ELBA-2019-3971

ULN >
Oracle Linux Errata repository >
ELBA-2019-3971

ELBA-2019-3971 - curl bug fix update

Type:	BUG
Impact:	NA
Release Date:	2019-11-27

Description

[7.29.0-54.0.1.el7_7.1]
- Security Fixes [OraBug: 28939992]
- CVE-2016-8615 cookie injection for other servers (https://curl.haxx.se/docs/CVE-2016-8615.html)
- CVE-2016-8616 case insensitive password comparison (https://curl.haxx.se/docs/CVE-2016-8616.html)
- CVE-2016-8617 OOB write via unchecked multiplication (https://curl.haxx.se/docs/CVE-2016-8617.html)
- CVE-2016-8618 double-free in curl_maprintf (https://curl.haxx.se/docs/CVE-2016-8618.html)
- CVE-2016-8619 double-free in krb5 code (https://curl.haxx.se/docs/CVE-2016-8619.html)
- CVE-2016-8621 curl_getdate read out of bounds (https://curl.haxx.se/docs/CVE-2016-8621.html)
- CVE-2016-8622 URL unescape heap overflow via integer truncation (https://curl.haxx.se/docs/CVE-2016-8622.html)
- CVE-2016-8623 Use-after-free via shared cookies (https://curl.haxx.se/docs/CVE-2016-8623.html)
- CVE-2016-8624 invalid URL parsing with # (https://curl.haxx.se/docs/CVE-2016-8624.html)

[7.29.0-54.el7_7.1]
- fix auth failure with duplicated WWW-Authenticate header (#1754736)

Updated Packages

Release/Architecture	Filename	sha256	Superseded By Advisory	Channel Label

Oracle Linux 7 (aarch64)	curl-7.29.0-54.0.1.el7_7.1.src.rpm	d3abbc6e396dc1212819f0bb566a7437541768c80b67c87149396236d13a014f	ELSA-2023-7743	ol7_aarch64_latest
	curl-7.29.0-54.0.1.el7_7.1.src.rpm	d3abbc6e396dc1212819f0bb566a7437541768c80b67c87149396236d13a014f	ELSA-2023-7743	ol7_aarch64_u7_patch
	curl-7.29.0-54.0.1.el7_7.1.aarch64.rpm	17a23f6e94000c2b47d05fcf720ccca90d8cd8d52e7661b804dfd26f7e90fb64	ELSA-2023-7743	ol7_aarch64_latest
	curl-7.29.0-54.0.1.el7_7.1.aarch64.rpm	17a23f6e94000c2b47d05fcf720ccca90d8cd8d52e7661b804dfd26f7e90fb64	ELSA-2023-7743	ol7_aarch64_u7_patch
	libcurl-7.29.0-54.0.1.el7_7.1.aarch64.rpm	aa3e9ae411b224c35ee5df030e67e81e6c34716808fb579816cfb6772c2b98d1	ELSA-2023-7743	ol7_aarch64_latest
	libcurl-7.29.0-54.0.1.el7_7.1.aarch64.rpm	aa3e9ae411b224c35ee5df030e67e81e6c34716808fb579816cfb6772c2b98d1	ELSA-2023-7743	ol7_aarch64_u7_patch
	libcurl-devel-7.29.0-54.0.1.el7_7.1.aarch64.rpm	69c27e4e13407f9e9d82d15e5fc20e6d0e6e38e36fd6a0982a50000a15b3c517	ELSA-2023-7743	ol7_aarch64_latest
	libcurl-devel-7.29.0-54.0.1.el7_7.1.aarch64.rpm	69c27e4e13407f9e9d82d15e5fc20e6d0e6e38e36fd6a0982a50000a15b3c517	ELSA-2023-7743	ol7_aarch64_u7_patch

