ELSA-2022-8299

ULN >
Oracle Linux Errata repository >
ELSA-2022-8299

ELSA-2022-8299 - curl security update

Type:	SECURITY
Impact:	LOW
Release Date:	2022-11-22

Description

[7.76.1-19]
- fix unpreserved file permissions (CVE-2022-32207)
- fix HTTP compression denial of service (CVE-2022-32206)
- fix FTP-KRB bad message verification (CVE-2022-32208)

[7.76.1-18]
- fix too eager reuse of TLS and SSH connections (CVE-2022-27782)

[7.76.1-17]
- fix leak of SRP credentials in redirects (CVE-2022-27774)

[7.76.1-16]
- add missing tests to Makefile

[7.76.1-15]
- fix credential leak on redirect (CVE-2022-27774)
- fix auth/cookie leak on redirect (CVE-2022-27776)
- fix bad local IPv6 connection reuse (CVE-2022-27775)
- fix OAUTH2 bearer bypass in connection re-use (CVE-2022-22576)

Related CVEs

CVE-2022-27775

Updated Packages

Release/Architecture	Filename	sha256	Superseded By Advisory	Channel Label

Oracle Linux 9 (aarch64)	curl-7.76.1-19.el9.src.rpm	b52b915b0b6207f62018c6f7797fae6bebff0501180c71f5dd874df43c8ff6ad	-	ol9_aarch64_appstream
	curl-7.76.1-19.el9.src.rpm	b52b915b0b6207f62018c6f7797fae6bebff0501180c71f5dd874df43c8ff6ad	-	ol9_aarch64_baseos_latest
	curl-7.76.1-19.el9.src.rpm	b52b915b0b6207f62018c6f7797fae6bebff0501180c71f5dd874df43c8ff6ad	-	ol9_aarch64_u1_baseos_base
	curl-7.76.1-19.el9.aarch64.rpm	813eca9c10242de99a4856bc942db09809b903948a4bdf3e6480cde9c7eda166	-	ol9_aarch64_baseos_latest
	curl-7.76.1-19.el9.aarch64.rpm	813eca9c10242de99a4856bc942db09809b903948a4bdf3e6480cde9c7eda166	-	ol9_aarch64_u1_baseos_base
	curl-minimal-7.76.1-19.el9.aarch64.rpm	aa36575fd6c46284c32c74dfbee04181f280f0b0cb9f065d296a031e2f34df5c	-	ol9_aarch64_baseos_latest
	curl-minimal-7.76.1-19.el9.aarch64.rpm	aa36575fd6c46284c32c74dfbee04181f280f0b0cb9f065d296a031e2f34df5c	-	ol9_aarch64_u1_baseos_base
	libcurl-7.76.1-19.el9.aarch64.rpm	13d259be2d41c318cfbf9a2c1bd23b880aea28e8dbcf5f0106e013793b1f8421	-	ol9_aarch64_baseos_latest
	libcurl-7.76.1-19.el9.aarch64.rpm	13d259be2d41c318cfbf9a2c1bd23b880aea28e8dbcf5f0106e013793b1f8421	-	ol9_aarch64_u1_baseos_base
	libcurl-devel-7.76.1-19.el9.aarch64.rpm	2444f403ba34ab3a4826ef12ddef923330397d95d20a93e4771ee9e05bc296b8	-	ol9_aarch64_appstream
	libcurl-minimal-7.76.1-19.el9.aarch64.rpm	0d5be8a38e71a64d558894ba9401e452cf2dc23128bc607557a1da786c43d727	-	ol9_aarch64_baseos_latest
	libcurl-minimal-7.76.1-19.el9.aarch64.rpm	0d5be8a38e71a64d558894ba9401e452cf2dc23128bc607557a1da786c43d727	-	ol9_aarch64_u1_baseos_base

