ELSA-2019-4652

ULN >
Oracle Linux Errata repository >
ELSA-2019-4652

ELSA-2019-4652 - curl security update

Type:	SECURITY
Severity:	IMPORTANT
Release Date:	2019-05-21

Description

[7.29.0-51.0.1]
- Security Fixes [OraBug: 28939992]
- CVE-2016-8615 cookie injection for other servers (https://curl.haxx.se/docs/CVE-2016-8615.html)
- CVE-2016-8616 case insensitive password comparison (https://curl.haxx.se/docs/CVE-2016-8616.html)
- CVE-2016-8617 OOB write via unchecked multiplication (https://curl.haxx.se/docs/CVE-2016-8617.html)
- CVE-2016-8618 double-free in curl_maprintf (https://curl.haxx.se/docs/CVE-2016-8618.html)
- CVE-2016-8619 double-free in krb5 code (https://curl.haxx.se/docs/CVE-2016-8619.html)
- CVE-2016-8621 curl_getdate read out of bounds (https://curl.haxx.se/docs/CVE-2016-8621.html)
- CVE-2016-8622 URL unescape heap overflow via integer truncation (https://curl.haxx.se/docs/CVE-2016-8622.html)
- CVE-2016-8623 Use-after-free via shared cookies (https://curl.haxx.se/docs/CVE-2016-8623.html)
- CVE-2016-8624 invalid URL parsing with # (https://curl.haxx.se/docs/CVE-2016-8624.html)

Related CVEs

Updated Packages

Release/Architecture	Filename	MD5sum	Superseded By Advisory

Oracle Linux 6 (i386)	curl-7.19.7-53.0.2.el6_9.src.rpm	4f15b3993538b9956415c8e473b28ee7	ELSA-2020-5561
	curl-7.19.7-53.0.2.el6_9.i686.rpm	0c61b6b0803880f9c50cc2162bdb5b58	ELSA-2020-5561
	libcurl-7.19.7-53.0.2.el6_9.i686.rpm	90a9110ae565c1e87daca25058e911be	ELSA-2020-5561
	libcurl-devel-7.19.7-53.0.2.el6_9.i686.rpm	85d0f12aaf9b500ce20203b7a60d52d7	ELSA-2020-5561

Oracle Linux 6 (x86_64)	curl-7.19.7-53.0.2.el6_9.src.rpm	4f15b3993538b9956415c8e473b28ee7	ELSA-2020-5561
	curl-7.19.7-53.0.2.el6_9.x86_64.rpm	95d0fa42e05fb6a739082d45c60b9038	ELSA-2020-5561
	libcurl-7.19.7-53.0.2.el6_9.i686.rpm	90a9110ae565c1e87daca25058e911be	ELSA-2020-5561
	libcurl-7.19.7-53.0.2.el6_9.x86_64.rpm	e5b534005a0307f26308cb43adf02604	ELSA-2020-5561
	libcurl-devel-7.19.7-53.0.2.el6_9.i686.rpm	85d0f12aaf9b500ce20203b7a60d52d7	ELSA-2020-5561
	libcurl-devel-7.19.7-53.0.2.el6_9.x86_64.rpm	4b24ee5d6b00fc9da32c57f724c6a1ab	ELSA-2020-5561

Oracle Linux 7 (x86_64)	curl-7.29.0-51.0.1.el7.src.rpm	35d707956f7bc6a0970392677385a6bf	ELBA-2021-9230
	curl-7.29.0-51.0.1.el7.x86_64.rpm	4eb0432675069573c782e86737a635f1	ELBA-2021-9230
	libcurl-7.29.0-51.0.1.el7.i686.rpm	85ccb93099e84177b308831bf1f6ed53	ELBA-2021-9230
	libcurl-7.29.0-51.0.1.el7.x86_64.rpm	7a01b263aa4bbdec56ade8fd74d0f60d	ELBA-2021-9230
	libcurl-devel-7.29.0-51.0.1.el7.i686.rpm	c79ff5160f67efd086b528060e274187	ELBA-2021-9230
	libcurl-devel-7.29.0-51.0.1.el7.x86_64.rpm	409837292d3c6132c9d511ae57bbbdd0	ELBA-2021-9230

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

Technical information

Oracle Linux Support

Connect

Contact Us

Global contacts
Oracle 1-800-633-0691