ELSA-2017-2016

ULN >
Oracle Linux Errata repository >
ELSA-2017-2016

ELSA-2017-2016 - curl security, bug fix, and enhancement update

Type:	SECURITY
Impact:	MODERATE
Release Date:	2017-08-07

Description

[7.29.0-42]
- fix use of uninitialized variable detected by Covscan

[7.29.0-41]
- make FTPS work with --proxytunnel (#1420327)

[7.29.0-40]
- make FTPS work with --proxytunnel (#1420327)

[7.29.0-39]
- work around race condition in PK11_FindSlotByName() in NSS (#1404815)

[7.29.0-38]
- make FTPS work with --proxytunnel (#1420327)

[7.29.0-37]
- fix tight loop in non-blocking TLS handhsake over proxy (#1388162)
- handle cookies with numerical IPv6 address (#1341503)
- make libcurl recognize chacha20-poly1305 and SHA384 cipher-suites (#1374740)
- curl -E: allow to escape ':' in cert nickname (#1376062)
- run automake in %prep to avoid patching Makefile.in files from now on

[7.29.0-36]
- reject negative string lengths in curl_easy_[un]escape() (CVE-2016-7167)

Related CVEs

CVE-2016-7167

Updated Packages

Release/Architecture	Filename	sha256	Superseded By Advisory	Channel Label

Oracle Linux 7 (aarch64)	curl-7.29.0-42.el7.src.rpm	554cba3504c511a5c4ae992f1fd21dbf32cf0cf7f0557be3cc0e334bb586d402	ELSA-2023-7743	ol7_aarch64_latest
	curl-7.29.0-42.el7.aarch64.rpm	e8555d717e524953ee1a3412c362f63ee54024db3962faff6887a70b20db76f6	ELSA-2023-7743	ol7_aarch64_latest
	libcurl-7.29.0-42.el7.aarch64.rpm	15c5a6065f7e462f56ecad1d0bad6a3b465c786cc1f96e52cace4c9cf3d3c43a	ELSA-2023-7743	ol7_aarch64_latest
	libcurl-devel-7.29.0-42.el7.aarch64.rpm	6912dd7196f70b1be6f3e68513f0923cd68c0f7fc873e7858ea16ff1c044cf99	ELSA-2023-7743	ol7_aarch64_latest

Oracle Linux 7 (x86_64)	curl-7.29.0-42.el7.src.rpm	554cba3504c511a5c4ae992f1fd21dbf32cf0cf7f0557be3cc0e334bb586d402	ELSA-2023-7743	ol7_x86_64_latest_archive
	curl-7.29.0-42.el7.src.rpm	554cba3504c511a5c4ae992f1fd21dbf32cf0cf7f0557be3cc0e334bb586d402	ELSA-2023-7743	ol7_x86_64_u4_base
	curl-7.29.0-42.el7.x86_64.rpm	263e0f52fa0b7ba25b4f7fb017272f5620116145bd7f9cc9674e12a04beec83c	ELSA-2023-7743	ol7_x86_64_latest_archive
	curl-7.29.0-42.el7.x86_64.rpm	263e0f52fa0b7ba25b4f7fb017272f5620116145bd7f9cc9674e12a04beec83c	ELSA-2023-7743	ol7_x86_64_u4_base
	libcurl-7.29.0-42.el7.i686.rpm	569144e68f6b63addf8284d7f6e8a65db87c83a9cb7b9aa3bd8e3aebcd613ff3	ELSA-2023-7743	ol7_x86_64_latest_archive
	libcurl-7.29.0-42.el7.i686.rpm	569144e68f6b63addf8284d7f6e8a65db87c83a9cb7b9aa3bd8e3aebcd613ff3	ELSA-2023-7743	ol7_x86_64_u4_base
	libcurl-7.29.0-42.el7.x86_64.rpm	acdd751ea0bc91955692c5084d6c2bd73a3d493e1e4b9e5863e1a630320310df	ELSA-2023-7743	ol7_x86_64_latest_archive
	libcurl-7.29.0-42.el7.x86_64.rpm	acdd751ea0bc91955692c5084d6c2bd73a3d493e1e4b9e5863e1a630320310df	ELSA-2023-7743	ol7_x86_64_u4_base
	libcurl-devel-7.29.0-42.el7.i686.rpm	728a33b73772be1be7c3fc17c6e36e80cd5bc7b829ffe7de9d38857d31d48e08	ELSA-2023-7743	ol7_x86_64_latest_archive
	libcurl-devel-7.29.0-42.el7.i686.rpm	728a33b73772be1be7c3fc17c6e36e80cd5bc7b829ffe7de9d38857d31d48e08	ELSA-2023-7743	ol7_x86_64_u4_base
	libcurl-devel-7.29.0-42.el7.x86_64.rpm	1e55f828297e839d16665c11b32cbe75d2dfe405cd63a1f150367b384ad6a0de	ELSA-2023-7743	ol7_x86_64_latest_archive
	libcurl-devel-7.29.0-42.el7.x86_64.rpm	1e55f828297e839d16665c11b32cbe75d2dfe405cd63a1f150367b384ad6a0de	ELSA-2023-7743	ol7_x86_64_u4_base

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

Technical information

Oracle Linux Support

Connect

Contact Us

Global contacts
Oracle 1-800-633-0691