| Revision Date: | 2021-05-26 | Version: | 1 |
| Title: | Security update for curl (Moderate) |
| Description: |
This update for curl fixes the following issues:
- CVE-2021-22898: Fixed curl TELNET stack contents disclosure (bsc#1186114). - Allow partial chain verification [jsc#SLE-17956] * Have intermediate certificates in the trust store be treated as trust-anchors, in the same way as self-signed root CA certificates are. This allows users to verify servers using the intermediate cert only, instead of needing the whole chain. * Set FLAG_TRUSTED_FIRST unconditionally. * Do not check partial chains with CRL check.
|
| Family: | unix | Class: | patch |
| Status: | | Reference(s): | 1186114
CVE-2021-22898
SUSE-SU-2021:1762-1
|
| Platform(s): | SUSE Linux Enterprise Desktop 15 SP2
SUSE Linux Enterprise High Performance Computing 15 SP2
SUSE Linux Enterprise Module for Basesystem 15 SP2
SUSE Linux Enterprise Server 15 SP2
SUSE Linux Enterprise Server for SAP Applications 15 SP2
SUSE Linux Enterprise Storage 7
SUSE Manager Proxy 4.1
SUSE Manager Server 4.1
| Product(s): | |
| Definition Synopsis |
| SUSE Linux Enterprise Module for Basesystem 15 SP2 is installed AND Package Information
curl-7.66.0-4.17.1 is installed
OR libcurl-devel-7.66.0-4.17.1 is installed
OR libcurl4-7.66.0-4.17.1 is installed
OR libcurl4-32bit-7.66.0-4.17.1 is installed
|