ELSA-2023-2963

ULN >
Oracle Linux Errata repository >
ELSA-2023-2963

ELSA-2023-2963 - curl security and bug fix update

Type:	SECURITY
Impact:	LOW
Release Date:	2023-05-24

Description

[7.61.1-30]
- fix HTTP multi-header compression denial of service (CVE-2023-23916)

[7.61.1-29]
- h2: lower initial window size to 32 MiB (#2166254)

[7.61.1-28]
- smb/telnet: fix use-after-free when HTTP proxy denies tunnel (CVE-2022-43552)

[7.61.1-27]
- upon HTTP_1_1_REQUIRED, retry the request with HTTP/1.1 (#2139337)

[7.61.1-26]
- control code in cookie denial of service (CVE-2022-35252)

Related CVEs

CVE-2022-43552

CVE-2022-35252

Updated Packages

Release/Architecture	Filename	sha256	Superseded By Advisory	Channel Label

Oracle Linux 8 (aarch64)	curl-7.61.1-30.el8.src.rpm	e1072f5288d77dc9a291500ee9d6a34bf4e007f26d76c3ac3fbf3c848ddee47d	-	ol8_aarch64_baseos_developer
	curl-7.61.1-30.el8.src.rpm	e1072f5288d77dc9a291500ee9d6a34bf4e007f26d76c3ac3fbf3c848ddee47d	-	ol8_aarch64_baseos_latest
	curl-7.61.1-30.el8.src.rpm	e1072f5288d77dc9a291500ee9d6a34bf4e007f26d76c3ac3fbf3c848ddee47d	-	ol8_aarch64_u8_baseos_base
	curl-7.61.1-30.el8.aarch64.rpm	0e3931b944f4b2315c215d0c5d8f9429f487745ffbc26dde93a5bb8fff896d29	-	ol8_aarch64_baseos_developer
	curl-7.61.1-30.el8.aarch64.rpm	0e3931b944f4b2315c215d0c5d8f9429f487745ffbc26dde93a5bb8fff896d29	-	ol8_aarch64_baseos_latest
	curl-7.61.1-30.el8.aarch64.rpm	0e3931b944f4b2315c215d0c5d8f9429f487745ffbc26dde93a5bb8fff896d29	-	ol8_aarch64_u8_baseos_base
	libcurl-7.61.1-30.el8.aarch64.rpm	6055f96ee56778767f92715eace84c985f10c9b0690ceca4491cb3d7b32055ce	-	ol8_aarch64_baseos_developer
	libcurl-7.61.1-30.el8.aarch64.rpm	6055f96ee56778767f92715eace84c985f10c9b0690ceca4491cb3d7b32055ce	-	ol8_aarch64_baseos_latest
	libcurl-7.61.1-30.el8.aarch64.rpm	6055f96ee56778767f92715eace84c985f10c9b0690ceca4491cb3d7b32055ce	-	ol8_aarch64_u8_baseos_base
	libcurl-devel-7.61.1-30.el8.aarch64.rpm	0054bc5822e432c43d854377b6691eb70e5b8dbbf3b1b49b4c8667125ac5aa6b	-	ol8_aarch64_baseos_developer
	libcurl-devel-7.61.1-30.el8.aarch64.rpm	0054bc5822e432c43d854377b6691eb70e5b8dbbf3b1b49b4c8667125ac5aa6b	-	ol8_aarch64_baseos_latest
	libcurl-devel-7.61.1-30.el8.aarch64.rpm	0054bc5822e432c43d854377b6691eb70e5b8dbbf3b1b49b4c8667125ac5aa6b	-	ol8_aarch64_u8_baseos_base
	libcurl-minimal-7.61.1-30.el8.aarch64.rpm	33ebca1d674583b97e33a8f372a2fbe7b50033ed408505c192cbc3091a1e94b3	-	ol8_aarch64_baseos_developer
	libcurl-minimal-7.61.1-30.el8.aarch64.rpm	33ebca1d674583b97e33a8f372a2fbe7b50033ed408505c192cbc3091a1e94b3	-	ol8_aarch64_baseos_latest
	libcurl-minimal-7.61.1-30.el8.aarch64.rpm	33ebca1d674583b97e33a8f372a2fbe7b50033ed408505c192cbc3091a1e94b3	-	ol8_aarch64_u8_baseos_base