Oracle Linux 7 (x86_64)	curl-7.29.0-54.0.1.el7_7.1.src.rpm	d3abbc6e396dc1212819f0bb566a7437541768c80b67c87149396236d13a014f	ELSA-2023-7743	ol7_x86_64_latest
	curl-7.29.0-54.0.1.el7_7.1.src.rpm	d3abbc6e396dc1212819f0bb566a7437541768c80b67c87149396236d13a014f	ELSA-2023-7743	ol7_x86_64_u7_patch
	curl-7.29.0-54.0.1.el7_7.1.x86_64.rpm	bdf4f9f937676ea5a156bd17ae5677c7aadbffca7ac4e630935609e9f201747a	ELSA-2023-7743	exadata_dbserver_19.2.10.0.0_x86_64_base
	curl-7.29.0-54.0.1.el7_7.1.x86_64.rpm	bdf4f9f937676ea5a156bd17ae5677c7aadbffca7ac4e630935609e9f201747a	ELSA-2023-7743	exadata_dbserver_19.2.11.0.0_x86_64_base
	curl-7.29.0-54.0.1.el7_7.1.x86_64.rpm	bdf4f9f937676ea5a156bd17ae5677c7aadbffca7ac4e630935609e9f201747a	ELSA-2023-7743	exadata_dbserver_19.3.4.0.0_x86_64_base
	curl-7.29.0-54.0.1.el7_7.1.x86_64.rpm	bdf4f9f937676ea5a156bd17ae5677c7aadbffca7ac4e630935609e9f201747a	ELSA-2023-7743	exadata_dbserver_19.3.5.0.0_x86_64_base
	curl-7.29.0-54.0.1.el7_7.1.x86_64.rpm	bdf4f9f937676ea5a156bd17ae5677c7aadbffca7ac4e630935609e9f201747a	ELSA-2023-7743	ol7_x86_64_latest
	curl-7.29.0-54.0.1.el7_7.1.x86_64.rpm	bdf4f9f937676ea5a156bd17ae5677c7aadbffca7ac4e630935609e9f201747a	ELSA-2023-7743	ol7_x86_64_u7_patch
	libcurl-7.29.0-54.0.1.el7_7.1.i686.rpm	934300d12dee5f3c4787594b72fa4d50cc940cfd9c1dae34449b7c3458151ae2	ELSA-2023-7743	ol7_x86_64_latest
	libcurl-7.29.0-54.0.1.el7_7.1.i686.rpm	934300d12dee5f3c4787594b72fa4d50cc940cfd9c1dae34449b7c3458151ae2	ELSA-2023-7743	ol7_x86_64_u7_patch
	libcurl-7.29.0-54.0.1.el7_7.1.x86_64.rpm	a36334da53982e38b03c2875ef2ea65e0e77aa07de9a164dfea1bd41c65d4c71	ELSA-2023-7743	exadata_dbserver_19.2.10.0.0_x86_64_base
	libcurl-7.29.0-54.0.1.el7_7.1.x86_64.rpm	a36334da53982e38b03c2875ef2ea65e0e77aa07de9a164dfea1bd41c65d4c71	ELSA-2023-7743	exadata_dbserver_19.2.11.0.0_x86_64_base
	libcurl-7.29.0-54.0.1.el7_7.1.x86_64.rpm	a36334da53982e38b03c2875ef2ea65e0e77aa07de9a164dfea1bd41c65d4c71	ELSA-2023-7743	exadata_dbserver_19.3.4.0.0_x86_64_base
	libcurl-7.29.0-54.0.1.el7_7.1.x86_64.rpm	a36334da53982e38b03c2875ef2ea65e0e77aa07de9a164dfea1bd41c65d4c71	ELSA-2023-7743	exadata_dbserver_19.3.5.0.0_x86_64_base
	libcurl-7.29.0-54.0.1.el7_7.1.x86_64.rpm	a36334da53982e38b03c2875ef2ea65e0e77aa07de9a164dfea1bd41c65d4c71	ELSA-2023-7743	ol7_x86_64_latest
	libcurl-7.29.0-54.0.1.el7_7.1.x86_64.rpm	a36334da53982e38b03c2875ef2ea65e0e77aa07de9a164dfea1bd41c65d4c71	ELSA-2023-7743	ol7_x86_64_u7_patch
	libcurl-devel-7.29.0-54.0.1.el7_7.1.i686.rpm	fbba6317f815002a9ce4ec01827a20bb970f3baee22218a56c525ee5b266e07b	ELSA-2023-7743	ol7_x86_64_latest
	libcurl-devel-7.29.0-54.0.1.el7_7.1.i686.rpm	fbba6317f815002a9ce4ec01827a20bb970f3baee22218a56c525ee5b266e07b	ELSA-2023-7743	ol7_x86_64_u7_patch
	libcurl-devel-7.29.0-54.0.1.el7_7.1.x86_64.rpm	5016e18c3debcfe41901343ba6eb15f583814d0e0caa47b3e9b2bd1b9960e4c9	ELSA-2023-7743	ol7_x86_64_latest
	libcurl-devel-7.29.0-54.0.1.el7_7.1.x86_64.rpm	5016e18c3debcfe41901343ba6eb15f583814d0e0caa47b3e9b2bd1b9960e4c9	ELSA-2023-7743	ol7_x86_64_u7_patch

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

Technical information

Oracle Linux Support

Connect

Contact Us

Global contacts
Oracle 1-800-633-0691