ELSA-2023-5763

ULN >
Oracle Linux Errata repository >
ELSA-2023-5763

ELSA-2023-5763 - curl security update

Type:	SECURITY
Impact:	IMPORTANT
Release Date:	2023-10-18

Description

[7.76.1-23.el9_2.4]
- curl: a heap-based buffer overflow in the SOCKS5 proxy handshake (CVE-2023-38545)
- curl: cookie injection with none file (CVE-2023-38546)

Related CVEs

CVE-2023-38546

CVE-2023-38545

Updated Packages

Release/Architecture	Filename	sha256	Superseded By Advisory	Channel Label

Oracle Linux 9 (aarch64)	curl-7.76.1-23.el9_2.4.src.rpm	5683ee7271abae812b402d3ddef17d6f335b7f8890fcdbe0ea4e1b7862c9ba6d	-	ol9_aarch64_appstream
	curl-7.76.1-23.el9_2.4.src.rpm	5683ee7271abae812b402d3ddef17d6f335b7f8890fcdbe0ea4e1b7862c9ba6d	-	ol9_aarch64_baseos_latest
	curl-7.76.1-23.el9_2.4.src.rpm	5683ee7271abae812b402d3ddef17d6f335b7f8890fcdbe0ea4e1b7862c9ba6d	-	ol9_aarch64_u2_baseos_patch
	curl-7.76.1-23.el9_2.4.aarch64.rpm	9c1f326e379a20b593d3eaf8b112adbaa50e92563e11241d878bb8d806acb899	-	ol9_aarch64_baseos_latest
	curl-7.76.1-23.el9_2.4.aarch64.rpm	9c1f326e379a20b593d3eaf8b112adbaa50e92563e11241d878bb8d806acb899	-	ol9_aarch64_u2_baseos_patch
	curl-minimal-7.76.1-23.el9_2.4.aarch64.rpm	db4e341533c3d6c7c70fa8325115c069d180fb10430c2e2fbd05eca031519562	-	ol9_aarch64_baseos_latest
	curl-minimal-7.76.1-23.el9_2.4.aarch64.rpm	db4e341533c3d6c7c70fa8325115c069d180fb10430c2e2fbd05eca031519562	-	ol9_aarch64_u2_baseos_patch
	libcurl-7.76.1-23.el9_2.4.aarch64.rpm	30267513a95595cfbb927684bae475d22c75db73eb62e80a06c398a8f921d76f	-	ol9_aarch64_baseos_latest
	libcurl-7.76.1-23.el9_2.4.aarch64.rpm	30267513a95595cfbb927684bae475d22c75db73eb62e80a06c398a8f921d76f	-	ol9_aarch64_u2_baseos_patch
	libcurl-devel-7.76.1-23.el9_2.4.aarch64.rpm	740cb119021014b548d70d77fafbeb1aefc2334dc551460eb3d17628fce4a355	-	ol9_aarch64_appstream
	libcurl-minimal-7.76.1-23.el9_2.4.aarch64.rpm	a0080590eae73fa0f123367d32600ef04082fdd92bdd4207d9fa350dbabf9a53	-	ol9_aarch64_baseos_latest
	libcurl-minimal-7.76.1-23.el9_2.4.aarch64.rpm	a0080590eae73fa0f123367d32600ef04082fdd92bdd4207d9fa350dbabf9a53	-	ol9_aarch64_u2_baseos_patch

Oracle Linux 9 (x86_64)	curl-7.76.1-23.el9_2.4.src.rpm	5683ee7271abae812b402d3ddef17d6f335b7f8890fcdbe0ea4e1b7862c9ba6d	-	ol9_x86_64_appstream
	curl-7.76.1-23.el9_2.4.src.rpm	5683ee7271abae812b402d3ddef17d6f335b7f8890fcdbe0ea4e1b7862c9ba6d	-	ol9_x86_64_baseos_latest
	curl-7.76.1-23.el9_2.4.src.rpm	5683ee7271abae812b402d3ddef17d6f335b7f8890fcdbe0ea4e1b7862c9ba6d	-	ol9_x86_64_u2_baseos_patch
	curl-7.76.1-23.el9_2.4.x86_64.rpm	6d13989e7e7157cc90d2f10cb0c3c0a6e92db6eee3e7923cea26f4fced6e1c8a	-	ol9_x86_64_baseos_latest
	curl-7.76.1-23.el9_2.4.x86_64.rpm	6d13989e7e7157cc90d2f10cb0c3c0a6e92db6eee3e7923cea26f4fced6e1c8a	-	ol9_x86_64_u2_baseos_patch
	curl-minimal-7.76.1-23.el9_2.4.x86_64.rpm	7d0ca492ace9d5104d9c939191b236489dcafc6d4ef3d0ea759241b6c976fd25	-	ol9_x86_64_baseos_latest
	curl-minimal-7.76.1-23.el9_2.4.x86_64.rpm	7d0ca492ace9d5104d9c939191b236489dcafc6d4ef3d0ea759241b6c976fd25	-	ol9_x86_64_u2_baseos_patch
	libcurl-7.76.1-23.el9_2.4.i686.rpm	4ecd4d8f1878639d5b555fe3d5fec076f803ca5d9feaaea8cb6a44a3647cfa79	-	ol9_x86_64_baseos_latest
	libcurl-7.76.1-23.el9_2.4.i686.rpm	4ecd4d8f1878639d5b555fe3d5fec076f803ca5d9feaaea8cb6a44a3647cfa79	-	ol9_x86_64_u2_baseos_patch
	libcurl-7.76.1-23.el9_2.4.x86_64.rpm	08242d775e0ca64780a231198be4a6dd22d62137c88f3ee857b8bf33aec390fd	-	ol9_x86_64_baseos_latest
	libcurl-7.76.1-23.el9_2.4.x86_64.rpm	08242d775e0ca64780a231198be4a6dd22d62137c88f3ee857b8bf33aec390fd	-	ol9_x86_64_u2_baseos_patch
	libcurl-devel-7.76.1-23.el9_2.4.i686.rpm	eb01d8f7febc45d4359ae42d3ee84b8a5a32999ccb315ad5baa4bc21e4b13970	-	ol9_x86_64_appstream
	libcurl-devel-7.76.1-23.el9_2.4.x86_64.rpm	1ac19b2112bf3b6358ea9ed38ed5857ade0806e31d0b940b04529861d3f3de53	-	ol9_x86_64_appstream
	libcurl-minimal-7.76.1-23.el9_2.4.i686.rpm	7098e5e1a5f69987fa4c9deb01546e66b50b26c496e4e6ff6a0b8ec370611982	-	ol9_x86_64_baseos_latest
	libcurl-minimal-7.76.1-23.el9_2.4.i686.rpm	7098e5e1a5f69987fa4c9deb01546e66b50b26c496e4e6ff6a0b8ec370611982	-	ol9_x86_64_u2_baseos_patch
	libcurl-minimal-7.76.1-23.el9_2.4.x86_64.rpm	8ed9b595485867a991a83e5c80d8e43f857ee878f5abe75aefed0610580cf3f5	-	ol9_x86_64_baseos_latest
	libcurl-minimal-7.76.1-23.el9_2.4.x86_64.rpm	8ed9b595485867a991a83e5c80d8e43f857ee878f5abe75aefed0610580cf3f5	-	ol9_x86_64_u2_baseos_patch

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

Technical information

Oracle Linux Support

Connect

Contact Us

Global contacts
Oracle 1-800-633-0691