ELSA-2019-4652

ULN >
Oracle Linux Errata repository >
ELSA-2019-4652

ELSA-2019-4652 - curl security update

Type:	SECURITY
Impact:	IMPORTANT
Release Date:	2019-05-21

Description

[7.29.0-51.0.1]
- Security Fixes [OraBug: 28939992]
- CVE-2016-8615 cookie injection for other servers (https://curl.haxx.se/docs/CVE-2016-8615.html)
- CVE-2016-8616 case insensitive password comparison (https://curl.haxx.se/docs/CVE-2016-8616.html)
- CVE-2016-8617 OOB write via unchecked multiplication (https://curl.haxx.se/docs/CVE-2016-8617.html)
- CVE-2016-8618 double-free in curl_maprintf (https://curl.haxx.se/docs/CVE-2016-8618.html)
- CVE-2016-8619 double-free in krb5 code (https://curl.haxx.se/docs/CVE-2016-8619.html)
- CVE-2016-8621 curl_getdate read out of bounds (https://curl.haxx.se/docs/CVE-2016-8621.html)
- CVE-2016-8622 URL unescape heap overflow via integer truncation (https://curl.haxx.se/docs/CVE-2016-8622.html)
- CVE-2016-8623 Use-after-free via shared cookies (https://curl.haxx.se/docs/CVE-2016-8623.html)
- CVE-2016-8624 invalid URL parsing with # (https://curl.haxx.se/docs/CVE-2016-8624.html)

Related CVEs

Updated Packages

Release/Architecture	Filename	sha256	Superseded By Advisory	Channel Label

Oracle Linux 6 (i386)	curl-7.19.7-53.0.2.el6_9.src.rpm	313795d9e5b5facd8f8cf0d8696e429a866b60342b33608a1f7f8e0cf004954d	ELSA-2020-5561	ol6_i386_latest
	curl-7.19.7-53.0.2.el6_9.src.rpm	313795d9e5b5facd8f8cf0d8696e429a866b60342b33608a1f7f8e0cf004954d	ELSA-2020-5561	ol6_u10_i386_patch
	curl-7.19.7-53.0.2.el6_9.i686.rpm	47b5dba04b9c18efc43d82244a3c89bb7bd74a5d4abad5b8674e854fbc578e49	ELSA-2020-5561	ol6_i386_latest
	curl-7.19.7-53.0.2.el6_9.i686.rpm	47b5dba04b9c18efc43d82244a3c89bb7bd74a5d4abad5b8674e854fbc578e49	ELSA-2020-5561	ol6_u10_i386_patch
	libcurl-7.19.7-53.0.2.el6_9.i686.rpm	5ccdd1d447bd1418aeff56cc378915e8f187777d81ac946ad46757caa023df85	ELSA-2020-5561	ol6_i386_latest
	libcurl-7.19.7-53.0.2.el6_9.i686.rpm	5ccdd1d447bd1418aeff56cc378915e8f187777d81ac946ad46757caa023df85	ELSA-2020-5561	ol6_u10_i386_patch
	libcurl-devel-7.19.7-53.0.2.el6_9.i686.rpm	ff12f3c43a0d56083caeb965a458a9282d6ef4d369433cafee8e34e68e097eea	ELSA-2020-5561	ol6_i386_latest
	libcurl-devel-7.19.7-53.0.2.el6_9.i686.rpm	ff12f3c43a0d56083caeb965a458a9282d6ef4d369433cafee8e34e68e097eea	ELSA-2020-5561	ol6_u10_i386_patch

