Oracle8: ELSA-2022-5313: curl Moderate Security Update

Advisories

What Are You Looking For?

Popular Tags

Contribute

Advisories This Week: 223

Oracle Linux Security Advisory ELSA-2022-5313

https://linux.oracle.com/errata/ELSA-2022-5313.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

x86_64:
curl-7.61.1-22.el8_6.3.x86_64.rpm
libcurl-7.61.1-22.el8_6.3.i686.rpm
libcurl-7.61.1-22.el8_6.3.x86_64.rpm
libcurl-devel-7.61.1-22.el8_6.3.i686.rpm
libcurl-devel-7.61.1-22.el8_6.3.x86_64.rpm
libcurl-minimal-7.61.1-22.el8_6.3.i686.rpm
libcurl-minimal-7.61.1-22.el8_6.3.x86_64.rpm

aarch64:
curl-7.61.1-22.el8_6.3.aarch64.rpm
libcurl-7.61.1-22.el8_6.3.aarch64.rpm
libcurl-devel-7.61.1-22.el8_6.3.aarch64.rpm
libcurl-minimal-7.61.1-22.el8_6.3.aarch64.rpm


SRPMS:
https://oss.oracle.com/ol8/SRPMS-updates/curl-7.61.1-22.el8_6.3.src.rpm

Related CVEs:

CVE-2022-22576
CVE-2022-27774
CVE-2022-27776
CVE-2022-27782




Description of changes:

[7.61.1-22.el8_6.3]
- fix too eager reuse of TLS and SSH connections (CVE-2022-27782)

[7.61.1-22.el8_6.2]
- fix invalid type in printf() argument detected by Coverity

[7.61.1-22.el8_6.1]
- fix credential leak on redirect (CVE-2022-27774)
- fix auth/cookie leak on redirect (CVE-2022-27776)
- fix OAUTH2 bearer bypass in connection re-use (CVE-2022-22576)


_______________________________________________
El-errata mailing list
[email protected]
https://oss.oracle.com/mailman/listinfo/el-errata

Oracle8: ELSA-2022-5313: curl Moderate Security Update

Summary

Description of changes: [7.61.1-22.el8_6.3] - fix too eager reuse of TLS and SSH connections (CVE-2022-27782) [7.61.1-22.el8_6.2] - fix invalid type in printf() argument detected by Coverity [7.61.1-22.el8_6.1] - fix credential leak on redirect (CVE-2022-27774) - fix auth/cookie leak on redirect (CVE-2022-27776) - fix OAUTH2 bearer bypass in connection re-use (CVE-2022-22576)

i386

x86_64

curl-7.61.1-22.el8_6.3.x86_64.rpm libcurl-7.61.1-22.el8_6.3.i686.rpm libcurl-7.61.1-22.el8_6.3.x86_64.rpm libcurl-devel-7.61.1-22.el8_6.3.i686.rpm libcurl-devel-7.61.1-22.el8_6.3.x86_64.rpm libcurl-minimal-7.61.1-22.el8_6.3.i686.rpm libcurl-minimal-7.61.1-22.el8_6.3.x86_64.rpm aarch64: curl-7.61.1-22.el8_6.3.aarch64.rpm libcurl-7.61.1-22.el8_6.3.aarch64.rpm libcurl-devel-7.61.1-22.el8_6.3.aarch64.rpm libcurl-minimal-7.61.1-22.el8_6.3.aarch64.rpm

SRPMS

https://oss.oracle.com/ol8/SRPMS-updates/curl-7.61.1-22.el8_6.3.src.rpm

Severity
Related CVEs: CVE-2022-22576 CVE-2022-27774 CVE-2022-27776 CVE-2022-27782

News

Advisories

HOWTOs

Features

How a WAF Could Improve the Security of Your Linux Web Applications
Installing SurfShark VPN On Kali Linux: The Authoritative Guide
Best Practices for PHP Security
9 Wise Linux Cybersecurity Tips for Businesses
What Is the Impact of AI on Cybersecurity? 3 Interesting Use Cases

About Us

Powered By

Footer Logo

We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy. 

Learn More About Our Cookie Policy