Oracle Linux 9 (x86_64)	curl-7.76.1-19.el9.src.rpm	b52b915b0b6207f62018c6f7797fae6bebff0501180c71f5dd874df43c8ff6ad	-	ol9_x86_64_appstream
	curl-7.76.1-19.el9.src.rpm	b52b915b0b6207f62018c6f7797fae6bebff0501180c71f5dd874df43c8ff6ad	-	ol9_x86_64_baseos_latest
	curl-7.76.1-19.el9.src.rpm	b52b915b0b6207f62018c6f7797fae6bebff0501180c71f5dd874df43c8ff6ad	-	ol9_x86_64_u1_baseos_base
	curl-7.76.1-19.el9.x86_64.rpm	f215ff0ca51bdf97ddeffbdbe128171822880abde10dc4392a59a636a013a131	-	ol9_x86_64_baseos_latest
	curl-7.76.1-19.el9.x86_64.rpm	f215ff0ca51bdf97ddeffbdbe128171822880abde10dc4392a59a636a013a131	-	ol9_x86_64_u1_baseos_base
	curl-minimal-7.76.1-19.el9.x86_64.rpm	6cf0062fe7d53b0a0145776fdfaae3b0c18840a39a1c659e9fbffc3ae13cbd0e	-	ol9_x86_64_baseos_latest
	curl-minimal-7.76.1-19.el9.x86_64.rpm	6cf0062fe7d53b0a0145776fdfaae3b0c18840a39a1c659e9fbffc3ae13cbd0e	-	ol9_x86_64_u1_baseos_base
	libcurl-7.76.1-19.el9.i686.rpm	d9f43596cdd8b03b10c34fbf4858397516971855f07d2153b18e82b13fab5805	-	ol9_x86_64_baseos_latest
	libcurl-7.76.1-19.el9.i686.rpm	d9f43596cdd8b03b10c34fbf4858397516971855f07d2153b18e82b13fab5805	-	ol9_x86_64_u1_baseos_base
	libcurl-7.76.1-19.el9.x86_64.rpm	ff23ceb58a8e24fc51e7be7f051c667eb9b90e7e6892b67160c4d0d279ce30c5	-	ol9_x86_64_baseos_latest
	libcurl-7.76.1-19.el9.x86_64.rpm	ff23ceb58a8e24fc51e7be7f051c667eb9b90e7e6892b67160c4d0d279ce30c5	-	ol9_x86_64_u1_baseos_base
	libcurl-devel-7.76.1-19.el9.i686.rpm	79adaadf0a78a5d4a9e8372d8be64905372ca3684f2ff38a91a9e7a5edc92b1d	-	ol9_x86_64_appstream
	libcurl-devel-7.76.1-19.el9.x86_64.rpm	f75716ee5e7f10d27c8661ab1db200c6d11809fe2c9000065e8c7c91c0eb9de3	-	ol9_x86_64_appstream
	libcurl-minimal-7.76.1-19.el9.i686.rpm	c3ccb1487e1c30b52d580e87bbb713a83e7fc69f93eb9e22d649fc93c3358e65	-	ol9_x86_64_baseos_latest
	libcurl-minimal-7.76.1-19.el9.i686.rpm	c3ccb1487e1c30b52d580e87bbb713a83e7fc69f93eb9e22d649fc93c3358e65	-	ol9_x86_64_u1_baseos_base
	libcurl-minimal-7.76.1-19.el9.x86_64.rpm	63433cedaf443bb5da86cf30b53c2d8e6ec392d2c266210ffe513935e7cfa4dd	-	ol9_x86_64_baseos_latest
	libcurl-minimal-7.76.1-19.el9.x86_64.rpm	63433cedaf443bb5da86cf30b53c2d8e6ec392d2c266210ffe513935e7cfa4dd	-	ol9_x86_64_u1_baseos_base

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

Technical information

Oracle Linux Support

Connect

Contact Us

Global contacts
Oracle 1-800-633-0691