Alerts This Week
Warning Icon 1 916
Alerts This Week
Warning Icon 1 916

Slackware: 2021-258-01 Critical: Curl SSL Update for Security Issues

slackware
Calendar Grey September 15, 2021
Dist Slackware Esm H88
Recent curl updates for Slackware address critical vulnerabilities concerning SSL protocols and response management. Ensure your system is secure by upgrading!
New curl packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix security issues

Summary

Here are the details from the Slackware 14.2 ChangeLog: patches/packages/curl-7.79.0-i586-1_slack14.2.txz: Upgraded. This update fixes security issues: clear the leftovers pointer when sending succeeds. do not ignore --ssl-reqd. reject STARTTLS server response pipelining. For more information, see: https://www.cve.org/CVERecord?id=CVE-2021-22945 https://www.cve.org/CVERecord?id=CVE-2021-22946 https://www.cve.org/CVERecord?id=CVE-2021-22947 (* Security fix *)

Topics%20covered

Topics Covered

security advisory critical package update Slackware SSL issue Curl response handling

Where Find New Packages

Thanks to the friendly folks at the OSU Open Source Lab (https://osuosl.org/) for donating FTP and rsync hosting to the Slackware project! :-)
Also see the "Get Slack" section on http://www.slackware.com/ for additional mirror sites near you.
Updated package for Slackware 14.0:
Updated package for Slackware x86_64 14.0:
Updated package for Slackware 14.1:
Updated package for Slackware x86_64 14.1:
Updated package for Slackware 14.2:
Updated package for Slackware x86_64 14.2:
Updated package for Slackware -current:
Updated package for Slackware x86_64 -current:

MD5 Signatures

Slackware 14.0 package: a311694304f739d807ec1c3f1e1be430 curl-7.79.0-i486-1_slack14.0.txz
Slackware x86_64 14.0 package: 131de90d080e29b34397a7fdb323e763 curl-7.79.0-x86_64-1_slack14.0.txz
Slackware 14.1 package: f1e61ff5609bf1e9abfd0a6d0130b115 curl-7.79.0-i486-1_slack14.1.txz
Slackware x86_64 14.1 package: 61cd3800c0f47a45b63553edcc1efe59 curl-7.79.0-x86_64-1_slack14.1.txz
Slackware 14.2 package: ed6337cdae711195c4068162041dae80 curl-7.79.0-i586-1_slack14.2.txz
Slackware x86_64 14.2 package: 8fc49031584a53e35f85b32bf3726e00 curl-7.79.0-x86_64-1_slack14.2.txz
Slackware -current package: 661f22d3b107a2a1f7936b3c19597fe0 n/curl-7.79.0-i586-1.txz
Slackware x86_64 -current package: cede4ac1b79cc400c7f4112fff5d69d6 n/curl-7.79.0-x86_64-1.txz

Severity
critical
Lowest
Low
Medium
High
Critical

Topics%20covered

Topics Covered

security advisory critical package update Slackware SSL issue Curl response handling

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Installation Instructions

Installation instructions: Upgrade the package as root: # upgradepkg curl-7.79.0-i586-1_slack14.2.txz

Your message here