| Revision Date: | 2021-05-26 | Version: | 1 |
| Title: | (Moderate) |
| Description: |
This update for curl fixes the following issues:
- CVE-2021-22898: Fixed curl TELNET stack contents disclosure (bsc#1186114). - Allow partial chain verification [jsc#SLE-17956] * Have intermediate certificates in the trust store be treated as trust-anchors, in the same way as self-signed root CA certificates are. This allows users to verify servers using the intermediate cert only, instead of needing the whole chain. * Set FLAG_TRUSTED_FIRST unconditionally. * Do not check partial chains with CRL check.
|
| Family: | unix | Class: | patch |
| Status: | | Reference(s): | 1186114
CVE-2016-4912
CVE-2016-7567
CVE-2017-17833
CVE-2021-22898
|
| Platform(s): | Image SLES15-SP3-Manager-4-2-Server-BYOS-GCE
SUSE Linux Enterprise Desktop 15 SP2
SUSE Linux Enterprise High Performance Computing 15 SP2
SUSE Linux Enterprise Module for Basesystem 15 SP2
SUSE Linux Enterprise Server 15 SP2
SUSE Linux Enterprise Server for SAP Applications 15 SP2
SUSE Linux Enterprise Storage 7
SUSE Manager Proxy 4.1
SUSE Manager Server 4.1
| Product(s): | |
| Definition Synopsis |
| Image SLES15-SP3-Manager-4-2-Server-BYOS-GCE is installed AND Package Information
curl-7.66.0-4.17.1 is installed
OR libcurl4-7.66.0-4.17.1 is installed
|
| Definition Synopsis |
| SUSE Linux Enterprise Module for Basesystem 15 SP2 is installed
AND Package Information
openslp-2.0.0-6.12.2 is installed
OR openslp-32bit-2.0.0-6.12.2 is installed
OR openslp-devel-2.0.0-6.12.2 is installed
|