ELSA-2023-5763

ULN >
Oracle Linux Errata repository >
ELSA-2023-5763

ELSA-2023-5763 - curl security update

Type:	SECURITY
Severity:	IMPORTANT
Release Date:	2023-10-18

Description

[7.76.1-23.el9_2.4]
- curl: a heap-based buffer overflow in the SOCKS5 proxy handshake (CVE-2023-38545)
- curl: cookie injection with none file (CVE-2023-38546)

Related CVEs

CVE-2023-38546

CVE-2023-38545

Updated Packages

Release/Architecture	Filename	MD5sum	Superseded By Advisory	Channel Label

Oracle Linux 9 (aarch64)	curl-7.76.1-23.el9_2.4.src.rpm	5cecbc11f3a7d99292217e0a83e8e93d	-	ol9_aarch64_appstream
	curl-7.76.1-23.el9_2.4.src.rpm	5cecbc11f3a7d99292217e0a83e8e93d	-	ol9_aarch64_baseos_latest
	curl-7.76.1-23.el9_2.4.src.rpm	5cecbc11f3a7d99292217e0a83e8e93d	-	ol9_aarch64_u2_baseos_patch
	curl-7.76.1-23.el9_2.4.aarch64.rpm	03e31b28d9f508e1960761e1f85ce66e	-	ol9_aarch64_baseos_latest
	curl-7.76.1-23.el9_2.4.aarch64.rpm	03e31b28d9f508e1960761e1f85ce66e	-	ol9_aarch64_u2_baseos_patch
	curl-minimal-7.76.1-23.el9_2.4.aarch64.rpm	a508f891764790c69a2877b42b6d2e9b	-	ol9_aarch64_baseos_latest
	curl-minimal-7.76.1-23.el9_2.4.aarch64.rpm	a508f891764790c69a2877b42b6d2e9b	-	ol9_aarch64_u2_baseos_patch
	libcurl-7.76.1-23.el9_2.4.aarch64.rpm	70f1491f307e5681f16e5ba7d518d6d5	-	ol9_aarch64_baseos_latest
	libcurl-7.76.1-23.el9_2.4.aarch64.rpm	70f1491f307e5681f16e5ba7d518d6d5	-	ol9_aarch64_u2_baseos_patch
	libcurl-devel-7.76.1-23.el9_2.4.aarch64.rpm	a00917caaf02397a261d38a8a4ecb659	-	ol9_aarch64_appstream
	libcurl-minimal-7.76.1-23.el9_2.4.aarch64.rpm	c5b504e934e19e10aa4938a0c4d72417	-	ol9_aarch64_baseos_latest
	libcurl-minimal-7.76.1-23.el9_2.4.aarch64.rpm	c5b504e934e19e10aa4938a0c4d72417	-	ol9_aarch64_u2_baseos_patch

Oracle Linux 9 (x86_64)	curl-7.76.1-23.el9_2.4.src.rpm	5cecbc11f3a7d99292217e0a83e8e93d	-	ol9_x86_64_appstream
	curl-7.76.1-23.el9_2.4.src.rpm	5cecbc11f3a7d99292217e0a83e8e93d	-	ol9_x86_64_baseos_latest
	curl-7.76.1-23.el9_2.4.src.rpm	5cecbc11f3a7d99292217e0a83e8e93d	-	ol9_x86_64_u2_baseos_patch
	curl-7.76.1-23.el9_2.4.x86_64.rpm	b329af701d392ce81d381467ba4e949d	-	ol9_x86_64_baseos_latest
	curl-7.76.1-23.el9_2.4.x86_64.rpm	b329af701d392ce81d381467ba4e949d	-	ol9_x86_64_u2_baseos_patch
	curl-minimal-7.76.1-23.el9_2.4.x86_64.rpm	0fae96fc7465dd28adabe17df5812ab3	-	ol9_x86_64_baseos_latest
	curl-minimal-7.76.1-23.el9_2.4.x86_64.rpm	0fae96fc7465dd28adabe17df5812ab3	-	ol9_x86_64_u2_baseos_patch
	libcurl-7.76.1-23.el9_2.4.i686.rpm	8df7e6ad0f8be695a92a44f475b36147	-	ol9_x86_64_baseos_latest
	libcurl-7.76.1-23.el9_2.4.i686.rpm	8df7e6ad0f8be695a92a44f475b36147	-	ol9_x86_64_u2_baseos_patch
	libcurl-7.76.1-23.el9_2.4.x86_64.rpm	19ef6f96f48364139c5fb88faf2a6187	-	ol9_x86_64_baseos_latest
	libcurl-7.76.1-23.el9_2.4.x86_64.rpm	19ef6f96f48364139c5fb88faf2a6187	-	ol9_x86_64_u2_baseos_patch
	libcurl-devel-7.76.1-23.el9_2.4.i686.rpm	089ee75260ae5e96a915327858033bbb	-	ol9_x86_64_appstream
	libcurl-devel-7.76.1-23.el9_2.4.x86_64.rpm	015d311fc4427aa865420bcd133ec946	-	ol9_x86_64_appstream
	libcurl-minimal-7.76.1-23.el9_2.4.i686.rpm	e3d87cb903192a88b5255e26462e8aaa	-	ol9_x86_64_baseos_latest
	libcurl-minimal-7.76.1-23.el9_2.4.i686.rpm	e3d87cb903192a88b5255e26462e8aaa	-	ol9_x86_64_u2_baseos_patch
	libcurl-minimal-7.76.1-23.el9_2.4.x86_64.rpm	0363cb921833100e2ff4f8393fc20032	-	ol9_x86_64_baseos_latest
	libcurl-minimal-7.76.1-23.el9_2.4.x86_64.rpm	0363cb921833100e2ff4f8393fc20032	-	ol9_x86_64_u2_baseos_patch

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

Technical information

Oracle Linux Support

Connect

Contact Us

Global contacts
Oracle 1-800-633-0691