ELSA-2021-1610

ULN >
Oracle Linux Errata repository >
ELSA-2021-1610

ELSA-2021-1610 - curl security and bug fix update

Type:	SECURITY
Impact:	MODERATE
Release Date:	2021-05-25

Description

[7.61.1-18]
- http: send payload when (proxy) authentication is done (#1918692)
- curl: Inferior OCSP verification (CVE-2020-8286)
- libcurl: FTP wildcard stack overflow (CVE-2020-8285)
- curl: trusting FTP PASV responses (CVE-2020-8284)

[7.61.1-17]
- validate an ssl connection using an intermediate certificate (#1895355)

[7.61.1-16]
- fix multiarch conflicts in libcurl-minimal (#1895391)

[7.61.1-15]
- do not crash when HTTPS_PROXY and NO_PROXY are used together (#1873327)
- libcurl: wrong connect-only connection (CVE-2020-8231)

Related CVEs

Updated Packages

Release/Architecture	Filename	sha256	Superseded By Advisory	Channel Label

Oracle Linux 8 (aarch64)	curl-7.61.1-18.el8.src.rpm	28e10ca9dff1ede7c46aec29fec9fb887197a461653d2f31a2de17c3966df64c	-	ol8_aarch64_baseos_latest
	curl-7.61.1-18.el8.src.rpm	28e10ca9dff1ede7c46aec29fec9fb887197a461653d2f31a2de17c3966df64c	-	ol8_aarch64_u4_baseos_base
	curl-7.61.1-18.el8.aarch64.rpm	462256f06f87c851fa6ce50e25581930b38856334930b28dda6a7c6eaafe1d71	-	ol8_aarch64_baseos_latest
	curl-7.61.1-18.el8.aarch64.rpm	462256f06f87c851fa6ce50e25581930b38856334930b28dda6a7c6eaafe1d71	-	ol8_aarch64_u4_baseos_base
	libcurl-7.61.1-18.el8.aarch64.rpm	d19d53000a10c158262f81f318afde0b753e4192a3ca6bc319944e1e022a4508	-	ol8_aarch64_baseos_latest
	libcurl-7.61.1-18.el8.aarch64.rpm	d19d53000a10c158262f81f318afde0b753e4192a3ca6bc319944e1e022a4508	-	ol8_aarch64_u4_baseos_base
	libcurl-devel-7.61.1-18.el8.aarch64.rpm	bc25ab223396c285969e2171b4f991a1473c2fd852059bd283a0d281ec261993	-	ol8_aarch64_baseos_latest
	libcurl-devel-7.61.1-18.el8.aarch64.rpm	bc25ab223396c285969e2171b4f991a1473c2fd852059bd283a0d281ec261993	-	ol8_aarch64_u4_baseos_base
	libcurl-minimal-7.61.1-18.el8.aarch64.rpm	afdedbb00f828fba22cfeb409b1a511e2f8ab809a5fd67dedb152ba475cca4d3	-	ol8_aarch64_baseos_latest
	libcurl-minimal-7.61.1-18.el8.aarch64.rpm	afdedbb00f828fba22cfeb409b1a511e2f8ab809a5fd67dedb152ba475cca4d3	-	ol8_aarch64_u4_baseos_base

Oracle Linux 8 (x86_64)	curl-7.61.1-18.el8.src.rpm	28e10ca9dff1ede7c46aec29fec9fb887197a461653d2f31a2de17c3966df64c	-	ol8_x86_64_baseos_latest
	curl-7.61.1-18.el8.src.rpm	28e10ca9dff1ede7c46aec29fec9fb887197a461653d2f31a2de17c3966df64c	-	ol8_x86_64_u4_baseos_base
	curl-7.61.1-18.el8.x86_64.rpm	e2c8c62347b4272cfcf7f6c97076a787a269aa77753c9db439a71657d9cf3687	-	ol8_x86_64_baseos_latest
	curl-7.61.1-18.el8.x86_64.rpm	e2c8c62347b4272cfcf7f6c97076a787a269aa77753c9db439a71657d9cf3687	-	ol8_x86_64_u4_baseos_base
	libcurl-7.61.1-18.el8.i686.rpm	886814cd5a1d02bc1df14210e201d746928422dab3946627252dc3f9c338ec4b	-	ol8_x86_64_baseos_latest
	libcurl-7.61.1-18.el8.i686.rpm	886814cd5a1d02bc1df14210e201d746928422dab3946627252dc3f9c338ec4b	-	ol8_x86_64_u4_baseos_base
	libcurl-7.61.1-18.el8.x86_64.rpm	9db92e839ba702dbe2e99e03b7229bb8226b3e8928ee348daf74cead1eedfea4	-	ol8_x86_64_baseos_latest
	libcurl-7.61.1-18.el8.x86_64.rpm	9db92e839ba702dbe2e99e03b7229bb8226b3e8928ee348daf74cead1eedfea4	-	ol8_x86_64_u4_baseos_base
	libcurl-devel-7.61.1-18.el8.i686.rpm	831c58bc0a64c397558727cadc087cf747fd90de4dbb18f5ebcaf50bd66de8b9	-	ol8_x86_64_baseos_latest
	libcurl-devel-7.61.1-18.el8.i686.rpm	831c58bc0a64c397558727cadc087cf747fd90de4dbb18f5ebcaf50bd66de8b9	-	ol8_x86_64_u4_baseos_base
	libcurl-devel-7.61.1-18.el8.x86_64.rpm	bbf4feff7e17bc064cdeef7971d5b4b770bb4dbcff86f493b28e9e3c2d6e8431	-	ol8_x86_64_baseos_latest
	libcurl-devel-7.61.1-18.el8.x86_64.rpm	bbf4feff7e17bc064cdeef7971d5b4b770bb4dbcff86f493b28e9e3c2d6e8431	-	ol8_x86_64_u4_baseos_base
	libcurl-minimal-7.61.1-18.el8.i686.rpm	a175ca611f674e3c831b67cd4b3b731348c072a0884541a4256e9018acae9d0c	-	ol8_x86_64_baseos_latest
	libcurl-minimal-7.61.1-18.el8.i686.rpm	a175ca611f674e3c831b67cd4b3b731348c072a0884541a4256e9018acae9d0c	-	ol8_x86_64_u4_baseos_base
	libcurl-minimal-7.61.1-18.el8.x86_64.rpm	d10cf363ea4ea4cd10f46e7d0078d9ec85939d6033c55122a79a5d13e1e86eba	-	ol8_x86_64_baseos_latest
	libcurl-minimal-7.61.1-18.el8.x86_64.rpm	d10cf363ea4ea4cd10f46e7d0078d9ec85939d6033c55122a79a5d13e1e86eba	-	ol8_x86_64_u4_baseos_base

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

Technical information

Oracle Linux Support

Connect

Contact Us

Global contacts
Oracle 1-800-633-0691