Oval Definition:oval:org.opensuse.security:def:5850
Revision Date:2021-10-06Version:1
Title:Security update for curl (Moderate)
Description:

This update for curl fixes the following issues:

- CVE-2021-22947: Fixed STARTTLS protocol injection via MITM (bsc#1190374). - CVE-2021-22946: Fixed protocol downgrade required TLS bypassed (bsc#1190373).
Family:unixClass:patch
Status:Reference(s):1190373
1190374
CVE-2006-2607
CVE-2006-4197
CVE-2009-0790
CVE-2009-2666
CVE-2010-0424
CVE-2010-1167
CVE-2010-2891
CVE-2011-1947
CVE-2011-3389
CVE-2012-2388
CVE-2012-2673
CVE-2012-2812
CVE-2012-2813
CVE-2012-2814
CVE-2012-2836
CVE-2012-2837
CVE-2012-2840
CVE-2012-2841
CVE-2012-3355
CVE-2012-3482
CVE-2013-2944
CVE-2013-5018
CVE-2013-6075
CVE-2013-6076
CVE-2013-6369
CVE-2014-0011
CVE-2014-1932
CVE-2014-2338
CVE-2014-8104
CVE-2014-8240
CVE-2014-9221
CVE-2014-9622
CVE-2015-0255
CVE-2015-0840
CVE-2015-4171
CVE-2015-8023
CVE-2015-8025
CVE-2016-6329
CVE-2016-9427
CVE-2017-7478
CVE-2017-7479
CVE-2017-7508
CVE-2017-7520
CVE-2017-7521
CVE-2021-22946
CVE-2021-22947
Platform(s):openSUSE 13.1
openSUSE 13.1 NonFree
openSUSE 13.2
openSUSE 13.2 NonFree
SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5
SUSE Linux Enterprise Build System Kit 12
SUSE Linux Enterprise Build System Kit 12 SP1
SUSE Linux Enterprise Build System Kit 12 SP2
SUSE Linux Enterprise Build System Kit 12 SP3
SUSE Linux Enterprise Desktop 12
SUSE Linux Enterprise Desktop 12 SP1
SUSE Linux Enterprise Desktop 12 SP2
SUSE Linux Enterprise Desktop 12 SP3
SUSE Linux Enterprise Desktop 12 SP4
SUSE Linux Enterprise for SAP 12
SUSE Linux Enterprise for SAP 12 SP1
SUSE Linux Enterprise High Availability 12
SUSE Linux Enterprise High Availability 12 SP1
SUSE Linux Enterprise High Availability 12 SP2
SUSE Linux Enterprise High Availability 12 SP3
SUSE Linux Enterprise High Performance Computing 12 SP5
SUSE Linux Enterprise Live Patching 12
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP2
SUSE Linux Enterprise Real Time Extension 12 SP1
SUSE Linux Enterprise Real Time Extension 12 SP2
SUSE Linux Enterprise Server 11 SP1-LTSS
SUSE Linux Enterprise Server 11 SP2
SUSE Linux Enterprise Server 11 SP2-LTSS
SUSE Linux Enterprise Server 11 SP3
SUSE Linux Enterprise Server 11 SP3-LTSS
SUSE Linux Enterprise Server 11 SP4
SUSE Linux Enterprise Server 12
SUSE Linux Enterprise Server 12 SP1
SUSE Linux Enterprise Server 12 SP2
SUSE Linux Enterprise Server 12 SP3
SUSE Linux Enterprise Server 12 SP4
SUSE Linux Enterprise Server for Raspberry Pi 12 SP2
SUSE Linux Enterprise Server for SAP Applications 12 SP1
SUSE Linux Enterprise Server for SAP Applications 12 SP2
SUSE Linux Enterprise Server for VMWare 11 SP3
SUSE Linux Enterprise Software Development Kit 11 SP3
SUSE Linux Enterprise Software Development Kit 11 SP4
SUSE Linux Enterprise Software Development Kit 12
SUSE Linux Enterprise Software Development Kit 12 SP1
SUSE Linux Enterprise Software Development Kit 12 SP2
SUSE Linux Enterprise Software Development Kit 12 SP4
SUSE Linux Enterprise Workstation Extension 12
SUSE Linux Enterprise Workstation Extension 12 SP1
SUSE Linux Enterprise Workstation Extension 12 SP2
SUSE Linux Enterprise Workstation Extension 12 SP3
SUSE Linux Enterprise Workstation Extension 12 SP4
SUSE OpenStack Cloud 6
Product(s):
Definition Synopsis
  • SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5 is installed
  • AND Package Information
  • dnsmasq-2.71-4.1 is installed
  • OR dnsmasq-utils-2.71-4.1 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Build System Kit 12 is installed
  • AND Package Information
  • libreoffice-4.3.3.2-6 is installed
