Stay Connected:

ELBA-2020-0372

ELBA-2020-0372 - curl bug fix update

Type:BUG
Impact:NA
Release Date:2020-02-05

Description


[7.29.0-54.0.3.el7_7.2]
- Security Fixes [OraBug: 28939992]
- CVE-2016-8615 cookie injection for other servers (https://curl.haxx.se/docs/CVE-2016-8615.html)
- CVE-2016-8616 case insensitive password comparison (https://curl.haxx.se/docs/CVE-2016-8616.html)
- CVE-2016-8617 OOB write via unchecked multiplication (https://curl.haxx.se/docs/CVE-2016-8617.html)
- CVE-2016-8618 double-free in curl_maprintf (https://curl.haxx.se/docs/CVE-2016-8618.html)
- CVE-2016-8619 double-free in krb5 code (https://curl.haxx.se/docs/CVE-2016-8619.html)
- CVE-2016-8621 curl_getdate read out of bounds (https://curl.haxx.se/docs/CVE-2016-8621.html)
- CVE-2016-8622 URL unescape heap overflow via integer truncation (https://curl.haxx.se/docs/CVE-2016-8622.html)
- CVE-2016-8623 Use-after-free via shared cookies (https://curl.haxx.se/docs/CVE-2016-8623.html)
- CVE-2016-8624 invalid URL parsing with # (https://curl.haxx.se/docs/CVE-2016-8624.html)

[7.29.0-54.el7_7.2]
- allow curl to POST from a char device (#1769307)




