Stay Connected:

ELSA-2020-1792

ELSA-2020-1792 - curl security update

Type:SECURITY
Impact:MODERATE
Release Date:2020-05-05

Description


[7.61.1-12]
- double free due to subsequent call of realloc() (CVE-2019-5481)
- fix heap buffer overflow in function tftp_receive_packet() (CVE-2019-5482)
- fix TFTP receive buffer overflow (CVE-2019-5436)


Related CVEs


CVE-2019-5436
CVE-2019-5482
CVE-2019-5481

Updated Packages


Release/ArchitectureFilenamesha256Superseded By AdvisoryChannel Label
Oracle Linux 8 (aarch64) curl-7.61.1-12.el8.src.rpm4142afd93973752bf97f31189b23243a116fd14448eaf8f63190138865b5f8ff-ol8_aarch64_baseos_latest
curl-7.61.1-12.el8.src.rpm4142afd93973752bf97f31189b23243a116fd14448eaf8f63190138865b5f8ff-ol8_aarch64_u2_baseos_base
curl-7.61.1-12.el8.aarch64.rpm165e253da16f826e57e547a1385a7edb9acadb1f279950952824dfa69a5299cf-ol8_aarch64_baseos_latest
curl-7.61.1-12.el8.aarch64.rpm165e253da16f826e57e547a1385a7edb9acadb1f279950952824dfa69a5299cf-ol8_aarch64_u2_baseos_base
libcurl-7.61.1-12.el8.aarch64.rpm821dc024386f2a955befcd86782812c2a6c4288b64675150a06799978ac17823-ol8_aarch64_baseos_latest
libcurl-7.61.1-12.el8.aarch64.rpm821dc024386f2a955befcd86782812c2a6c4288b64675150a06799978ac17823-ol8_aarch64_u2_baseos_base
libcurl-devel-7.61.1-12.el8.aarch64.rpmb6e494047a8cae07f00be7228856d84686e02d4fdffb5eeef4d7e23da1ae154a-ol8_aarch64_baseos_latest
libcurl-devel-7.61.1-12.el8.aarch64.rpmb6e494047a8cae07f00be7228856d84686e02d4fdffb5eeef4d7e23da1ae154a-ol8_aarch64_u2_baseos_base
libcurl-minimal-7.61.1-12.el8.aarch64.rpm4d6d729b9e52266ef9268093fbd88c705b37ee8d8f87eca0dc733d6a553cb599-ol8_aarch64_baseos_latest
libcurl-minimal-7.61.1-12.el8.aarch64.rpm4d6d729b9e52266ef9268093fbd88c705b37ee8d8f87eca0dc733d6a553cb599-ol8_aarch64_u2_baseos_base
Oracle Linux 8 (x86_64) curl-7.61.1-12.el8.src.rpm4142afd93973752bf97f31189b23243a116fd14448eaf8f63190138865b5f8ff-ol8_x86_64_baseos_latest
curl-7.61.1-12.el8.src.rpm4142afd93973752bf97f31189b23243a116fd14448eaf8f63190138865b5f8ff-ol8_x86_64_u2_baseos_base
curl-7.61.1-12.el8.x86_64.rpmc933cfb21691295698c456fac676b49b98121960103d8f3a976167ac6f15d931-ol8_x86_64_baseos_latest
curl-7.61.1-12.el8.x86_64.rpmc933cfb21691295698c456fac676b49b98121960103d8f3a976167ac6f15d931-ol8_x86_64_u2_baseos_base
libcurl-7.61.1-12.el8.i686.rpm143b17eab3940b5eee7b51321e263876850e425f956ac22da574b1f10d5e93bb-ol8_x86_64_baseos_latest
libcurl-7.61.1-12.el8.i686.rpm143b17eab3940b5eee7b51321e263876850e425f956ac22da574b1f10d5e93bb-ol8_x86_64_u2_baseos_base
libcurl-7.61.1-12.el8.x86_64.rpm33e6754740a0adf5b7a22b3f0d987a78d286a1c423e3c1af7299a856f0492633-ol8_x86_64_baseos_latest
libcurl-7.61.1-12.el8.x86_64.rpm33e6754740a0adf5b7a22b3f0d987a78d286a1c423e3c1af7299a856f0492633-ol8_x86_64_u2_baseos_base
libcurl-devel-7.61.1-12.el8.i686.rpm50b1afe8017678673bf3d0044af416ca2f2cf427c2bba03b3c0a10c31fc74aa3-ol8_x86_64_baseos_latest
libcurl-devel-7.61.1-12.el8.i686.rpm50b1afe8017678673bf3d0044af416ca2f2cf427c2bba03b3c0a10c31fc74aa3-ol8_x86_64_u2_baseos_base
libcurl-devel-7.61.1-12.el8.x86_64.rpm103c5a8d8bad3926f4f66adc63745e2276a20b95607236513a11bb0a5d608964-ol8_x86_64_baseos_latest
libcurl-devel-7.61.1-12.el8.x86_64.rpm103c5a8d8bad3926f4f66adc63745e2276a20b95607236513a11bb0a5d608964-ol8_x86_64_u2_baseos_base
libcurl-minimal-7.61.1-12.el8.i686.rpmc753d79ac287e9f87189b46d56c30b64436d813408f9c29b96232bfe2d7db2ef-ol8_x86_64_baseos_latest
libcurl-minimal-7.61.1-12.el8.i686.rpmc753d79ac287e9f87189b46d56c30b64436d813408f9c29b96232bfe2d7db2ef-ol8_x86_64_u2_baseos_base
libcurl-minimal-7.61.1-12.el8.x86_64.rpm51d141dd63752cb9e3ace0d34499ca1b836ef9110bc630124eb3e9860bd7496f-ol8_x86_64_baseos_latest
libcurl-minimal-7.61.1-12.el8.x86_64.rpm51d141dd63752cb9e3ace0d34499ca1b836ef9110bc630124eb3e9860bd7496f-ol8_x86_64_u2_baseos_base



This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

software.hardware.complete
Subscribe | Careers | Contact Us | Legal Notices | Terms of Use | Your Privacy Rights