Mageia 2020-0482: curl security update | LinuxSecurity.com
MGASA-2020-0482 - Updated curl packages fix security vulnerabilities

Publication date: 31 Dec 2020
URL: https://advisories.mageia.org/MGASA-2020-0482.html
Type: security
Affected Mageia releases: 7
CVE: CVE-2020-8231,
     CVE-2020-8284,
     CVE-2020-8285,
     CVE-2020-8286

Due to use of a dangling pointer, libcurl 7.29.0 through 7.71.1 can use the
wrong connection when sending data. (CVE-2020-8231).

A malicious server can use the FTP PASV response to trick curl 7.73.0 and
earlier into connecting back to a given IP address and port, and this way
potentially make curl extract information about services that are otherwise
private and not disclosed, for example doing port scanning and service banner
extractions. (CVE-2020-8284).

curl 7.21.0 to and including 7.73.0 is vulnerable to uncontrolled recursion
due to a stack overflow issue in FTP wildcard match parsing. (CVE-2020-8285).

curl 7.41.0 through 7.73.0 is vulnerable to an improper check for certificate
revocation due to insufficient verification of the OCSP response.
(CVE-2020-8286).

References:
- https://bugs.mageia.org/show_bug.cgi?id=27154
- https://curl.haxx.se/docs/CVE-2020-8231.html
- https://ubuntu.com/security/notices/USN-4466-1
- https://lists.fedoraproject.org/archives/list/[email protected]/thread/Q7JHSXTQ7EUHJPYL333CB3OBCKHA5FQC/
- https://curl.se/docs/CVE-2020-8284.html
- https://curl.se/docs/CVE-2020-8285.html
- https://curl.se/docs/CVE-2020-8286.html
- https://ubuntu.com/security/notices/USN-4665-1
- https://lists.fedoraproject.org/archives/list/[email protected]/thread/NZUVSQHN2ESHMJXNQ2Z7T2EELBB5HJXG/
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8231
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8284
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8285
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8286

SRPMS:
- 7/core/curl-7.71.0-1.1.mga7

Mageia 2020-0482: curl security update

Due to use of a dangling pointer, libcurl 7.29.0 through 7.71.1 can use the wrong connection when sending data

Summary

Due to use of a dangling pointer, libcurl 7.29.0 through 7.71.1 can use the wrong connection when sending data. (CVE-2020-8231).
A malicious server can use the FTP PASV response to trick curl 7.73.0 and earlier into connecting back to a given IP address and port, and this way potentially make curl extract information about services that are otherwise private and not disclosed, for example doing port scanning and service banner extractions. (CVE-2020-8284).
curl 7.21.0 to and including 7.73.0 is vulnerable to uncontrolled recursion due to a stack overflow issue in FTP wildcard match parsing. (CVE-2020-8285).
curl 7.41.0 through 7.73.0 is vulnerable to an improper check for certificate revocation due to insufficient verification of the OCSP response. (CVE-2020-8286).

References

- https://bugs.mageia.org/show_bug.cgi?id=27154

- https://curl.haxx.se/docs/CVE-2020-8231.html

- https://ubuntu.com/security/notices/USN-4466-1

- https://lists.fedoraproject.org/archives/list/[email protected]/thread/Q7JHSXTQ7EUHJPYL333CB3OBCKHA5FQC/

- https://curl.se/docs/CVE-2020-8284.html

- https://curl.se/docs/CVE-2020-8285.html

- https://curl.se/docs/CVE-2020-8286.html

- https://ubuntu.com/security/notices/USN-4665-1

- https://lists.fedoraproject.org/archives/list/[email protected]/thread/NZUVSQHN2ESHMJXNQ2Z7T2EELBB5HJXG/

- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8231

- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8284

- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8285

- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8286

Resolution

MGASA-2020-0482 - Updated curl packages fix security vulnerabilities

SRPMS

- 7/core/curl-7.71.0-1.1.mga7

Severity
Publication date: 31 Dec 2020
URL: https://advisories.mageia.org/MGASA-2020-0482.html
Type: security
CVE: CVE-2020-8231, CVE-2020-8284, CVE-2020-8285, CVE-2020-8286

We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.