  • OR libreoffice-sdk-4.3.3.2-6 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Build System Kit 12 SP1 is installed
  • AND kernel-zfcpdump-3.12.53-60.30 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Build System Kit 12 SP2 is installed
  • AND kernel-zfcpdump-4.4.74-92.32 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Build System Kit 12 SP3 is installed
  • AND Package Information
  • libpoppler-cpp0-0.43.0-16.5 is installed
  • OR poppler-0.43.0-16.5 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 is installed
  • AND Package Information
  • libexif12-0.6.21-6 is installed
  • OR libexif12-32bit-0.6.21-6 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP2 is installed
  • AND Package Information
  • strongswan-5.1.3-22 is installed
  • OR strongswan-doc-5.1.3-22 is installed
  • OR strongswan-ipsec-5.1.3-22 is installed
  • OR strongswan-libs0-5.1.3-22 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP3 is installed
  • AND Package Information
  • cron-4.2-58 is installed
  • OR cronie-1.4.11-58 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP4 is installed
  • AND Package Information
  • DirectFB-1.7.1-6 is installed
  • OR lib++dfb-1_7-1-1.7.1-6 is installed
  • OR libdirectfb-1_7-1-1.7.1-6 is installed
  • OR libdirectfb-1_7-1-32bit-1.7.1-6 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise for SAP 12 is installed
  • AND Package Information
  • kgraft-patch-3_12_51-52_39-default-4-2.2 is installed
  • OR kgraft-patch-3_12_51-52_39-xen-4-2.2 is installed
  • OR kgraft-patch-SLE12_Update_11-4-2.2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise for SAP 12 SP1 is installed
  • AND Package Information
  • compat-openssl098-0.9.8j-97.1 is installed
  • OR libopenssl0_9_8-0.9.8j-97.1 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise High Availability 12 is installed
  • AND Package Information
  • conntrack-tools-1.4.2-5 is installed
  • OR libnetfilter_cthelper-1.0.0-7 is installed
  • OR libnetfilter_cthelper0-1.0.0-7 is installed
  • OR libnetfilter_cttimeout-1.0.0-9 is installed
  • OR libnetfilter_cttimeout1-1.0.0-9 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise High Availability 12 SP1 is installed
  • AND Package Information
  • ctdb-4.2.4-26 is installed
  • OR samba-4.2.4-26 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise High Availability 12 SP2 is installed
  • AND Package Information
  • cluster-md-kmp-default-4.4.21-69 is installed
  • OR cluster-network-kmp-default-4.4.21-69 is installed
  • OR dlm-kmp-default-4.4.21-69 is installed
  • OR gfs2-kmp-default-4.4.21-69 is installed
  • OR ocfs2-kmp-default-4.4.21-69 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise High Availability 12 SP3 is installed
  • AND lighttpd-1.4.35-3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise High Performance Computing 12 SP5 is installed
  • AND Package Information
  • DirectFB-1.7.1-6 is installed
  • OR lib++dfb-1_7-1-1.7.1-6 is installed
  • OR libdirectfb-1_7-1-1.7.1-6 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Live Patching 12 is installed
  • AND Package Information
  • kgraft-patch-3_12_36-38-default-3-2 is installed
  • OR kgraft-patch-3_12_36-38-xen-3-2 is installed
  • OR kgraft-patch-SLE12_Update_2-3-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Real Time Extension 12 SP1 is installed
  • AND Package Information
  • kernel-compute-3.12.58-14.1 is installed
  • OR kernel-compute-base-3.12.58-14.1 is installed
  • OR kernel-compute-devel-3.12.58-14.1 is installed
  • OR kernel-compute_debug-3.12.58-14.1 is installed
  • OR kernel-compute_debug-devel-3.12.58-14.1 is installed
  • OR kernel-devel-rt-3.12.58-14.1 is installed
  • OR kernel-rt-3.12.58-14.1 is installed