Oracle Linux 6 (x86_64)	curl-7.19.7-53.0.2.el6_9.src.rpm	313795d9e5b5facd8f8cf0d8696e429a866b60342b33608a1f7f8e0cf004954d	ELSA-2020-5561	ol6_u10_x86_64_patch
	curl-7.19.7-53.0.2.el6_9.src.rpm	313795d9e5b5facd8f8cf0d8696e429a866b60342b33608a1f7f8e0cf004954d	ELSA-2020-5561	ol6_x86_64_latest
	curl-7.19.7-53.0.2.el6_9.x86_64.rpm	a0617dd1d56512c7f7f0f18e02ef5dc28e114bf93706c8bc42cdf3d36bbebb1a	ELSA-2020-5561	exadata_dbserver_18.1.17.0.0_x86_64_base
	curl-7.19.7-53.0.2.el6_9.x86_64.rpm	a0617dd1d56512c7f7f0f18e02ef5dc28e114bf93706c8bc42cdf3d36bbebb1a	ELSA-2020-5561	exadata_dbserver_18.1.18.0.0_x86_64_base
	curl-7.19.7-53.0.2.el6_9.x86_64.rpm	a0617dd1d56512c7f7f0f18e02ef5dc28e114bf93706c8bc42cdf3d36bbebb1a	ELSA-2020-5561	exadata_dbserver_18.1.19.0.0_x86_64_base
	curl-7.19.7-53.0.2.el6_9.x86_64.rpm	a0617dd1d56512c7f7f0f18e02ef5dc28e114bf93706c8bc42cdf3d36bbebb1a	ELSA-2020-5561	exadata_dbserver_18.1.20.0.0_x86_64_base
	curl-7.19.7-53.0.2.el6_9.x86_64.rpm	a0617dd1d56512c7f7f0f18e02ef5dc28e114bf93706c8bc42cdf3d36bbebb1a	ELSA-2020-5561	exadata_dbserver_18.1.21.0.0_x86_64_base
	curl-7.19.7-53.0.2.el6_9.x86_64.rpm	a0617dd1d56512c7f7f0f18e02ef5dc28e114bf93706c8bc42cdf3d36bbebb1a	ELSA-2020-5561	exadata_dbserver_18.1.22.0.0_x86_64_base
	curl-7.19.7-53.0.2.el6_9.x86_64.rpm	a0617dd1d56512c7f7f0f18e02ef5dc28e114bf93706c8bc42cdf3d36bbebb1a	ELSA-2020-5561	exadata_dbserver_18.1.23.0.0_x86_64_base
	curl-7.19.7-53.0.2.el6_9.x86_64.rpm	a0617dd1d56512c7f7f0f18e02ef5dc28e114bf93706c8bc42cdf3d36bbebb1a	ELSA-2020-5561	ol6_u10_x86_64_patch
	curl-7.19.7-53.0.2.el6_9.x86_64.rpm	a0617dd1d56512c7f7f0f18e02ef5dc28e114bf93706c8bc42cdf3d36bbebb1a	ELSA-2020-5561	ol6_x86_64_latest
	libcurl-7.19.7-53.0.2.el6_9.i686.rpm	5ccdd1d447bd1418aeff56cc378915e8f187777d81ac946ad46757caa023df85	ELSA-2020-5561	ol6_u10_x86_64_patch
	libcurl-7.19.7-53.0.2.el6_9.i686.rpm	5ccdd1d447bd1418aeff56cc378915e8f187777d81ac946ad46757caa023df85	ELSA-2020-5561	ol6_x86_64_latest
	libcurl-7.19.7-53.0.2.el6_9.x86_64.rpm	e0326587884c740551f27cfc456c51bced834539e4f0f097ca156746548dd5c0	ELSA-2020-5561	exadata_dbserver_18.1.17.0.0_x86_64_base
	libcurl-7.19.7-53.0.2.el6_9.x86_64.rpm	e0326587884c740551f27cfc456c51bced834539e4f0f097ca156746548dd5c0	ELSA-2020-5561	exadata_dbserver_18.1.18.0.0_x86_64_base
	libcurl-7.19.7-53.0.2.el6_9.x86_64.rpm	e0326587884c740551f27cfc456c51bced834539e4f0f097ca156746548dd5c0	ELSA-2020-5561	exadata_dbserver_18.1.19.0.0_x86_64_base
	libcurl-7.19.7-53.0.2.el6_9.x86_64.rpm	e0326587884c740551f27cfc456c51bced834539e4f0f097ca156746548dd5c0	ELSA-2020-5561	exadata_dbserver_18.1.20.0.0_x86_64_base
	libcurl-7.19.7-53.0.2.el6_9.x86_64.rpm	e0326587884c740551f27cfc456c51bced834539e4f0f097ca156746548dd5c0	ELSA-2020-5561	exadata_dbserver_18.1.21.0.0_x86_64_base
	libcurl-7.19.7-53.0.2.el6_9.x86_64.rpm	e0326587884c740551f27cfc456c51bced834539e4f0f097ca156746548dd5c0	ELSA-2020-5561	exadata_dbserver_18.1.22.0.0_x86_64_base
	libcurl-7.19.7-53.0.2.el6_9.x86_64.rpm	e0326587884c740551f27cfc456c51bced834539e4f0f097ca156746548dd5c0	ELSA-2020-5561	exadata_dbserver_18.1.23.0.0_x86_64_base
	libcurl-7.19.7-53.0.2.el6_9.x86_64.rpm	e0326587884c740551f27cfc456c51bced834539e4f0f097ca156746548dd5c0	ELSA-2020-5561	ol6_u10_x86_64_patch
	libcurl-7.19.7-53.0.2.el6_9.x86_64.rpm	e0326587884c740551f27cfc456c51bced834539e4f0f097ca156746548dd5c0	ELSA-2020-5561	ol6_x86_64_latest
	libcurl-devel-7.19.7-53.0.2.el6_9.i686.rpm	ff12f3c43a0d56083caeb965a458a9282d6ef4d369433cafee8e34e68e097eea	ELSA-2020-5561	ol6_u10_x86_64_patch
	libcurl-devel-7.19.7-53.0.2.el6_9.i686.rpm	ff12f3c43a0d56083caeb965a458a9282d6ef4d369433cafee8e34e68e097eea	ELSA-2020-5561	ol6_x86_64_latest
	libcurl-devel-7.19.7-53.0.2.el6_9.x86_64.rpm	d8bcb4b162251d339f3b6e9bd2c53ed0cf363764f574f0c91ace45fbce37ba3b	ELSA-2020-5561	ol6_u10_x86_64_patch
	libcurl-devel-7.19.7-53.0.2.el6_9.x86_64.rpm	d8bcb4b162251d339f3b6e9bd2c53ed0cf363764f574f0c91ace45fbce37ba3b	ELSA-2020-5561	ol6_x86_64_latest