Updated Packages


Release/ArchitectureFilenamesha256Superseded By AdvisoryChannel Label
Oracle Linux 7 (aarch64) curl-7.29.0-54.0.3.el7_7.2.src.rpm09f7a10b80fd4fa3342570c1b9ee1eefbe8910d4ae00ccd59a465649aa6eef13ELSA-2023-7743ol7_aarch64_latest
curl-7.29.0-54.0.3.el7_7.2.src.rpm09f7a10b80fd4fa3342570c1b9ee1eefbe8910d4ae00ccd59a465649aa6eef13ELSA-2023-7743ol7_aarch64_u7_patch
curl-7.29.0-54.0.3.el7_7.2.aarch64.rpm2bf2a93a1ebf64b9cdb5fc1a0870084a3003747f1ee5604f716955f6b9754be7ELSA-2023-7743ol7_aarch64_latest
curl-7.29.0-54.0.3.el7_7.2.aarch64.rpm2bf2a93a1ebf64b9cdb5fc1a0870084a3003747f1ee5604f716955f6b9754be7ELSA-2023-7743ol7_aarch64_u7_patch
libcurl-7.29.0-54.0.3.el7_7.2.aarch64.rpmdeb7a2f0dd974d853a61275441d4149fc0dc41f128006040e9c9f30b1ca969f5ELSA-2023-7743ol7_aarch64_latest
libcurl-7.29.0-54.0.3.el7_7.2.aarch64.rpmdeb7a2f0dd974d853a61275441d4149fc0dc41f128006040e9c9f30b1ca969f5ELSA-2023-7743ol7_aarch64_u7_patch
libcurl-devel-7.29.0-54.0.3.el7_7.2.aarch64.rpm06be1e30ae524b293532abd2acc0d110b4bd543d620894f1ce612c9213b27356ELSA-2023-7743ol7_aarch64_latest
libcurl-devel-7.29.0-54.0.3.el7_7.2.aarch64.rpm06be1e30ae524b293532abd2acc0d110b4bd543d620894f1ce612c9213b27356ELSA-2023-7743ol7_aarch64_u7_patch
Oracle Linux 7 (x86_64) curl-7.29.0-54.0.3.el7_7.2.src.rpm09f7a10b80fd4fa3342570c1b9ee1eefbe8910d4ae00ccd59a465649aa6eef13ELSA-2023-7743ol7_x86_64_latest
curl-7.29.0-54.0.3.el7_7.2.src.rpm09f7a10b80fd4fa3342570c1b9ee1eefbe8910d4ae00ccd59a465649aa6eef13ELSA-2023-7743ol7_x86_64_u7_patch
curl-7.29.0-54.0.3.el7_7.2.x86_64.rpmc1a2f549d3d448ab845660412cb6cfecef79a8811b8123da7bac758f805f81afELSA-2023-7743ol7_x86_64_latest
curl-7.29.0-54.0.3.el7_7.2.x86_64.rpmc1a2f549d3d448ab845660412cb6cfecef79a8811b8123da7bac758f805f81afELSA-2023-7743ol7_x86_64_u7_patch
libcurl-7.29.0-54.0.1.el7_7.2.i686.rpm0d68fc0c4e3a03a20e2f2bace86c5e5b68c4a9782de70f3bc03506c3f8fd5103ELSA-2023-7743ol7_x86_64_latest
libcurl-7.29.0-54.0.1.el7_7.2.i686.rpm0d68fc0c4e3a03a20e2f2bace86c5e5b68c4a9782de70f3bc03506c3f8fd5103ELSA-2023-7743ol7_x86_64_u7_patch
libcurl-7.29.0-54.0.1.el7_7.2.x86_64.rpm5cde30f4e0969215c19f6266c167166e5f3a3cb6c184375d92833fc1d8d70cb5ELSA-2023-7743ol7_x86_64_latest
libcurl-7.29.0-54.0.1.el7_7.2.x86_64.rpm5cde30f4e0969215c19f6266c167166e5f3a3cb6c184375d92833fc1d8d70cb5ELSA-2023-7743ol7_x86_64_u7_patch
libcurl-7.29.0-54.0.3.el7_7.2.i686.rpm974b011e44e6ec382d33717a68930b4f40ae958421a0a0eaad9faf6ea5e83eafELSA-2023-7743ol7_x86_64_latest
libcurl-7.29.0-54.0.3.el7_7.2.i686.rpm974b011e44e6ec382d33717a68930b4f40ae958421a0a0eaad9faf6ea5e83eafELSA-2023-7743ol7_x86_64_u7_patch
libcurl-7.29.0-54.0.3.el7_7.2.x86_64.rpm36dcbb613c6c64b73346c9174f81b78a14e814aac044305e6587c9195ef24258ELSA-2023-7743ol7_x86_64_latest
libcurl-7.29.0-54.0.3.el7_7.2.x86_64.rpm36dcbb613c6c64b73346c9174f81b78a14e814aac044305e6587c9195ef24258ELSA-2023-7743ol7_x86_64_u7_patch
libcurl-devel-7.29.0-54.0.1.el7_7.2.i686.rpm680f0aaad8c06b9d6ff2e3950dd0191b5359dc742929cb979aaeb7f5a0c0b2c2ELSA-2023-7743ol7_x86_64_latest
libcurl-devel-7.29.0-54.0.1.el7_7.2.i686.rpm680f0aaad8c06b9d6ff2e3950dd0191b5359dc742929cb979aaeb7f5a0c0b2c2ELSA-2023-7743ol7_x86_64_u7_patch
libcurl-devel-7.29.0-54.0.1.el7_7.2.x86_64.rpm0dedcf13d31c4e00895d9edc09f100023c131d1d261dd71d1989bd569da37389ELSA-2023-7743ol7_x86_64_latest
libcurl-devel-7.29.0-54.0.1.el7_7.2.x86_64.rpm0dedcf13d31c4e00895d9edc09f100023c131d1d261dd71d1989bd569da37389ELSA-2023-7743ol7_x86_64_u7_patch
libcurl-devel-7.29.0-54.0.3.el7_7.2.i686.rpm336a7877837932ba50063618a7e6689cad9091ab7e199f23505108457e3beb27ELSA-2023-7743ol7_x86_64_latest
libcurl-devel-7.29.0-54.0.3.el7_7.2.i686.rpm336a7877837932ba50063618a7e6689cad9091ab7e199f23505108457e3beb27ELSA-2023-7743ol7_x86_64_u7_patch
libcurl-devel-7.29.0-54.0.3.el7_7.2.x86_64.rpm821bfd388ee092de0ec24b162ac35901a49de216e6b4f6f5817deae310883d18ELSA-2023-7743ol7_x86_64_latest
libcurl-devel-7.29.0-54.0.3.el7_7.2.x86_64.rpm821bfd388ee092de0ec24b162ac35901a49de216e6b4f6f5817deae310883d18ELSA-2023-7743ol7_x86_64_u7_patch



This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

software.hardware.complete
Subscribe | Careers | Contact Us | Legal Notices | Terms of Use | Your Privacy Rights