Alerts This Week
Warning Icon 1 764
Alerts This Week
Warning Icon 1 764

SUSE SLES12SP5: 2021:199-1 Moderate: Curl Stack Disclosure

suse
Calendar Grey May 27, 2021
Dist Suse Esm H88
SUSE Container Security Announcement for suse/sles12sp5 addresses vulnerabilities in curl classified with moderate impact.
The container suse/sles12sp5 was updated

Summary

Advisory ID: SUSE-SU-2021:1763-1 Released: Wed May 26 12:31:57 2021 Summary: Security update for curl Type: security Severity: moderate

Topics%20covered

Topics Covered

security advisory moderate security update update moderate severity curl sles12sp5 container advisory contents disclosure stack disclosure

References

References : 1186114 CVE-2021-22898

1186114,CVE-2021-22898

This update for curl fixes the following issues:

- CVE-2021-22898: Fixed curl TELNET stack contents disclosure (bsc#1186114).

- Allow partial chain verification [jsc#SLE-17956]

* Have intermediate certificates in the trust store be treated

as trust-anchors, in the same way as self-signed root CA

certificates are. This allows users to verify servers using

the intermediate cert only, instead of needing the whole chain.

* Set FLAG_TRUSTED_FIRST unconditionally.

* Do not check partial chains with CRL check.

Container Advisory ID : SUSE-CU-2021:199-1
Container Tags : suse/sles12sp5:6.5.182 , suse/sles12sp5:latest
Container Release : 6.5.182
Severity : moderate
Type : security

Topics%20covered

Topics Covered

security advisory moderate security update update moderate severity curl sles12sp5 container advisory contents disclosure stack disclosure

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here