Oracle Linux 7 (x86_64)	curl-7.29.0-51.0.1.el7.src.rpm	d4b2fe5a96e29609430cc380177be0165f448c36331268673cc29f0044ef6b9a	ELSA-2023-7743	ol7_x86_64_latest
	curl-7.29.0-51.0.1.el7.src.rpm	d4b2fe5a96e29609430cc380177be0165f448c36331268673cc29f0044ef6b9a	ELSA-2023-7743	ol7_x86_64_u6_patch
	curl-7.29.0-51.0.1.el7.x86_64.rpm	b6e854b83d240b7d8a7e0c5da9837da34421aeaee5a4ff616aea997f592a9870	ELSA-2023-7743	exadata_dbserver_19.2.3.0.0_x86_64_base
	curl-7.29.0-51.0.1.el7.x86_64.rpm	b6e854b83d240b7d8a7e0c5da9837da34421aeaee5a4ff616aea997f592a9870	ELSA-2023-7743	exadata_dbserver_19.2.4.0.0_x86_64_base
	curl-7.29.0-51.0.1.el7.x86_64.rpm	b6e854b83d240b7d8a7e0c5da9837da34421aeaee5a4ff616aea997f592a9870	ELSA-2023-7743	ol7_x86_64_latest
	curl-7.29.0-51.0.1.el7.x86_64.rpm	b6e854b83d240b7d8a7e0c5da9837da34421aeaee5a4ff616aea997f592a9870	ELSA-2023-7743	ol7_x86_64_u6_patch
	libcurl-7.29.0-51.0.1.el7.i686.rpm	c355639c16355b4c8e3e06a40cca8600f23f98f6a3fbf95581980b7f137a24ff	ELSA-2023-7743	ol7_x86_64_latest
	libcurl-7.29.0-51.0.1.el7.i686.rpm	c355639c16355b4c8e3e06a40cca8600f23f98f6a3fbf95581980b7f137a24ff	ELSA-2023-7743	ol7_x86_64_u6_patch
	libcurl-7.29.0-51.0.1.el7.x86_64.rpm	6f8fc3016651e4b43d82dd3c56a674b79b3058c148592a798afa4b378292f9a4	ELSA-2023-7743	exadata_dbserver_19.2.3.0.0_x86_64_base
	libcurl-7.29.0-51.0.1.el7.x86_64.rpm	6f8fc3016651e4b43d82dd3c56a674b79b3058c148592a798afa4b378292f9a4	ELSA-2023-7743	exadata_dbserver_19.2.4.0.0_x86_64_base
	libcurl-7.29.0-51.0.1.el7.x86_64.rpm	6f8fc3016651e4b43d82dd3c56a674b79b3058c148592a798afa4b378292f9a4	ELSA-2023-7743	ol7_x86_64_latest
	libcurl-7.29.0-51.0.1.el7.x86_64.rpm	6f8fc3016651e4b43d82dd3c56a674b79b3058c148592a798afa4b378292f9a4	ELSA-2023-7743	ol7_x86_64_u6_patch
	libcurl-devel-7.29.0-51.0.1.el7.i686.rpm	210be79498bd64f6037899853f72de2c4bd454ea6b04180f5e20452d7485acb1	ELSA-2023-7743	ol7_x86_64_latest
	libcurl-devel-7.29.0-51.0.1.el7.i686.rpm	210be79498bd64f6037899853f72de2c4bd454ea6b04180f5e20452d7485acb1	ELSA-2023-7743	ol7_x86_64_u6_patch
	libcurl-devel-7.29.0-51.0.1.el7.x86_64.rpm	6cdb2b35db894a79d5c6ab24358b97bd21162ab2de3c00e9c8ffbef820cdddfc	ELSA-2023-7743	ol7_x86_64_latest
	libcurl-devel-7.29.0-51.0.1.el7.x86_64.rpm	6cdb2b35db894a79d5c6ab24358b97bd21162ab2de3c00e9c8ffbef820cdddfc	ELSA-2023-7743	ol7_x86_64_u6_patch

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

Technical information

Oracle Linux Support

Connect

Contact Us

Global contacts
Oracle 1-800-633-0691