OVMSA-2017-0059 - curl security update
| Type: | SECURITY |
| Severity: | MODERATE |
| Release Date: | 2017-03-30 |
Description
[7.19.7-53]
- treat Negotiate authentication as connection-oriented (CVE-2017-2628)
[7.19.7-52]
- fix a bug in DNS caching code that causes a memory leak (#1302893)
[7.19.7-51]
- SSH: make CURLOPT_SSH_PUBLIC_KEYFILE treat '' as NULL (#1260742)
[7.19.7-50]
- use the default min/max TLS version provided by NSS (#1289205)
[7.19.7-49]
- prevent NSS from incorrectly re-using a session (#1269660)
- prevent test46 from failing due to expired cookie (#1277551)
[7.19.7-48]
- SSH: do not require public key file for user authentication (#1260742)
[7.19.7-47]
- make SCP/SFTP work with --proxytunnel (#1258566)
Related CVEs
Updated Packages
| Release/Architecture | Filename | MD5sum | Superseded By Advisory |
|
| Oracle VM 3.3 (x86_64) | curl-7.19.7-53.el6_9.src.rpm | d0eaf91398d24985f39f3c0f6d0092cf | OVMSA-2020-0035 |
| curl-7.19.7-53.el6_9.x86_64.rpm | db662c1757a40e4e506ead9b446ee949 | OVMSA-2020-0035 |
| libcurl-7.19.7-53.el6_9.x86_64.rpm | 1d9b05c590a83e265de2db25b655946c | OVMSA-2020-0035 |
|
| Oracle VM 3.4 (x86_64) | curl-7.19.7-53.el6_9.src.rpm | d0eaf91398d24985f39f3c0f6d0092cf | OVMSA-2020-0035 |
| curl-7.19.7-53.el6_9.x86_64.rpm | db662c1757a40e4e506ead9b446ee949 | OVMSA-2020-0035 |
| libcurl-7.19.7-53.el6_9.x86_64.rpm | 1d9b05c590a83e265de2db25b655946c | OVMSA-2020-0035 |
This page is generated automatically and has not been checked for errors or omissions. For clarification
or corrections please contact the Oracle Linux ULN team
