Mageia 2020-0482: curl security update
Summary
Due to use of a dangling pointer, libcurl 7.29.0 through 7.71.1 can use the
wrong connection when sending data. (CVE-2020-8231).
A malicious server can use the FTP PASV response to trick curl 7.73.0 and
earlier into connecting back to a given IP address and port, and this way
potentially make curl extract information about services that are otherwise
private and not disclosed, for example doing port scanning and service banner
extractions. (CVE-2020-8284).
curl 7.21.0 to and including 7.73.0 is vulnerable to uncontrolled recursion
due to a stack overflow issue in FTP wildcard match parsing. (CVE-2020-8285).
curl 7.41.0 through 7.73.0 is vulnerable to an improper check for certificate
revocation due to insufficient verification of the OCSP response.
(CVE-2020-8286).
References
- https://bugs.mageia.org/show_bug.cgi?id=27154
- https://curl.se/docs/CVE-2020-8231.html
- https://ubuntu.com/security/notices/USN-4466-1
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/Q7JHSXTQ7EUHJPYL333CB3OBCKHA5FQC/
- https://curl.se/docs/CVE-2020-8284.html
- https://curl.se/docs/CVE-2020-8285.html
- https://curl.se/docs/CVE-2020-8286.html
- https://ubuntu.com/security/notices/USN-4665-1
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/NZUVSQHN2ESHMJXNQ2Z7T2EELBB5HJXG/
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8231
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8284
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8285
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8286
Resolution
MGASA-2020-0482 - Updated curl packages fix security vulnerabilities
SRPMS
- 7/core/curl-7.71.0-1.1.mga7