Slackware: 2020-176-01: curl Security Update

    Date 24 Jun 2020
    136
    Posted By LinuxSecurity Advisories
    New curl packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix security issues.
    
    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA1
    
    [slackware-security]  curl (SSA:2020-176-01)
    
    New curl packages are available for Slackware 14.0, 14.1, 14.2, and -current to
    fix security issues.
    
    
    Here are the details from the Slackware 14.2 ChangeLog:
    +--------------------------+
    patches/packages/curl-7.71.0-i586-1_slack14.2.txz:  Upgraded.
      This update fixes security issues:
      curl overwrite local file with -J [111]
      Partial password leak over DNS on HTTP redirect [48]
      For more information, see:
        https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8177
        https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8169
      (* Security fix *)
    +--------------------------+
    
    
    Where to find the new packages:
    +-----------------------------+
    
    Thanks to the friendly folks at the OSU Open Source Lab
    (https://osuosl.org) for donating FTP and rsync hosting
    to the Slackware project!  :-)
    
    Also see the "Get Slack" section on https://slackware.com for
    additional mirror sites near you.
    
    Updated package for Slackware 14.0:
    ftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/curl-7.71.0-i486-1_slack14.0.txz
    
    Updated package for Slackware x86_64 14.0:
    ftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/curl-7.71.0-x86_64-1_slack14.0.txz
    
    Updated package for Slackware 14.1:
    ftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/curl-7.71.0-i486-1_slack14.1.txz
    
    Updated package for Slackware x86_64 14.1:
    ftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/curl-7.71.0-x86_64-1_slack14.1.txz
    
    Updated package for Slackware 14.2:
    ftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/curl-7.71.0-i586-1_slack14.2.txz
    
    Updated package for Slackware x86_64 14.2:
    ftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/curl-7.71.0-x86_64-1_slack14.2.txz
    
    Updated package for Slackware -current:
    ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/curl-7.71.0-i586-1.txz
    
    Updated package for Slackware x86_64 -current:
    ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/curl-7.71.0-x86_64-1.txz
    
    
    MD5 signatures:
    +-------------+
    
    Slackware 14.0 package:
    543a93181bfe5ef265594febef9b01f9  curl-7.71.0-i486-1_slack14.0.txz
    
    Slackware x86_64 14.0 package:
    ab2d93357aa5ce6f4ab6fcec0e52f19c  curl-7.71.0-x86_64-1_slack14.0.txz
    
    Slackware 14.1 package:
    1957d2bc07b95f1d15eeb994d43dbe2f  curl-7.71.0-i486-1_slack14.1.txz
    
    Slackware x86_64 14.1 package:
    4e22ea0b03c564b57ab37f24f594619d  curl-7.71.0-x86_64-1_slack14.1.txz
    
    Slackware 14.2 package:
    9ed5fed890249c2ed2a7e65ab0356f12  curl-7.71.0-i586-1_slack14.2.txz
    
    Slackware x86_64 14.2 package:
    73e680b23886d2210082036a14a5b550  curl-7.71.0-x86_64-1_slack14.2.txz
    
    Slackware -current package:
    7df19bce3edcfcb0ccf3cc1313e7f6f7  n/curl-7.71.0-i586-1.txz
    
    Slackware x86_64 -current package:
    294660a4daee5def015e89e3dcaa0dd4  n/curl-7.71.0-x86_64-1.txz
    
    
    Installation instructions:
    +------------------------+
    
    Upgrade the package as root:
    # upgradepkg curl-7.71.0-i586-1_slack14.2.txz
    
    
    +-----+
    

    LinuxSecurity Poll

    Are you considering making the switch to Purism's new Librem 14 Linux laptop to improve your security and privacy online?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 3 answer(s).
    /main-polls/31-are-you-considering-making-the-switch-to-purism-s-new-librem-14-linux-laptop-to-improve-your-security-and-privacy-online?task=poll.vote&format=json
    31
    radio
    [{"id":"109","title":"Yes - the hardware kill switches and default ad blocking\/tracking protection sold me on it.","votes":"3","type":"x","order":"1","pct":37.5,"resources":[]},{"id":"110","title":"Not sure yet - I need to do more research.","votes":"4","type":"x","order":"2","pct":50,"resources":[]},{"id":"111","title":"No - I'm satisfied with my current laptop and have no security\/privacy concerns.","votes":"1","type":"x","order":"3","pct":12.5,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
    bottom 200

    Advisories

    Please enable / Bitte aktiviere JavaScript!
    Veuillez activer / Por favor activa el Javascript![ ? ]

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.