSH connection too eager reuse (CVE-2022-27782)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References:
ALSA-2022:5313

Updates packages:
libcurl-minimal-7.61.1-22.el8_6.3.ppc64le.rpm
libcurl-devel-7.61.1-22.el8_6.3.ppc64le.rpm
curl-7.61.1-22.el8_6.3.ppc64le.rpm
libcurl-7.61.1-22.el8_6.3.ppc64le.rpm
curl-7.61.1-22.el8_6.3.aarch64.rpm
libcurl-7.61.1-22.el8_6.3.aarch64.rpm
libcurl-devel-7.61.1-22.el8_6.3.aarch64.rpm
libcurl-minimal-7.61.1-22.el8_6.3.aarch64.rpm
libcurl-7.61.1-22.el8_6.3.i686.rpm
libcurl-minimal-7.61.1-22.el8_6.3.i686.rpm
curl-7.61.1-22.el8_6.3.x86_64.rpm
libcurl-devel-7.61.1-22.el8_6.3.i686.rpm

Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.

  ALSA-2022:5313 ALSA-2022:5313: curl security update (Moderate)