ELSA-2022-5313

ULN >
Oracle Linux Errata repository >
ELSA-2022-5313

ELSA-2022-5313 - curl security update

Type:	SECURITY
Severity:	MODERATE
Release Date:	2022-06-30

Description

[7.61.1-22.el8_6.3]
- fix too eager reuse of TLS and SSH connections (CVE-2022-27782)

[7.61.1-22.el8_6.2]
- fix invalid type in printf() argument detected by Coverity

[7.61.1-22.el8_6.1]
- fix credential leak on redirect (CVE-2022-27774)
- fix auth/cookie leak on redirect (CVE-2022-27776)
- fix OAUTH2 bearer bypass in connection re-use (CVE-2022-22576)

Related CVEs

Updated Packages

Release/Architecture	Filename	MD5sum	Superseded By Advisory

Oracle Linux 8 (aarch64)	curl-7.61.1-22.el8_6.3.src.rpm	4ca7c6e212a962cd9df3b38f00a9c4c1	-
	curl-7.61.1-22.el8_6.3.aarch64.rpm	773fa49207955b5d84516fafaf0ef176	-
	libcurl-7.61.1-22.el8_6.3.aarch64.rpm	200eebd9de576c594b17e73689a1c0eb	-
	libcurl-devel-7.61.1-22.el8_6.3.aarch64.rpm	3abb9a295a52efa55fc8e6543e8723d8	-
	libcurl-minimal-7.61.1-22.el8_6.3.aarch64.rpm	d4da61e5d3a2fed02c6a2e9465b21253	-

Oracle Linux 8 (x86_64)	curl-7.61.1-22.el8_6.3.src.rpm	4ca7c6e212a962cd9df3b38f00a9c4c1	-
	curl-7.61.1-22.el8_6.3.x86_64.rpm	a01f1007f57e43ecee846c4eb6b3f9c6	-
	libcurl-7.61.1-22.el8_6.3.i686.rpm	bd8ce185acfaac56e1a35759f99e5b1a	-
	libcurl-7.61.1-22.el8_6.3.x86_64.rpm	ed1e8297f435d76efa8a233c8cab9e0c	-
	libcurl-devel-7.61.1-22.el8_6.3.i686.rpm	13a8ca4c7bebb431145ea7464c1fee9c	-
	libcurl-devel-7.61.1-22.el8_6.3.x86_64.rpm	a4013fcaef0ef7d3829f6e69afd56484	-
	libcurl-minimal-7.61.1-22.el8_6.3.i686.rpm	347c79dc784203bac6145c26e1c9adc2	-
	libcurl-minimal-7.61.1-22.el8_6.3.x86_64.rpm	672a8ec897d86b33ce228d34e02974c0	-

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

Technical information

Oracle Linux Support

Connect

Contact Us

Global contacts
Oracle 1-800-633-0691