Oval Definition:oval:org.opensuse.security:def:110915
Revision Date:2020-12-13Version:1
Title:Security update for curl (Moderate)
Description:

This update for curl fixes the following issues:

- CVE-2020-8286: Fixed improper OSCP verification in the client side (bsc#1179593). - CVE-2020-8285: Fixed a stack overflow due to FTP wildcard (bsc#1179399). - CVE-2020-8284: Fixed an issue where a malicius FTP server could make curl connect to a different IP (bsc#1179398).

This update was imported from the SUSE:SLE-15-SP2:Update update project.
Family:unixClass:patch
Status:Reference(s):1179398
1179399
1179593
CVE-2020-8284
CVE-2020-8285
CVE-2020-8286
openSUSE-SU-2020:2238-1
Platform(s):openSUSE Leap 15.2
Product(s):
Definition Synopsis
  • openSUSE Leap 15.2 is installed
  • AND Package Information
  • curl-7.66.0-lp152.3.12.1 is installed
  • OR curl-mini-7.66.0-lp152.3.12.1 is installed
  • OR libcurl-devel-7.66.0-lp152.3.12.1 is installed
  • OR libcurl-devel-32bit-7.66.0-lp152.3.12.1 is installed
  • OR libcurl-mini-devel-7.66.0-lp152.3.12.1 is installed
  • OR libcurl4-7.66.0-lp152.3.12.1 is installed
  • OR libcurl4-32bit-7.66.0-lp152.3.12.1 is installed
  • OR libcurl4-mini-7.66.0-lp152.3.12.1 is installed
    • BACK