ELSA-2023-2478

ULN >
Oracle Linux Errata repository >
ELSA-2023-2478

ELSA-2023-2478 - curl security update

Type:	SECURITY
Severity:	LOW
Release Date:	2023-05-15

Description

[7.76.1-23]
- fix HTTP multi-header compression denial of service (CVE-2023-23916)

[7.76.1-22]
- smb/telnet: fix use-after-free when HTTP proxy denies tunnel (CVE-2022-43552)

[7.76.1-21]
- fix POST following PUT confusion (CVE-2022-32221)

[7.76.1-20]
- control code in cookie denial of service (CVE-2022-35252)

Related CVEs

CVE-2022-43552

CVE-2022-35252

Updated Packages

Release/Architecture	Filename	MD5sum	Superseded By Advisory

Oracle Linux 9 (aarch64)	curl-7.76.1-23.el9.src.rpm	90172d3a2f4c25cfad103762c0f44a19	-
	curl-7.76.1-23.el9.aarch64.rpm	c2158853047d9636900dec58b4b83d9b	-
	curl-minimal-7.76.1-23.el9.aarch64.rpm	fc0b3d084e6b867a50afccd602f8fc47	-
	libcurl-7.76.1-23.el9.aarch64.rpm	62bd80c4900788750bc05e3e8f706d7b	-
	libcurl-devel-7.76.1-23.el9.aarch64.rpm	801b36d482cff0a7b116c4d1f50e7447	-
	libcurl-minimal-7.76.1-23.el9.aarch64.rpm	a4100ac80f8ab9444e937c9a8baccd68	-

Oracle Linux 9 (x86_64)	curl-7.76.1-23.el9.src.rpm	90172d3a2f4c25cfad103762c0f44a19	-
	curl-7.76.1-23.el9.x86_64.rpm	89407542b41d8c21e043be2bdf3743da	-
	curl-minimal-7.76.1-23.el9.x86_64.rpm	eef8c4fdd8de469e79a30dc74b3bee1e	-
	libcurl-7.76.1-23.el9.i686.rpm	d1a2c2329b742304cce7c592abc66d45	-
	libcurl-7.76.1-23.el9.x86_64.rpm	df4a11e41f232d6786ec627d46d1bc01	-
	libcurl-devel-7.76.1-23.el9.i686.rpm	d3c692c0924314fd0c578c0b0ed5d1b8	-
	libcurl-devel-7.76.1-23.el9.x86_64.rpm	d1bedf7276cc635166b47174f850f39d	-
	libcurl-minimal-7.76.1-23.el9.i686.rpm	306eb78d6363e4ddf828de44c9bfa5ec	-
	libcurl-minimal-7.76.1-23.el9.x86_64.rpm	da60c26843c8fe076109ecbdcfd1ea00	-

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

Technical information

Oracle Linux Support

Connect

Contact Us

Global contacts
Oracle 1-800-633-0691