ELBA-2020-3348
- ULN >
- Oracle Linux Errata repository >
- ELBA-2020-3348
ELBA-2020-3348 - curl bug fix and enhancement update
| Type: | BUG |
| Impact: | NA |
| Release Date: | 2020-08-08 |
Description
[7.29.0-57.0.1.el7_8.1]
- Fix TFTP small blocksize heap buffer overflow (https://curl.haxx.se/docs/CVE-2019-5482.html)[CVE-2019-5482][Orabug: 30568724]
- Security Fixes [OraBug: 28939992]
- CVE-2016-8615 cookie injection for other servers (https://curl.haxx.se/docs/CVE-2016-8615.html)
- CVE-2016-8616 case insensitive password comparison (https://curl.haxx.se/docs/CVE-2016-8616.html)
- CVE-2016-8617 OOB write via unchecked multiplication (https://curl.haxx.se/docs/CVE-2016-8617.html)
- CVE-2016-8618 double-free in curl_maprintf (https://curl.haxx.se/docs/CVE-2016-8618.html)
- CVE-2016-8619 double-free in krb5 code (https://curl.haxx.se/docs/CVE-2016-8619.html)
- CVE-2016-8621 curl_getdate read out of bounds (https://curl.haxx.se/docs/CVE-2016-8621.html)
- CVE-2016-8622 URL unescape heap overflow via integer truncation (https://curl.haxx.se/docs/CVE-2016-8622.html)
- CVE-2016-8623 Use-after-free via shared cookies (https://curl.haxx.se/docs/CVE-2016-8623.html)
- CVE-2016-8624 invalid URL parsing with # (https://curl.haxx.se/docs/CVE-2016-8624.html)
[7.29.0-57.el7_8.1]
- http: free protocol-specific struct in setup_connection callback (#1836773)
Updated Packages
| Release/Architecture | Filename | sha256 | Superseded By Advisory | Channel Label |
| Oracle Linux 7 (aarch64) | curl-7.29.0-57.0.1.el7_8.1.src.rpm | 99e53957cc64ec371099e2aa289984f938671519759d999c64f8c9b1734b7d22 | ELSA-2023-7743 | ol7_aarch64_latest |
| curl-7.29.0-57.0.1.el7_8.1.aarch64.rpm | f79c085cff83e677908aa59c7b3188d55f64794a6bec469d7d3192a514cbc897 | ELSA-2023-7743 | ol7_aarch64_latest | |
| libcurl-7.29.0-57.0.1.el7_8.1.aarch64.rpm | d9609bf6278a12e9c65cfb75d60fc378dd2601f8a4a24d5e7469a17fe83ef575 | ELSA-2023-7743 | ol7_aarch64_latest | |
| libcurl-devel-7.29.0-57.0.1.el7_8.1.aarch64.rpm | a7aa2f3e29876c162821557b8cd3fe0efc865e5097c5bea82ac1de36e6a83893 | ELSA-2023-7743 | ol7_aarch64_latest | |
| Oracle Linux 7 (x86_64) | curl-7.29.0-57.0.1.el7_8.1.src.rpm | 99e53957cc64ec371099e2aa289984f938671519759d999c64f8c9b1734b7d22 | ELSA-2023-7743 | ol7_x86_64_latest |
| curl-7.29.0-57.0.1.el7_8.1.src.rpm | 99e53957cc64ec371099e2aa289984f938671519759d999c64f8c9b1734b7d22 | ELSA-2023-7743 | ol7_x86_64_u8_patch | |
| curl-7.29.0-57.0.1.el7_8.1.x86_64.rpm | e6829fb2fc675cb38c44bf53634deb890132e88e03c694b81e4faef6bd4ad5a3 | ELSA-2023-7743 | exadata_dbserver_19.2.18.0.0_x86_64_base | |
