ELSA-2023-6679

ULN >
Oracle Linux Errata repository >
ELSA-2023-6679

ELSA-2023-6679 - curl security update

Type:	SECURITY
Severity:	MODERATE
Release Date:	2023-11-11

Description

[7.76.1-26]
- unify the upload/method handling (CVE-2023-28322)
- fix host name wildcard checking (CVE-2023-28321)

[7.76.1-25]
- adapt the fix of CVE-2023-27535 for RHEL 9 curl

[7.76.1-24]
- fix SSH connection too eager reuse still (CVE-2023-27538)
- fix GSS delegation too eager connection re-use (CVE-2023-27536)
- fix FTP too eager connection reuse (CVE-2023-27535)
- fix SFTP path ~ resolving discrepancy (CVE-2023-27534)
- fix TELNET option IAC injection (CVE-2023-27533)

Related CVEs

Updated Packages

Release/Architecture	Filename	MD5sum	Superseded By Advisory	Channel Label

Oracle Linux 9 (aarch64)	curl-7.76.1-26.el9.src.rpm	72e3c49a3bc8e13d87478bda1987c716	-	ol9_aarch64_appstream
	curl-7.76.1-26.el9.src.rpm	72e3c49a3bc8e13d87478bda1987c716	-	ol9_aarch64_baseos_latest
	curl-7.76.1-26.el9.src.rpm	72e3c49a3bc8e13d87478bda1987c716	-	ol9_aarch64_u3_baseos_base
	curl-7.76.1-26.el9.aarch64.rpm	914b363748630874690b057d9d4a092f	-	ol9_aarch64_baseos_latest
	curl-7.76.1-26.el9.aarch64.rpm	914b363748630874690b057d9d4a092f	-	ol9_aarch64_u3_baseos_base
	curl-minimal-7.76.1-26.el9.aarch64.rpm	61c76778ceb26c0bd3c9005203b6de77	-	ol9_aarch64_baseos_latest
	curl-minimal-7.76.1-26.el9.aarch64.rpm	61c76778ceb26c0bd3c9005203b6de77	-	ol9_aarch64_u3_baseos_base
	libcurl-7.76.1-26.el9.aarch64.rpm	8a349c12bff1ee53fc8d9f706982ce07	-	ol9_aarch64_baseos_latest
	libcurl-7.76.1-26.el9.aarch64.rpm	8a349c12bff1ee53fc8d9f706982ce07	-	ol9_aarch64_u3_baseos_base
	libcurl-devel-7.76.1-26.el9.aarch64.rpm	bf5c6e103cdc1a2de63bf78e49501773	-	ol9_aarch64_appstream
	libcurl-minimal-7.76.1-26.el9.aarch64.rpm	9dbad9e6229015e3d74927f547441b63	-	ol9_aarch64_baseos_latest
	libcurl-minimal-7.76.1-26.el9.aarch64.rpm	9dbad9e6229015e3d74927f547441b63	-	ol9_aarch64_u3_baseos_base

Oracle Linux 9 (x86_64)	curl-7.76.1-26.el9.src.rpm	72e3c49a3bc8e13d87478bda1987c716	-	ol9_x86_64_appstream
	curl-7.76.1-26.el9.src.rpm	72e3c49a3bc8e13d87478bda1987c716	-	ol9_x86_64_baseos_latest
	curl-7.76.1-26.el9.src.rpm	72e3c49a3bc8e13d87478bda1987c716	-	ol9_x86_64_u3_baseos_base
	curl-7.76.1-26.el9.x86_64.rpm	b7b2f31aae4837968ba4dcbb3832a58b	-	ol9_x86_64_baseos_latest
	curl-7.76.1-26.el9.x86_64.rpm	b7b2f31aae4837968ba4dcbb3832a58b	-	ol9_x86_64_u3_baseos_base
	curl-minimal-7.76.1-26.el9.x86_64.rpm	1de01bf2152022f7871377ebfc5094e1	-	ol9_x86_64_baseos_latest
	curl-minimal-7.76.1-26.el9.x86_64.rpm	1de01bf2152022f7871377ebfc5094e1	-	ol9_x86_64_u3_baseos_base
	libcurl-7.76.1-26.el9.i686.rpm	2b526089a9c6a4b10f7a86aad7748767	-	ol9_x86_64_baseos_latest
	libcurl-7.76.1-26.el9.i686.rpm	2b526089a9c6a4b10f7a86aad7748767	-	ol9_x86_64_u3_baseos_base
	libcurl-7.76.1-26.el9.x86_64.rpm	14ed67517042d757f74b71787e048392	-	ol9_x86_64_baseos_latest
	libcurl-7.76.1-26.el9.x86_64.rpm	14ed67517042d757f74b71787e048392	-	ol9_x86_64_u3_baseos_base
	libcurl-devel-7.76.1-26.el9.i686.rpm	f52ac0a9aeb7d0b1bcc12fa65a7666cf	-	ol9_x86_64_appstream
	libcurl-devel-7.76.1-26.el9.x86_64.rpm	f6f791133a362b2c66d6e753b4203be8	-	ol9_x86_64_appstream
	libcurl-minimal-7.76.1-26.el9.i686.rpm	360e61ab5e1ee26ac83583e5bf34d4c8	-	ol9_x86_64_baseos_latest
	libcurl-minimal-7.76.1-26.el9.i686.rpm	360e61ab5e1ee26ac83583e5bf34d4c8	-	ol9_x86_64_u3_baseos_base
	libcurl-minimal-7.76.1-26.el9.x86_64.rpm	0eb2e07758cd5ec5b176e6fd2a2283d5	-	ol9_x86_64_baseos_latest
	libcurl-minimal-7.76.1-26.el9.x86_64.rpm	0eb2e07758cd5ec5b176e6fd2a2283d5	-	ol9_x86_64_u3_baseos_base

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

Technical information

Oracle Linux Support

Connect

Contact Us

Global contacts
Oracle 1-800-633-0691