ELSA-2023-6679

ULN >
Oracle Linux Errata repository >
ELSA-2023-6679

ELSA-2023-6679 - curl security update

Type:	SECURITY
Impact:	MODERATE
Release Date:	2023-11-11

Description

[7.76.1-26]
- unify the upload/method handling (CVE-2023-28322)
- fix host name wildcard checking (CVE-2023-28321)

[7.76.1-25]
- adapt the fix of CVE-2023-27535 for RHEL 9 curl

[7.76.1-24]
- fix SSH connection too eager reuse still (CVE-2023-27538)
- fix GSS delegation too eager connection re-use (CVE-2023-27536)
- fix FTP too eager connection reuse (CVE-2023-27535)
- fix SFTP path ~ resolving discrepancy (CVE-2023-27534)
- fix TELNET option IAC injection (CVE-2023-27533)

Related CVEs

Updated Packages

Release/Architecture	Filename	sha256	Superseded By Advisory	Channel Label

Oracle Linux 9 (aarch64)	curl-7.76.1-26.el9.src.rpm	3edcc8e4a4845ec6ef0d4e6cea737f198d31aaaacacccb68c476c9903d2fa8a3	-	ol9_aarch64_appstream
	curl-7.76.1-26.el9.src.rpm	3edcc8e4a4845ec6ef0d4e6cea737f198d31aaaacacccb68c476c9903d2fa8a3	-	ol9_aarch64_baseos_latest
	curl-7.76.1-26.el9.src.rpm	3edcc8e4a4845ec6ef0d4e6cea737f198d31aaaacacccb68c476c9903d2fa8a3	-	ol9_aarch64_u3_baseos_base
	curl-7.76.1-26.el9.aarch64.rpm	63185b8ca2339dee586611a8337030542547d20a41eaa9546f782c9299e0533b	-	ol9_aarch64_baseos_latest
	curl-7.76.1-26.el9.aarch64.rpm	63185b8ca2339dee586611a8337030542547d20a41eaa9546f782c9299e0533b	-	ol9_aarch64_u3_baseos_base
	curl-minimal-7.76.1-26.el9.aarch64.rpm	1db2d7f95f697473811d8a66ee4703de10417b45b29e2e6f563bbfa03d6a61fa	-	ol9_aarch64_baseos_latest
	curl-minimal-7.76.1-26.el9.aarch64.rpm	1db2d7f95f697473811d8a66ee4703de10417b45b29e2e6f563bbfa03d6a61fa	-	ol9_aarch64_u3_baseos_base
	libcurl-7.76.1-26.el9.aarch64.rpm	72f31a94404b1d7f6c3f7ca35ce3bcabaf928dd5d95f16131048c8f049319aaf	-	ol9_aarch64_baseos_latest
	libcurl-7.76.1-26.el9.aarch64.rpm	72f31a94404b1d7f6c3f7ca35ce3bcabaf928dd5d95f16131048c8f049319aaf	-	ol9_aarch64_u3_baseos_base
	libcurl-devel-7.76.1-26.el9.aarch64.rpm	317618b01e3c3cc20c70fde14b3d5496c3a1d4bf5da1fe71f8ed957e85fb033e	-	ol9_aarch64_appstream
	libcurl-minimal-7.76.1-26.el9.aarch64.rpm	effbfff5a8788ed0f7acc80ba87f7ff3e48d8b7c40df14a16fab6dd7bb67b061	-	ol9_aarch64_baseos_latest
	libcurl-minimal-7.76.1-26.el9.aarch64.rpm	effbfff5a8788ed0f7acc80ba87f7ff3e48d8b7c40df14a16fab6dd7bb67b061	-	ol9_aarch64_u3_baseos_base

Oracle Linux 9 (x86_64)	curl-7.76.1-26.el9.src.rpm	3edcc8e4a4845ec6ef0d4e6cea737f198d31aaaacacccb68c476c9903d2fa8a3	-	ol9_x86_64_appstream
	curl-7.76.1-26.el9.src.rpm	3edcc8e4a4845ec6ef0d4e6cea737f198d31aaaacacccb68c476c9903d2fa8a3	-	ol9_x86_64_baseos_latest
	curl-7.76.1-26.el9.src.rpm	3edcc8e4a4845ec6ef0d4e6cea737f198d31aaaacacccb68c476c9903d2fa8a3	-	ol9_x86_64_u3_baseos_base
	curl-7.76.1-26.el9.x86_64.rpm	10aa508200621633f93e4b19a91d34944cc00a72fd3fc6d262d64f9b9aac8b5b	-	ol9_x86_64_baseos_latest
	curl-7.76.1-26.el9.x86_64.rpm	10aa508200621633f93e4b19a91d34944cc00a72fd3fc6d262d64f9b9aac8b5b	-	ol9_x86_64_u3_baseos_base
	curl-minimal-7.76.1-26.el9.x86_64.rpm	48cb70b3819e9ad8a6abdb1b29a24719b0cc305617ff5accbf54e596efa04777	-	ol9_x86_64_baseos_latest
	curl-minimal-7.76.1-26.el9.x86_64.rpm	48cb70b3819e9ad8a6abdb1b29a24719b0cc305617ff5accbf54e596efa04777	-	ol9_x86_64_u3_baseos_base
	libcurl-7.76.1-26.el9.i686.rpm	54b4df24f0fcf85043600ec2aaa9a68d33d9a62e99014342697e8a8ca5f7da60	-	ol9_x86_64_baseos_latest
	libcurl-7.76.1-26.el9.i686.rpm	54b4df24f0fcf85043600ec2aaa9a68d33d9a62e99014342697e8a8ca5f7da60	-	ol9_x86_64_u3_baseos_base
	libcurl-7.76.1-26.el9.x86_64.rpm	8e11d8422b95117fbe380c2a9eb22311ea60691fbf15cbe86f4e1cc87574dbd9	-	ol9_x86_64_baseos_latest
	libcurl-7.76.1-26.el9.x86_64.rpm	8e11d8422b95117fbe380c2a9eb22311ea60691fbf15cbe86f4e1cc87574dbd9	-	ol9_x86_64_u3_baseos_base
	libcurl-devel-7.76.1-26.el9.i686.rpm	889044d6a3f54f73d50200698e78c4edccd84d18b5d73c2b2f6cc9c6f0139a12	-	ol9_x86_64_appstream
	libcurl-devel-7.76.1-26.el9.x86_64.rpm	9cad3a5b8ef2e71e35296d1e39dd62f6f7a8d1b0e1fb009ca13eea2ed3b5fa11	-	ol9_x86_64_appstream
	libcurl-minimal-7.76.1-26.el9.i686.rpm	588e3e9a165092cf2908609b3544864c5cac66ce780f897ba969e0cce120de52	-	ol9_x86_64_baseos_latest
	libcurl-minimal-7.76.1-26.el9.i686.rpm	588e3e9a165092cf2908609b3544864c5cac66ce780f897ba969e0cce120de52	-	ol9_x86_64_u3_baseos_base
	libcurl-minimal-7.76.1-26.el9.x86_64.rpm	23c3040b9cd33c8b79a41036a90bcb1688b18b3175c3edc0a88f7a596d124261	-	ol9_x86_64_baseos_latest
	libcurl-minimal-7.76.1-26.el9.x86_64.rpm	23c3040b9cd33c8b79a41036a90bcb1688b18b3175c3edc0a88f7a596d124261	-	ol9_x86_64_u3_baseos_base

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

Technical information

Oracle Linux Support

Connect

Contact Us

Global contacts
Oracle 1-800-633-0691