Slackware 14.2 SSA:2016-219-01 Critical Issue: Curl Denial of Service
slackware
August 6, 2016
New curl packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, 14.2, and -current to fix security issues
Summary
Here are the details from the Slackware 14.2 ChangeLog: patches/packages/curl-7.50.1-i586-1_slack14.2.txz: Upgraded. This release fixes security issues: TLS: switch off SSL session id when client cert is used TLS: only reuse connections with the same client cert curl_multi_cleanup: clear connection pointer for easy handles For more information, see: https://curl.se/docs/CVE-2016-5419.html https://curl.se/docs/CVE-2016-5420.html https://curl.se/docs/CVE-2016-5421.html https://www.cve.org/CVERecord?id=CVE-2016-5419 https://www.cve.org/CVERecord?id=CVE-2016-5420 https://www.cve.org/CVERecord?id=CVE-2016-5421 (* Security fix *)
Topics Covered
Where Find New Packages
Thanks to the friendly folks at the OSU Open Source Lab
(https://osuosl.org/) for donating FTP and rsync hosting
to the Slackware project! :-)
Also see the "Get Slack" section on http://www.slackware.com/ for
additional mirror sites near you.
Updated package for Slackware 13.0:
Updated package for Slackware x86_64 13.0:
Updated package for Slackware 13.1:
Updated package for Slackware x86_64 13.1:
Updated package for Slackware 13.37:
Updated package for Slackware x86_64 13.37:
Updated package for Slackware 14.0:
Updated package for Slackware x86_64 14.0:
Updated package for Slackware 14.1:
Updated package for Slackware x86_64 14.1:
Updated package for Slackware 14.2:
Updated package for Slackware x86_64 14.2:
Updated package for Slackware -current:
Updated package for Slackware x86_64 -current:
MD5 Signatures
Slackware 13.0 package:
3a0529a79a5ed8b2fcc6119f6d84bb87 curl-7.50.1-i486-1_slack13.0.txz
Slackware x86_64 13.0 package:
b7cec32a6a27092b8c8b971870ee33f0 curl-7.50.1-x86_64-1_slack13.0.txz
Slackware 13.1 package:
3a2236a337f2219138047f0503bd5d20 curl-7.50.1-i486-1_slack13.1.txz
Slackware x86_64 13.1 package:
2fc28a5a4aacab8287fc5c56166acbf5 curl-7.50.1-x86_64-1_slack13.1.txz
Slackware 13.37 package:
995375f2cf8c91a12a1077ee5537abc5 curl-7.50.1-i486-1_slack13.37.txz
Slackware x86_64 13.37 package:
4505d0795928ad1335e1c9f38d698704 curl-7.50.1-x86_64-1_slack13.37.txz
Slackware 14.0 package:
b43f912f026a0e4c445d0d0ec6668699 curl-7.50.1-i486-1_slack14.0.txz
Slackware x86_64 14.0 package:
f2af6747b255004c74553a8fd2f4f4b2 curl-7.50.1-x86_64-1_slack14.0.txz
Slackware 14.1 package:
a97784a7a315f339216f999c0cf2745a curl-7.50.1-i486-1_slack14.1.txz
Slackware x86_64 14.1 package:
a38bb7251900222224b8231ce2f98bef curl-7.50.1-x86_64-1_slack14.1.txz
Slackware 14.2 package:
84542748723d80e423a2980f3798375a curl-7.50.1-i586-1_slack14.2.txz
Slackware x86_64 14.2 package:
7143b71f834c8f78b190d33c9a718535 curl-7.50.1-x86_64-1_slack14.2.txz
Slackware -current package:
56f4e11b032cba84cba8d9a684f3f5f0 n/curl-7.50.1-i586-1.txz
Slackware x86_64 -current package:
87011664f95d330683daad3fb9bcb1df n/curl-7.50.1-x86_64-1.txz
PREVIOUS
NEXT
Severity
critical
Lowest
Low
Medium
High
Critical
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Installation Instructions
Installation instructions: Upgrade the package as root: # upgradepkg curl-7.50.1-i586-1_slack14.2.txz
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!