Alerts This Week
Warning Icon 1 916
Alerts This Week
Warning Icon 1 916

Oracle Linux 8: ELSA-2024-1601 Moderate: Curl Package Security Fix

oracle
Calendar Grey April 5, 2024
Oracle Linux Logo Esm H88
Essential security patch released for Oracle Linux 8: curl software addressed various vulnerabilities. Full information included.
The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

Summary

[7.61.1-33.5] - cap SFTP packet size sent (RHEL-5485) - when keyboard-interactive auth fails, try password (#2229800) - unify the upload/method handling (CVE-2023-28322) - fix cookie injection with none file (CVE-2023-38546) - lowercase the domain names before PSL checks (CVE-2023-46218)

Topics%20covered

Topics Covered

security advisory security update security issue moderate severity Oracle Linux curl package

SRPMs

https://oss.oracle.com:443/ol8/SRPMS-updates//curl-7.61.1-33.el8_9.5.src.rpm

x86_64

curl-7.61.1-33.el8_9.5.x86_64.rpm libcurl-7.61.1-33.el8_9.5.i686.rpm libcurl-7.61.1-33.el8_9.5.x86_64.rpm libcurl-devel-7.61.1-33.el8_9.5.i686.rpm libcurl-devel-7.61.1-33.el8_9.5.x86_64.rpm libcurl-minimal-7.61.1-33.el8_9.5.i686.rpm libcurl-minimal-7.61.1-33.el8_9.5.x86_64.rpm

aarch64

curl-7.61.1-33.el8_9.5.aarch64.rpm libcurl-7.61.1-33.el8_9.5.aarch64.rpm libcurl-devel-7.61.1-33.el8_9.5.aarch64.rpm libcurl-minimal-7.61.1-33.el8_9.5.aarch64.rpm

Severity
important
Lowest
Low
Medium
High
Critical

Related CVEs: CVE-2023-28322 CVE-2023-38546 CVE-2023-46218

Topics%20covered

Topics Covered

security advisory security update security issue moderate severity Oracle Linux curl package

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here