What Are You Looking For?

Popular Tags

Sign Up

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security]  curl (SSA:2023-200-01)

New curl packages are available for Slackware 14.0, 14.1, 14.2, 15.0,
and -current to fix a security issue.


Here are the details from the Slackware 15.0 ChangeLog:
+--------------------------+
patches/packages/curl-8.2.0-i586-1_slack15.0.txz:  Upgraded.
  This update fixes a security issue:
  fopen race condition.
  For more information, see:
    https://curl.se/docs/CVE-2023-32001.html
    https://www.cve.org/CVERecord?id=CVE-2023-32001
  (* Security fix *)
+--------------------------+


Where to find the new packages:
+-----------------------------+

Thanks to the friendly folks at the OSU Open Source Lab
(https://osuosl.org) for donating FTP and rsync hosting
to the Slackware project!  :-)

Also see the "Get Slack" section on https://slackware.com for
additional mirror sites near you.

Updated package for Slackware 14.0:
ftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/curl-8.2.0-i486-1_slack14.0.txz

Updated package for Slackware x86_64 14.0:
ftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/curl-8.2.0-x86_64-1_slack14.0.txz

Updated package for Slackware 14.1:
ftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/curl-8.2.0-i486-1_slack14.1.txz

Updated package for Slackware x86_64 14.1:
ftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/curl-8.2.0-x86_64-1_slack14.1.txz

Updated package for Slackware 14.2:
ftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/curl-8.2.0-i586-1_slack14.2.txz

Updated package for Slackware x86_64 14.2:
ftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/curl-8.2.0-x86_64-1_slack14.2.txz

Updated package for Slackware 15.0:
ftp://ftp.slackware.com/pub/slackware/slackware-15.0/patches/packages/curl-8.2.0-i586-1_slack15.0.txz

Updated package for Slackware x86_64 15.0:
ftp://ftp.slackware.com/pub/slackware/slackware64-15.0/patches/packages/curl-8.2.0-x86_64-1_slack15.0.txz

Updated package for Slackware -current:
ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/curl-8.2.0-i586-1.txz

Updated package for Slackware x86_64 -current:
ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/curl-8.2.0-x86_64-1.txz


MD5 signatures:
+-------------+

Slackware 14.0 package:
b3e10cdb7a1e759a21cb6334d00e0e0f  curl-8.2.0-i486-1_slack14.0.txz

Slackware x86_64 14.0 package:
985aa36983dc0ab759478e8942292441  curl-8.2.0-x86_64-1_slack14.0.txz

Slackware 14.1 package:
6dde270168fc5dd05e637c516b2680ec  curl-8.2.0-i486-1_slack14.1.txz

Slackware x86_64 14.1 package:
c769fae8991cb223c00cb54f086ecf1d  curl-8.2.0-x86_64-1_slack14.1.txz

Slackware 14.2 package:
b0d99d3b6b8bbcef682e46408f79cbb7  curl-8.2.0-i586-1_slack14.2.txz

Slackware x86_64 14.2 package:
2d110acdaee6ba021e1aa50c82860992  curl-8.2.0-x86_64-1_slack14.2.txz

Slackware 15.0 package:
cc4d3a509f4f9786cb2bd1ce411eb5d5  curl-8.2.0-i586-1_slack15.0.txz

Slackware x86_64 15.0 package:
6568a7824c3cd68594072b1730627fad  curl-8.2.0-x86_64-1_slack15.0.txz

Slackware -current package:
7895d0cecdb91776452dbcf835267077  n/curl-8.2.0-i586-1.txz

Slackware x86_64 -current package:
c7a2f74db6a8b12fa92cff04dcf1bf04  n/curl-8.2.0-x86_64-1.txz


Installation instructions:
+------------------------+

Upgrade the package as root:
# upgradepkg curl-8.2.0-i586-1_slack15.0.txz


+-----+

Slackware: 2023-200-01: curl Security Update

July 19, 2023
New curl packages are available for Slackware 14.0, 14.1, 14.2, 15.0, and -current to fix a security issue

Summary

Here are the details from the Slackware 15.0 ChangeLog: patches/packages/curl-8.2.0-i586-1_slack15.0.txz: Upgraded. This update fixes a security issue: fopen race condition. For more information, see: https://curl.se/docs/CVE-2023-32001.html https://www.cve.org/CVERecord?id=CVE-2023-32001 (* Security fix *)

