ELSA-2022-5245

ULN >
Oracle Linux Errata repository >
ELSA-2022-5245

ELSA-2022-5245 - curl security update

Type:	SECURITY
Impact:	MODERATE
Release Date:	2022-06-30

Description

[7.76.1-14.el9_0.4]
- fix too eager reuse of TLS and SSH connections (CVE-2022-27782)

[7.76.1-14.el9_0.3]
- fix leak of SRP credentials in redirects (CVE-2022-27774)

[7.76.1-14.el9_0.2]
- add missing tests to Makefile

[7.76.1-14.el9_0.1]
- fix credential leak on redirect (CVE-2022-27774)
- fix auth/cookie leak on redirect (CVE-2022-27776)
- fix OAUTH2 bearer bypass in connection re-use (CVE-2022-22576)

Related CVEs

Updated Packages

Release/Architecture	Filename	sha256	Superseded By Advisory	Channel Label

Oracle Linux 9 (aarch64)	curl-7.76.1-14.el9_0.4.src.rpm	f3bce45f9d688051e901a7b431fc8a987b940a578cccc4634aa6a42e63af4afa	-	ol9_aarch64_appstream
	curl-7.76.1-14.el9_0.4.src.rpm	f3bce45f9d688051e901a7b431fc8a987b940a578cccc4634aa6a42e63af4afa	-	ol9_aarch64_baseos_latest
	curl-7.76.1-14.el9_0.4.src.rpm	f3bce45f9d688051e901a7b431fc8a987b940a578cccc4634aa6a42e63af4afa	-	ol9_aarch64_u0_baseos_patch
	curl-7.76.1-14.el9_0.4.aarch64.rpm	a140a9370cc10acbacfb4978053b2e20c97b97e57009b5e37ef67dd8c0230d81	-	ol9_aarch64_baseos_latest
	curl-7.76.1-14.el9_0.4.aarch64.rpm	a140a9370cc10acbacfb4978053b2e20c97b97e57009b5e37ef67dd8c0230d81	-	ol9_aarch64_u0_baseos_patch
	curl-minimal-7.76.1-14.el9_0.4.aarch64.rpm	c3921cede48d6e2d67d1802c1a71a05a74f00f40a88779fa9e49c1a414fbce7c	-	ol9_aarch64_baseos_latest
	curl-minimal-7.76.1-14.el9_0.4.aarch64.rpm	c3921cede48d6e2d67d1802c1a71a05a74f00f40a88779fa9e49c1a414fbce7c	-	ol9_aarch64_u0_baseos_patch
	libcurl-7.76.1-14.el9_0.4.aarch64.rpm	4a2a87a7659e98dd6ce58972dfc27fd5aed78145205db5fb436f4c4b736b832f	-	ol9_aarch64_baseos_latest
	libcurl-7.76.1-14.el9_0.4.aarch64.rpm	4a2a87a7659e98dd6ce58972dfc27fd5aed78145205db5fb436f4c4b736b832f	-	ol9_aarch64_u0_baseos_patch
	libcurl-devel-7.76.1-14.el9_0.4.aarch64.rpm	cd3ed5022fa4365107d1d3afcb984e1eb83b58b09668c4eb0db15e6731bf5b79	-	ol9_aarch64_appstream
	libcurl-minimal-7.76.1-14.el9_0.4.aarch64.rpm	ab86d614cc0030a49531a3f9fe6f7b3fc6f4643da1786f892e3f51c18879257e	-	ol9_aarch64_baseos_latest
	libcurl-minimal-7.76.1-14.el9_0.4.aarch64.rpm	ab86d614cc0030a49531a3f9fe6f7b3fc6f4643da1786f892e3f51c18879257e	-	ol9_aarch64_u0_baseos_patch

