Description:
curl is susceptible to a number of low severity security
vulnerabilities:
CVE-2025-14524: bearer token leak on cross-protocol redirect
CVE-2025-14819: OpenSSL partial chain store policy bypass
CVE-2025-15079: libssh knownhosts file vulnerability
CVE-2025-15224: libssh key passphrase bypass vulnerability
This release fixes these issues.
- https://bugs.mageia.org/show_bug.cgi?id=34944
- https://curl.se/docs/vuln-7.88.1.html
- https://www.cve.org/CVERecord?id=CVE-2025-13034
- https://www.cve.org/CVERecord?id=CVE-2025-14017
- https://www.cve.org/CVERecord?id=CVE-2025-14524
- https://www.cve.org/CVERecord?id=CVE-2025-14819
- https://www.cve.org/CVERecord?id=CVE-2025-15079
- https://www.cve.org/CVERecord?id=CVE-2025-15224
- 9/core/curl-7.88.1-4.9.mga9
Get the latest Linux and open source security news straight to your inbox.