Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 569
Alerts This Week
Warning Icon 1 569

SUSE: 2022:1088-1 Important: Curl Security Update in SLES12 SP3

suse
Calendar Grey May 19, 2022
Scroller Suse
Critical patch release for SUSE Container suse/sles12sp3 resolving significant vulnerabilities in wget.
The container suse/sles12sp3 was updated

Summary

Advisory ID: SUSE-SU-2022:1733-1 Released: Wed May 18 17:23:30 2022 Summary: Security update for curl Type: security Severity: important

References

References : 1199223 1199224 CVE-2022-27781 CVE-2022-27782

1199223,1199224,CVE-2022-27781,CVE-2022-27782

This update for curl fixes the following issues:

- CVE-2022-27781: Fixed CERTINFO never-ending busy-loop (bsc#1199223)

- CVE-2022-27782: Fixed TLS and SSH connection too eager reuse (bsc#1199224)

The following package changes have been done:

- libcurl4-7.37.0-37.76.1 updated

Severity
important
Lowest
Low
Medium
High
Critical

Container Advisory ID : SUSE-CU-2022:1088-1
Container Tags : suse/sles12sp3:2.0.2 , suse/sles12sp3:24.390 , suse/sles12sp3:latest
Container Release : 24.390
Severity : important
Type : security

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.