ELSA-2020-1792

ULN >
Oracle Linux Errata repository >
ELSA-2020-1792

ELSA-2020-1792 - curl security update

Type:	SECURITY
Severity:	MODERATE
Release Date:	2020-05-05

Description

[7.61.1-12]
- double free due to subsequent call of realloc() (CVE-2019-5481)
- fix heap buffer overflow in function tftp_receive_packet() (CVE-2019-5482)
- fix TFTP receive buffer overflow (CVE-2019-5436)

Related CVEs

CVE-2019-5482

CVE-2019-5436

CVE-2019-5481

Updated Packages

Release/Architecture	Filename	MD5sum	Superseded By Advisory

Oracle Linux 8 (aarch64)	curl-7.61.1-12.el8.src.rpm	17c24f6f737ff04e05667652e4ed44a6	-
	curl-7.61.1-12.el8.aarch64.rpm	23bb616b511cad358fea0ff78de9e33b	-
	libcurl-7.61.1-12.el8.aarch64.rpm	ad06156b9284efd4facde56e88763bd3	-
	libcurl-devel-7.61.1-12.el8.aarch64.rpm	cfb167d795e83ac06f5e93154b312d1d	-
	libcurl-minimal-7.61.1-12.el8.aarch64.rpm	12ce1b213f6733f89fd9661e4e9417d6	-

Oracle Linux 8 (x86_64)	curl-7.61.1-12.el8.src.rpm	17c24f6f737ff04e05667652e4ed44a6	-
	curl-7.61.1-12.el8.x86_64.rpm	45a05117a1fc890002e590d61f176fdf	-
	libcurl-7.61.1-12.el8.i686.rpm	076f6ff649bbb7298f4db13c2a4db3b5	-
	libcurl-7.61.1-12.el8.x86_64.rpm	c80ab580b0622c33d0b784f7756b4962	-
	libcurl-devel-7.61.1-12.el8.i686.rpm	7265199612b493283f02eb17e50a10cc	-
	libcurl-devel-7.61.1-12.el8.x86_64.rpm	43e1c5a9bb600442a2e522e749d85780	-
	libcurl-minimal-7.61.1-12.el8.i686.rpm	6760aa0bc18779af015db876fd2069eb	-
	libcurl-minimal-7.61.1-12.el8.x86_64.rpm	4a75f8eecc19d33fc57f88cbe8202cd3	-

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

Technical information

Oracle Linux Support

Connect

Contact Us

Global contacts
Oracle 1-800-633-0691