ELSA-2023-6679

ELSA-2023-6679 - curl security update

Type:SECURITY
Severity:MODERATE
Release Date:2023-11-11

Description


[7.76.1-26]
- unify the upload/method handling (CVE-2023-28322)
- fix host name wildcard checking (CVE-2023-28321)

[7.76.1-25]
- adapt the fix of CVE-2023-27535 for RHEL 9 curl

[7.76.1-24]
- fix SSH connection too eager reuse still (CVE-2023-27538)
- fix GSS delegation too eager connection re-use (CVE-2023-27536)
- fix FTP too eager connection reuse (CVE-2023-27535)
- fix SFTP path ~ resolving discrepancy (CVE-2023-27534)
- fix TELNET option IAC injection (CVE-2023-27533)


Related CVEs


CVE-2023-27533
CVE-2023-27536
CVE-2023-27538
CVE-2023-27534

Updated Packages


Release/ArchitectureFilenameMD5sumSuperseded By AdvisoryChannel Label
Oracle Linux 9 (aarch64) curl-7.76.1-26.el9.src.rpm72e3c49a3bc8e13d87478bda1987c716-ol9_aarch64_appstream
curl-7.76.1-26.el9.src.rpm72e3c49a3bc8e13d87478bda1987c716-ol9_aarch64_baseos_latest
curl-7.76.1-26.el9.src.rpm72e3c49a3bc8e13d87478bda1987c716-ol9_aarch64_u3_baseos_base
curl-7.76.1-26.el9.aarch64.rpm914b363748630874690b057d9d4a092f-ol9_aarch64_baseos_latest
curl-7.76.1-26.el9.aarch64.rpm914b363748630874690b057d9d4a092f-ol9_aarch64_u3_baseos_base
curl-minimal-7.76.1-26.el9.aarch64.rpm61c76778ceb26c0bd3c9005203b6de77-ol9_aarch64_baseos_latest
curl-minimal-7.76.1-26.el9.aarch64.rpm61c76778ceb26c0bd3c9005203b6de77-ol9_aarch64_u3_baseos_base
libcurl-7.76.1-26.el9.aarch64.rpm8a349c12bff1ee53fc8d9f706982ce07-ol9_aarch64_baseos_latest
libcurl-7.76.1-26.el9.aarch64.rpm8a349c12bff1ee53fc8d9f706982ce07-ol9_aarch64_u3_baseos_base
libcurl-devel-7.76.1-26.el9.aarch64.rpmbf5c6e103cdc1a2de63bf78e49501773-ol9_aarch64_appstream
libcurl-minimal-7.76.1-26.el9.aarch64.rpm9dbad9e6229015e3d74927f547441b63-ol9_aarch64_baseos_latest
libcurl-minimal-7.76.1-26.el9.aarch64.rpm9dbad9e6229015e3d74927f547441b63-ol9_aarch64_u3_baseos_base
Oracle Linux 9 (x86_64) curl-7.76.1-26.el9.src.rpm72e3c49a3bc8e13d87478bda1987c716-ol9_x86_64_appstream
curl-7.76.1-26.el9.src.rpm72e3c49a3bc8e13d87478bda1987c716-ol9_x86_64_baseos_latest
curl-7.76.1-26.el9.src.rpm72e3c49a3bc8e13d87478bda1987c716-ol9_x86_64_u3_baseos_base
curl-7.76.1-26.el9.x86_64.rpmb7b2f31aae4837968ba4dcbb3832a58b-ol9_x86_64_baseos_latest
curl-7.76.1-26.el9.x86_64.rpmb7b2f31aae4837968ba4dcbb3832a58b-ol9_x86_64_u3_baseos_base
curl-minimal-7.76.1-26.el9.x86_64.rpm1de01bf2152022f7871377ebfc5094e1-ol9_x86_64_baseos_latest
curl-minimal-7.76.1-26.el9.x86_64.rpm1de01bf2152022f7871377ebfc5094e1-ol9_x86_64_u3_baseos_base
libcurl-7.76.1-26.el9.i686.rpm2b526089a9c6a4b10f7a86aad7748767-ol9_x86_64_baseos_latest
libcurl-7.76.1-26.el9.i686.rpm2b526089a9c6a4b10f7a86aad7748767-ol9_x86_64_u3_baseos_base
libcurl-7.76.1-26.el9.x86_64.rpm14ed67517042d757f74b71787e048392-ol9_x86_64_baseos_latest
libcurl-7.76.1-26.el9.x86_64.rpm14ed67517042d757f74b71787e048392-ol9_x86_64_u3_baseos_base
libcurl-devel-7.76.1-26.el9.i686.rpmf52ac0a9aeb7d0b1bcc12fa65a7666cf-ol9_x86_64_appstream
libcurl-devel-7.76.1-26.el9.x86_64.rpmf6f791133a362b2c66d6e753b4203be8-ol9_x86_64_appstream
libcurl-minimal-7.76.1-26.el9.i686.rpm360e61ab5e1ee26ac83583e5bf34d4c8-ol9_x86_64_baseos_latest
libcurl-minimal-7.76.1-26.el9.i686.rpm360e61ab5e1ee26ac83583e5bf34d4c8-ol9_x86_64_u3_baseos_base
libcurl-minimal-7.76.1-26.el9.x86_64.rpm0eb2e07758cd5ec5b176e6fd2a2283d5-ol9_x86_64_baseos_latest
libcurl-minimal-7.76.1-26.el9.x86_64.rpm0eb2e07758cd5ec5b176e6fd2a2283d5-ol9_x86_64_u3_baseos_base



This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

software.hardware.complete