Alerts This Week
Warning Icon 1 537
Alerts This Week
Warning Icon 1 537

Debian: 2022-045-02 Urgent: Libpng Memory Corruption Patch

slackware
Calendar Grey April 27, 2022
Dist Slackware Esm H88
Recent updates to curl packages remediate vulnerabilities affecting various Slackware versions, tackling OAuth2 complications and safeguarding against credential exposure.
New curl packages are available for Slackware 14.0, 14.1, 14.2, 15.0, and -current to fix security issues

Summary

Here are the details from the Slackware 15.0 ChangeLog: patches/packages/curl-7.83.0-i586-1_slack15.0.txz: Upgraded. This update fixes security issues: OAUTH2 bearer bypass in connection re-use. Credential leak on redirect. Bad local IPv6 connection reuse. Auth/cookie leak on redirect. For more information, see: https://curl.se/docs/CVE-2022-22576.html https://curl.se/docs/CVE-2022-27774.html https://curl.se/docs/CVE-2022-27775.html https://curl.se/docs/CVE-2022-27776.html https://www.cve.org/CVERecord?id=CVE-2022-22576 https://www.cve.org/CVERecord?id=CVE-2022-27774 https://www.cve.org/CVERecord?id=CVE-2022-27775 https://www.cve.org/CVERecord?id=CVE-2022-27776 (* Security fix *)

Topics%20covered

Topics Covered

security advisory critical security fix slackware curl credential leak OAuth2

Where Find New Packages

Thanks to the friendly folks at the OSU Open Source Lab (https://osuosl.org/) for donating FTP and rsync hosting to the Slackware project! :-)
Also see the "Get Slack" section on http://www.slackware.com/ for additional mirror sites near you.
Updated package for Slackware 14.0:
Updated package for Slackware x86_64 14.0:
Updated package for Slackware 14.1:
Updated package for Slackware x86_64 14.1:
Updated package for Slackware 14.2:
Updated package for Slackware x86_64 14.2:
Updated package for Slackware 15.0:
Updated package for Slackware x86_64 15.0:
Updated package for Slackware -current:
Updated package for Slackware x86_64 -current:

MD5 Signatures

Slackware 14.0 package: 607b20f1371350e8f7593018cc238913 curl-7.83.0-i486-1_slack14.0.txz
Slackware x86_64 14.0 package: b5ad2b55e38ff8b3aeb5c90393e418c6 curl-7.83.0-x86_64-1_slack14.0.txz
Slackware 14.1 package: 00e82861084a0786a7f68b22967a8c1e curl-7.83.0-i486-1_slack14.1.txz
Slackware x86_64 14.1 package: e125ccdc37ac93e6dda401804b68d920 curl-7.83.0-x86_64-1_slack14.1.txz
Slackware 14.2 package: 0b4718eb4fe11d2bf332ba2ec2ac2a7d curl-7.83.0-i586-1_slack14.2.txz
Slackware x86_64 14.2 package: 9352461a4f1474e0595e9fd059b72825 curl-7.83.0-x86_64-1_slack14.2.txz
Slackware 15.0 package: 553edba4be92fac1a49385c00cc523d0 curl-7.83.0-i586-1_slack15.0.txz
Slackware x86_64 15.0 package: 63728de433fd85551d330a170a9293fb curl-7.83.0-x86_64-1_slack15.0.txz
Slackware -current package: 85ee2ff366110682670227d31bc7b178 n/curl-7.83.0-i586-1.txz
Slackware x86_64 -current package: c8fa7d26aac235ab9d6a49778b7fa6b1 n/curl-7.83.0-x86_64-1.txz

Severity
important
Lowest
Low
Medium
High
Critical

Topics%20covered

Topics Covered

security advisory critical security fix slackware curl credential leak OAuth2

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Installation Instructions

Installation instructions: Upgrade the package as root: # upgradepkg curl-7.83.0-i586-1_slack15.0.txz

Related News

Your message here