SUSE: 2022:920-1 suse/sles12sp3 Security Update
Summary
Advisory ID: SUSE-SU-2022:1564-1 Released: Fri May 6 17:09:17 2022 Summary: Security update for curl Type: security Severity: moderate
References
References : 1198614 1198766 CVE-2022-22576 CVE-2022-27776
1198614,1198766,CVE-2022-22576,CVE-2022-27776
This update for curl fixes the following issues:
- CVE-2022-27776: Fixed Auth/cookie leak on redirect (bsc#1198766)
- CVE-2022-22576: Fixed OAUTH2 bearer bypass in connection re-use (bsc#1198614)
The following package changes have been done:
- libcurl4-7.37.0-37.73.1 updated