Alerts This Week
Warning Icon 1 714
Alerts This Week
Warning Icon 1 714

Oracle Linux 9: ELSA-2023-5763 Critical: Curl Buffer Overflow

oracle
Calendar Grey October 19, 2023
Oracle Linux Logo Esm H88
Oracle Linux Security Advisory ELSA-2023-5763 presents critical updates for curl, focusing on the resolution of security vulnerabilities.
The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

Summary

[7.76.1-23.el9_2.4] - curl: a heap-based buffer overflow in the SOCKS5 proxy handshake (CVE-2023-38545) - curl: cookie injection with none file (CVE-2023-38546)

Topics%20covered

Topics Covered

security advisory buffer overflow critical software update curl update Oracle Linux cookie injection

SRPMs

https://oss.oracle.com:443/ol9/SRPMS-updates//curl-7.76.1-23.el9_2.4.src.rpm

x86_64

curl-7.76.1-23.el9_2.4.x86_64.rpm curl-minimal-7.76.1-23.el9_2.4.x86_64.rpm libcurl-7.76.1-23.el9_2.4.i686.rpm libcurl-7.76.1-23.el9_2.4.x86_64.rpm libcurl-devel-7.76.1-23.el9_2.4.i686.rpm libcurl-devel-7.76.1-23.el9_2.4.x86_64.rpm libcurl-minimal-7.76.1-23.el9_2.4.i686.rpm libcurl-minimal-7.76.1-23.el9_2.4.x86_64.rpm

aarch64

curl-7.76.1-23.el9_2.4.aarch64.rpm curl-minimal-7.76.1-23.el9_2.4.aarch64.rpm libcurl-7.76.1-23.el9_2.4.aarch64.rpm libcurl-devel-7.76.1-23.el9_2.4.aarch64.rpm libcurl-minimal-7.76.1-23.el9_2.4.aarch64.rpm

Severity
critical
Lowest
Low
Medium
High
Critical

Related CVEs: CVE-2023-38545 CVE-2023-38546

Topics%20covered

Topics Covered

security advisory buffer overflow critical software update curl update Oracle Linux cookie injection

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here