Oracle Linux 8 (x86_64)	curl-7.61.1-30.el8.src.rpm	e1072f5288d77dc9a291500ee9d6a34bf4e007f26d76c3ac3fbf3c848ddee47d	-	ol8_x86_64_baseos_developer
	curl-7.61.1-30.el8.src.rpm	e1072f5288d77dc9a291500ee9d6a34bf4e007f26d76c3ac3fbf3c848ddee47d	-	ol8_x86_64_baseos_latest
	curl-7.61.1-30.el8.src.rpm	e1072f5288d77dc9a291500ee9d6a34bf4e007f26d76c3ac3fbf3c848ddee47d	-	ol8_x86_64_u8_baseos_base
	curl-7.61.1-30.el8.x86_64.rpm	72bed060617e6d9ad654f5e81b8b1170d7016f64efd65903444e6208d1de1dbc	-	ol8_x86_64_baseos_developer
	curl-7.61.1-30.el8.x86_64.rpm	72bed060617e6d9ad654f5e81b8b1170d7016f64efd65903444e6208d1de1dbc	-	ol8_x86_64_baseos_latest
	curl-7.61.1-30.el8.x86_64.rpm	72bed060617e6d9ad654f5e81b8b1170d7016f64efd65903444e6208d1de1dbc	-	ol8_x86_64_u8_baseos_base
	libcurl-7.61.1-30.el8.i686.rpm	6ad0b22d9586af3d310315ec73c2457e81f19fed4833ce557f4a34e13c4edad8	-	ol8_x86_64_baseos_developer
	libcurl-7.61.1-30.el8.i686.rpm	6ad0b22d9586af3d310315ec73c2457e81f19fed4833ce557f4a34e13c4edad8	-	ol8_x86_64_baseos_latest
	libcurl-7.61.1-30.el8.i686.rpm	6ad0b22d9586af3d310315ec73c2457e81f19fed4833ce557f4a34e13c4edad8	-	ol8_x86_64_u8_baseos_base
	libcurl-7.61.1-30.el8.x86_64.rpm	aa68a81b1f7f43c05eb7e06d254915f5e63d39b2d69db9a915bcf06e15aeb02e	-	ol8_x86_64_baseos_developer
	libcurl-7.61.1-30.el8.x86_64.rpm	aa68a81b1f7f43c05eb7e06d254915f5e63d39b2d69db9a915bcf06e15aeb02e	-	ol8_x86_64_baseos_latest
	libcurl-7.61.1-30.el8.x86_64.rpm	aa68a81b1f7f43c05eb7e06d254915f5e63d39b2d69db9a915bcf06e15aeb02e	-	ol8_x86_64_u8_baseos_base
	libcurl-devel-7.61.1-30.el8.i686.rpm	29b5891bbd07ca04d755c81a6f1bb71377f3a6d2b9c22f070bbafee5804a9dc1	-	ol8_x86_64_baseos_developer
	libcurl-devel-7.61.1-30.el8.i686.rpm	29b5891bbd07ca04d755c81a6f1bb71377f3a6d2b9c22f070bbafee5804a9dc1	-	ol8_x86_64_baseos_latest
	libcurl-devel-7.61.1-30.el8.i686.rpm	29b5891bbd07ca04d755c81a6f1bb71377f3a6d2b9c22f070bbafee5804a9dc1	-	ol8_x86_64_u8_baseos_base
	libcurl-devel-7.61.1-30.el8.x86_64.rpm	b02cf69518aade10bdb39327411ef5ffd1bdb38881d382ee9c78440c5949bb1b	-	ol8_x86_64_baseos_developer
	libcurl-devel-7.61.1-30.el8.x86_64.rpm	b02cf69518aade10bdb39327411ef5ffd1bdb38881d382ee9c78440c5949bb1b	-	ol8_x86_64_baseos_latest
	libcurl-devel-7.61.1-30.el8.x86_64.rpm	b02cf69518aade10bdb39327411ef5ffd1bdb38881d382ee9c78440c5949bb1b	-	ol8_x86_64_u8_baseos_base
	libcurl-minimal-7.61.1-30.el8.i686.rpm	3495d6c962cabd9c3a8509d07c9387c7b0220c5cc630966e9dce70730a92b2ae	-	ol8_x86_64_baseos_developer
	libcurl-minimal-7.61.1-30.el8.i686.rpm	3495d6c962cabd9c3a8509d07c9387c7b0220c5cc630966e9dce70730a92b2ae	-	ol8_x86_64_baseos_latest
	libcurl-minimal-7.61.1-30.el8.i686.rpm	3495d6c962cabd9c3a8509d07c9387c7b0220c5cc630966e9dce70730a92b2ae	-	ol8_x86_64_u8_baseos_base
	libcurl-minimal-7.61.1-30.el8.x86_64.rpm	d64d3e598498763e96e66ed9a58749591664385932a27e0f860ac80178ab0ae6	-	ol8_x86_64_baseos_developer
	libcurl-minimal-7.61.1-30.el8.x86_64.rpm	d64d3e598498763e96e66ed9a58749591664385932a27e0f860ac80178ab0ae6	-	ol8_x86_64_baseos_latest
	libcurl-minimal-7.61.1-30.el8.x86_64.rpm	d64d3e598498763e96e66ed9a58749591664385932a27e0f860ac80178ab0ae6	-	ol8_x86_64_u8_baseos_base

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

Technical information

Oracle Linux Support

Connect

Contact Us

Global contacts
Oracle 1-800-633-0691