Ubuntu 24.04 LTS USN-7012-1 Critical: Curl Bad Certificate Check Problem
Sep 16, 2024
•
LinuxSecurity Advisories
1 - 2 min read
curl could incorrectly check bad certificates when OCSP stapling is in use.
========================================================================== Ubuntu Security Notice USN-7012-1 September 16, 2024 curl vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 24.04 LTS - Ubuntu 22.04 LTS - Ubuntu 20.04 LTS Summary: curl could incorrectly check bad certificates when OCSP stapling is in use. Software Description: - curl: HTTP, HTTPS, and FTP client and client libraries Details: Hiroki Kurosawa discovered that curl incorrectly handled certain OCSP responses. This could result in bad certificates not being checked properly, contrary to expectations. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 24.04 LTS curl 8.5.0-2ubuntu10.4 libcurl3t64-gnutls 8.5.0-2ubuntu10.4 libcurl4t64 8.5.0-2ubuntu10.4 Ubuntu 22.04 LTS curl 7.81.0-1ubuntu1.18 libcurl3-gnutls 7.81.0-1ubuntu1.18 libcurl3-nss 7.81.0-1ubuntu1.18 libcurl4 7.81.0-1ubuntu1.18 Ubuntu 20.04 LTS curl 7.68.0-1ubuntu2.24 libcurl3-gnutls 7.68.0-1ubuntu2.24 libcurl3-nss 7.68.0-1ubuntu2.24 libcurl4 7.68.0-1ubuntu2.24 In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-7012-1 CVE-2024-8096 Package Information: https://launchpad.net/ubuntu/+source/curl/8.5.0-2ubuntu10.4 https://launchpad.net/ubuntu/+source/curl/7.81.0-1ubuntu1.18 https://launchpad.net/ubuntu/+source/curl/7.68.0-1ubuntu2.24
PREVIOUS
NEXT
Ubuntu 24.04 LTS USN-7012-1 Critical: Curl Bad Certificate Check Problem
ubuntu
September 16, 2024
curl could incorrectly check bad certificates when OCSP stapling is in use.
Summary
A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 24.04 LTS - Ubuntu 22.04 LTS - Ubuntu 20.04 LTS Summary: curl could incorrectly check bad certificates when OCSP stapling is in use. Software Description: - curl: HTTP, HTTPS, and FTP client and client libraries Details: Hiroki Kurosawa discovered that curl incorrectly handled certain OCSP responses. This could result in bad certificates not being checked properly, contrary to expectations.
Update Instructions
The problem can be corrected by updating your system to the following package versions: Ubuntu 24.04 LTS curl 8.5.0-2ubuntu10.4 libcurl3t64-gnutls 8.5.0-2ubuntu10.4 libcurl4t64 8.5.0-2ubuntu10.4 Ubuntu 22.04 LTS curl 7.81.0-1ubuntu1.18 libcurl3-gnutls 7.81.0-1ubuntu1.18 libcurl3-nss 7.81.0-1ubuntu1.18 libcurl4 7.81.0-1ubuntu1.18 Ubuntu 20.04 LTS curl 7.68.0-1ubuntu2.24 libcurl3-gnutls 7.68.0-1ubuntu2.24 libcurl3-nss 7.68.0-1ubuntu2.24 libcurl4 7.68.0-1ubuntu2.24 In general, a standard system update will make all the necessary changes.
References
https://ubuntu.com/security/notices/USN-7012-1
CVE-2024-8096
Severity
critical
Lowest
Low
Medium
High
Critical
Ubuntu Security Notice USN-7012-1
Package Information
https://launchpad.net/ubuntu/+source/curl/8.5.0-2ubuntu10.4 https://launchpad.net/ubuntu/+source/curl/7.81.0-1ubuntu1.18 https://launchpad.net/ubuntu/+source/curl/7.68.0-1ubuntu2.24
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!