SUSE: 2022:1020-1 suse/sles12sp5 Security Update
Summary
Advisory ID: SUSE-SU-2022:1680-1 Released: Mon May 16 11:09:42 2022 Summary: Security update for curl Type: security Severity: moderate Advisory ID: SUSE-RU-2022:1682-1 Released: Mon May 16 11:10:34 2022 Summary: Recommended update for systemd Type: recommended Severity: low
References
References : 1198614 1198766 1199273 CVE-2022-22576 CVE-2022-27776
1198614,1198766,CVE-2022-22576,CVE-2022-27776
This update for curl fixes the following issues:
- CVE-2022-27776: Fixed Auth/cookie leak on redirect (bsc#1198766)
- CVE-2022-22576: Fixed OAUTH2 bearer bypass in connection re-use (bsc#1198614)
1199273
This update for systemd syncs internal package requirements, but has otherwise no code
or functional changes compared to the last update. (bsc#1199273)
The following package changes have been done:
- libcurl4-7.60.0-11.37.1 updated
- libsystemd0-228-157.40.1 updated
- libudev1-228-157.40.1 updated