AlmaLinux 2325 Published by

A curl security update has been released for AlmaLinux 8.



ALSA-2023:4523 Moderate: curl security update


Type:
security

Severity:
moderate

Release date:
2023-08-09

Description
Security Fix(es):
* curl: GSS delegation too eager connection re-use (CVE-2023-27536)
* curl: IDN wildcard match may lead to Improper Cerificate Validation (CVE-2023-28321)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References:
CVE-2023-27536
CVE-2023-28321
RHSA-2023:4523
ALSA-2023:4523

Updates packages:
curl-7.61.1-30.el8_8.3.aarch64.rpm
libcurl-minimal-7.61.1-30.el8_8.3.ppc64le.rpm
libcurl-minimal-7.61.1-30.el8_8.3.x86_64.rpm
libcurl-minimal-7.61.1-30.el8_8.3.s390x.rpm
curl-7.61.1-30.el8_8.3.x86_64.rpm
libcurl-7.61.1-30.el8_8.3.aarch64.rpm
curl-7.61.1-30.el8_8.3.s390x.rpm
libcurl-7.61.1-30.el8_8.3.x86_64.rpm
libcurl-7.61.1-30.el8_8.3.s390x.rpm
libcurl-7.61.1-30.el8_8.3.i686.rpm
libcurl-devel-7.61.1-30.el8_8.3.x86_64.rpm
libcurl-devel-7.61.1-30.el8_8.3.aarch64.rpm
libcurl-minimal-7.61.1-30.el8_8.3.aarch64.rpm
curl-7.61.1-30.el8_8.3.ppc64le.rpm
libcurl-devel-7.61.1-30.el8_8.3.i686.rpm
libcurl-7.61.1-30.el8_8.3.ppc64le.rpm
libcurl-devel-7.61.1-30.el8_8.3.ppc64le.rpm
libcurl-devel-7.61.1-30.el8_8.3.s390x.rpm
libcurl-minimal-7.61.1-30.el8_8.3.i686.rpm

Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.

  ALSA-2023:4523 Moderate: curl security update