Where Find New Packages

Thanks to the friendly folks at the OSU Open Source Lab (https://osuosl.org) for donating FTP and rsync hosting to the Slackware project! :-)
Also see the "Get Slack" section on https://slackware.com for additional mirror sites near you.
Updated package for Slackware 14.0: ftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/curl-8.2.0-i486-1_slack14.0.txz
Updated package for Slackware x86_64 14.0: ftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/curl-8.2.0-x86_64-1_slack14.0.txz
Updated package for Slackware 14.1: ftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/curl-8.2.0-i486-1_slack14.1.txz
Updated package for Slackware x86_64 14.1: ftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/curl-8.2.0-x86_64-1_slack14.1.txz
Updated package for Slackware 14.2: ftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/curl-8.2.0-i586-1_slack14.2.txz
Updated package for Slackware x86_64 14.2: ftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/curl-8.2.0-x86_64-1_slack14.2.txz
Updated package for Slackware 15.0: ftp://ftp.slackware.com/pub/slackware/slackware-15.0/patches/packages/curl-8.2.0-i586-1_slack15.0.txz
Updated package for Slackware x86_64 15.0: ftp://ftp.slackware.com/pub/slackware/slackware64-15.0/patches/packages/curl-8.2.0-x86_64-1_slack15.0.txz
Updated package for Slackware -current: ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/curl-8.2.0-i586-1.txz
Updated package for Slackware x86_64 -current: ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/curl-8.2.0-x86_64-1.txz

MD5 Signatures

Slackware 14.0 package: b3e10cdb7a1e759a21cb6334d00e0e0f curl-8.2.0-i486-1_slack14.0.txz
Slackware x86_64 14.0 package: 985aa36983dc0ab759478e8942292441 curl-8.2.0-x86_64-1_slack14.0.txz
Slackware 14.1 package: 6dde270168fc5dd05e637c516b2680ec curl-8.2.0-i486-1_slack14.1.txz
Slackware x86_64 14.1 package: c769fae8991cb223c00cb54f086ecf1d curl-8.2.0-x86_64-1_slack14.1.txz
Slackware 14.2 package: b0d99d3b6b8bbcef682e46408f79cbb7 curl-8.2.0-i586-1_slack14.2.txz
Slackware x86_64 14.2 package: 2d110acdaee6ba021e1aa50c82860992 curl-8.2.0-x86_64-1_slack14.2.txz
Slackware 15.0 package: cc4d3a509f4f9786cb2bd1ce411eb5d5 curl-8.2.0-i586-1_slack15.0.txz
Slackware x86_64 15.0 package: 6568a7824c3cd68594072b1730627fad curl-8.2.0-x86_64-1_slack15.0.txz
Slackware -current package: 7895d0cecdb91776452dbcf835267077 n/curl-8.2.0-i586-1.txz
Slackware x86_64 -current package: c7a2f74db6a8b12fa92cff04dcf1bf04 n/curl-8.2.0-x86_64-1.txz

Severity
[slackware-security] curl (SSA:2023-200-01)
New curl packages are available for Slackware 14.0, 14.1, 14.2, 15.0, and -current to fix a security issue.

Installation Instructions

Installation instructions: Upgrade the package as root: # upgradepkg curl-8.2.0-i586-1_slack15.0.txz

Related News

Librem 11: Purism Unveils a Privacy-Focused Linux Tablet

Sep 15, 2023

Critical PHP Info Disclosure, Code Execution Bugs Fixed

Sep 7, 2023

Multiple Severe, Remotely Exploitable Chromium Vulns Fixed

Sep 15, 2023

Remotely Exploitable Poppler DoS Bugs Fixed - Update Now!

Sep 22, 2023

News

Advisories

HOWTOs

Features

The Unseen Potential of Wake-on-LAN
Linux Vulnerabilities: The Antidote to This Linux Security Poison
Preventing Linux DDoS Attacks with Minimal Cybersecurity Knowledge
Navigating Software Scalability: A Practical Guide to Building Scalable Systems with Linux
Unlocking the Secrets of Linux Security: An Expert Analysis

About Us

Powered By

Footer Logo

Feedback