Oracle Linux 9 (x86_64)	curl-7.76.1-14.el9_0.4.src.rpm	f3bce45f9d688051e901a7b431fc8a987b940a578cccc4634aa6a42e63af4afa	-	ol9_x86_64_appstream
	curl-7.76.1-14.el9_0.4.src.rpm	f3bce45f9d688051e901a7b431fc8a987b940a578cccc4634aa6a42e63af4afa	-	ol9_x86_64_baseos_latest
	curl-7.76.1-14.el9_0.4.src.rpm	f3bce45f9d688051e901a7b431fc8a987b940a578cccc4634aa6a42e63af4afa	-	ol9_x86_64_u0_baseos_patch
	curl-7.76.1-14.el9_0.4.x86_64.rpm	1d1c59f8e64d79e6d02e8ffdcd9533c42f6c2f326672dd08a538fe15d7c4aa84	-	ol9_x86_64_baseos_latest
	curl-7.76.1-14.el9_0.4.x86_64.rpm	1d1c59f8e64d79e6d02e8ffdcd9533c42f6c2f326672dd08a538fe15d7c4aa84	-	ol9_x86_64_u0_baseos_patch
	curl-minimal-7.76.1-14.el9_0.4.x86_64.rpm	00ce4b939a5a9423e746577810d3c2ee56066cb52782aa79d1869e1f28b8531b	-	ol9_x86_64_baseos_latest
	curl-minimal-7.76.1-14.el9_0.4.x86_64.rpm	00ce4b939a5a9423e746577810d3c2ee56066cb52782aa79d1869e1f28b8531b	-	ol9_x86_64_u0_baseos_patch
	libcurl-7.76.1-14.el9_0.4.i686.rpm	a65af126e64adf522766d4459bb4317e2727a4ce5971c3f2c71e7a486144f0c2	-	ol9_x86_64_baseos_latest
	libcurl-7.76.1-14.el9_0.4.i686.rpm	a65af126e64adf522766d4459bb4317e2727a4ce5971c3f2c71e7a486144f0c2	-	ol9_x86_64_u0_baseos_patch
	libcurl-7.76.1-14.el9_0.4.x86_64.rpm	5a42e26610431decb5d36150d1731335edf5b766175e6eeb24251e0a971d43aa	-	ol9_x86_64_baseos_latest
	libcurl-7.76.1-14.el9_0.4.x86_64.rpm	5a42e26610431decb5d36150d1731335edf5b766175e6eeb24251e0a971d43aa	-	ol9_x86_64_u0_baseos_patch
	libcurl-devel-7.76.1-14.el9_0.4.i686.rpm	0c4a2929e6415720c0481ba3a5f00591e2cc9e5f74350e965a03867f0a7a6b9a	-	ol9_x86_64_appstream
	libcurl-devel-7.76.1-14.el9_0.4.x86_64.rpm	f975b36986186f2ab83f0b64d677c05accc19ae72fefc7eacf4e0e00c02ee54f	-	ol9_x86_64_appstream
	libcurl-minimal-7.76.1-14.el9_0.4.i686.rpm	7593653c4df601cd524bf52d59f3d5a88a06a405036c03be410bc291cff33cdb	-	ol9_x86_64_baseos_latest
	libcurl-minimal-7.76.1-14.el9_0.4.i686.rpm	7593653c4df601cd524bf52d59f3d5a88a06a405036c03be410bc291cff33cdb	-	ol9_x86_64_u0_baseos_patch
	libcurl-minimal-7.76.1-14.el9_0.4.x86_64.rpm	c6c154cb71d5d648f2ba9de568782c06faff55d4d40095821af545370e6f3393	-	ol9_x86_64_baseos_latest
	libcurl-minimal-7.76.1-14.el9_0.4.x86_64.rpm	c6c154cb71d5d648f2ba9de568782c06faff55d4d40095821af545370e6f3393	-	ol9_x86_64_u0_baseos_patch

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

Technical information

Oracle Linux Support

Connect

Contact Us

Global contacts
Oracle 1-800-633-0691