| curl-7.29.0-57.0.1.el7_8.1.x86_64.rpm | e6829fb2fc675cb38c44bf53634deb890132e88e03c694b81e4faef6bd4ad5a3 | ELSA-2023-7743 | exadata_dbserver_19.3.12.0.0_x86_64_base | |
| curl-7.29.0-57.0.1.el7_8.1.x86_64.rpm | e6829fb2fc675cb38c44bf53634deb890132e88e03c694b81e4faef6bd4ad5a3 | ELSA-2023-7743 | exadata_dbserver_20.1.2.0.0_x86_64_base | |
| curl-7.29.0-57.0.1.el7_8.1.x86_64.rpm | e6829fb2fc675cb38c44bf53634deb890132e88e03c694b81e4faef6bd4ad5a3 | ELSA-2023-7743 | ol7_x86_64_latest | |
| curl-7.29.0-57.0.1.el7_8.1.x86_64.rpm | e6829fb2fc675cb38c44bf53634deb890132e88e03c694b81e4faef6bd4ad5a3 | ELSA-2023-7743 | ol7_x86_64_u8_patch | |
| libcurl-7.29.0-57.0.1.el7_8.1.i686.rpm | 06246770e39cb55fd5408430ea483019e0c6672e44bc4b428adfa1ed5f1a921c | ELSA-2023-7743 | ol7_x86_64_latest | |
| libcurl-7.29.0-57.0.1.el7_8.1.i686.rpm | 06246770e39cb55fd5408430ea483019e0c6672e44bc4b428adfa1ed5f1a921c | ELSA-2023-7743 | ol7_x86_64_u8_patch | |
| libcurl-7.29.0-57.0.1.el7_8.1.x86_64.rpm | 091a15f66a6a777ec1ea3f68faf05d6c1fd95267c8776e636a033c4fb272c01b | ELSA-2023-7743 | exadata_dbserver_19.2.18.0.0_x86_64_base | |
| libcurl-7.29.0-57.0.1.el7_8.1.x86_64.rpm | 091a15f66a6a777ec1ea3f68faf05d6c1fd95267c8776e636a033c4fb272c01b | ELSA-2023-7743 | exadata_dbserver_19.3.12.0.0_x86_64_base | |
| libcurl-7.29.0-57.0.1.el7_8.1.x86_64.rpm | 091a15f66a6a777ec1ea3f68faf05d6c1fd95267c8776e636a033c4fb272c01b | ELSA-2023-7743 | exadata_dbserver_20.1.2.0.0_x86_64_base | |
| libcurl-7.29.0-57.0.1.el7_8.1.x86_64.rpm | 091a15f66a6a777ec1ea3f68faf05d6c1fd95267c8776e636a033c4fb272c01b | ELSA-2023-7743 | ol7_x86_64_latest | |
| libcurl-7.29.0-57.0.1.el7_8.1.x86_64.rpm | 091a15f66a6a777ec1ea3f68faf05d6c1fd95267c8776e636a033c4fb272c01b | ELSA-2023-7743 | ol7_x86_64_u8_patch | |
| libcurl-devel-7.29.0-57.0.1.el7_8.1.i686.rpm | 6969fba578fceb13d0be63a921355728a188fb77b418f06a04e3cef1c9cc7b6c | ELSA-2023-7743 | ol7_x86_64_latest | |
| libcurl-devel-7.29.0-57.0.1.el7_8.1.i686.rpm | 6969fba578fceb13d0be63a921355728a188fb77b418f06a04e3cef1c9cc7b6c | ELSA-2023-7743 | ol7_x86_64_u8_patch | |
| libcurl-devel-7.29.0-57.0.1.el7_8.1.x86_64.rpm | 1a608f7339bf483840595f436dfe3d49588442afc79cafc54626809236f7a142 | ELSA-2023-7743 | ol7_x86_64_latest | |
| libcurl-devel-7.29.0-57.0.1.el7_8.1.x86_64.rpm | 1a608f7339bf483840595f436dfe3d49588442afc79cafc54626809236f7a142 | ELSA-2023-7743 | ol7_x86_64_u8_patch | |
This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team