  • OR kernel-rt-base-3.12.58-14.1 is installed
  • OR kernel-rt-devel-3.12.58-14.1 is installed
  • OR kernel-rt_debug-3.12.58-14.1 is installed
  • OR kernel-rt_debug-devel-3.12.58-14.1 is installed
  • OR kernel-source-rt-3.12.58-14.1 is installed
  • OR kernel-syms-rt-3.12.58-14.1 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Real Time Extension 12 SP2 is installed
  • AND Package Information
  • cluster-md-kmp-rt-4.4.88-18.1 is installed
  • OR cluster-network-kmp-rt-4.4.88-18.1 is installed
  • OR dlm-kmp-rt-4.4.88-18.1 is installed
  • OR gfs2-kmp-rt-4.4.88-18.1 is installed
  • OR kernel-devel-rt-4.4.88-18.1 is installed
  • OR kernel-rt-4.4.88-18.1 is installed
  • OR kernel-rt-base-4.4.88-18.1 is installed
  • OR kernel-rt-devel-4.4.88-18.1 is installed
  • OR kernel-rt_debug-4.4.88-18.1 is installed
  • OR kernel-rt_debug-devel-4.4.88-18.1 is installed
  • OR kernel-source-rt-4.4.88-18.1 is installed
  • OR kernel-syms-rt-4.4.88-18.1 is installed
  • OR ocfs2-kmp-rt-4.4.88-18.1 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 11 SP1-LTSS is installed
  • AND Package Information
  • MozillaFirefox-17.0.10esr-0.4.2.1 is installed
  • OR MozillaFirefox-branding-SLED-7-0.6.9.60 is installed
  • OR MozillaFirefox-translations-17.0.10esr-0.4.2.1 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 11 SP2 is installed
  • AND Package Information
  • apache2-mod_php53-5.3.8-0.19.6 is installed
  • OR php53-5.3.8-0.19.6 is installed
  • OR php53-bcmath-5.3.8-0.19.6 is installed
  • OR php53-bz2-5.3.8-0.19.6 is installed
  • OR php53-calendar-5.3.8-0.19.6 is installed
  • OR php53-ctype-5.3.8-0.19.6 is installed
  • OR php53-curl-5.3.8-0.19.6 is installed
  • OR php53-dba-5.3.8-0.19.6 is installed
  • OR php53-dom-5.3.8-0.19.6 is installed
  • OR php53-exif-5.3.8-0.19.6 is installed
  • OR php53-fastcgi-5.3.8-0.19.6 is installed
  • OR php53-fileinfo-5.3.8-0.19.6 is installed
  • OR php53-ftp-5.3.8-0.19.6 is installed
  • OR php53-gd-5.3.8-0.19.6 is installed
  • OR php53-gettext-5.3.8-0.19.6 is installed
  • OR php53-gmp-5.3.8-0.19.6 is installed
  • OR php53-iconv-5.3.8-0.19.6 is installed
  • OR php53-intl-5.3.8-0.19.6 is installed
  • OR php53-json-5.3.8-0.19.6 is installed
  • OR php53-ldap-5.3.8-0.19.6 is installed
  • OR php53-mbstring-5.3.8-0.19.6 is installed
  • OR php53-mcrypt-5.3.8-0.19.6 is installed
  • OR php53-mysql-5.3.8-0.19.6 is installed
  • OR php53-odbc-5.3.8-0.19.6 is installed
  • OR php53-openssl-5.3.8-0.19.6 is installed
  • OR php53-pcntl-5.3.8-0.19.6 is installed
  • OR php53-pdo-5.3.8-0.19.6 is installed
  • OR php53-pear-5.3.8-0.19.6 is installed
  • OR php53-pgsql-5.3.8-0.19.6 is installed
  • OR php53-pspell-5.3.8-0.19.6 is installed
  • OR php53-shmop-5.3.8-0.19.6 is installed
  • OR php53-snmp-5.3.8-0.19.6 is installed
  • OR php53-soap-5.3.8-0.19.6 is installed
  • OR php53-suhosin-5.3.8-0.19.6 is installed
  • OR php53-sysvmsg-5.3.8-0.19.6 is installed
  • OR php53-sysvsem-5.3.8-0.19.6 is installed
  • OR php53-sysvshm-5.3.8-0.19.6 is installed
  • OR php53-tokenizer-5.3.8-0.19.6 is installed
  • OR php53-wddx-5.3.8-0.19.6 is installed
  • OR php53-xmlreader-5.3.8-0.19.6 is installed
  • OR php53-xmlrpc-5.3.8-0.19.6 is installed
  • OR php53-xmlwriter-5.3.8-0.19.6 is installed
  • OR php53-xsl-5.3.8-0.19.6 is installed
  • OR php53-zip-5.3.8-0.19.6 is installed
  • OR php53-zlib-5.3.8-0.19.6 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 11 SP2-LTSS is installed
  • AND Package Information
  • java-1_7_0-ibm-1.7.0_sr9.30-45.1 is installed
  • OR java-1_7_0-ibm-alsa-1.7.0_sr9.30-45.1 is installed
  • OR java-1_7_0-ibm-devel-1.7.0_sr9.30-45.1 is installed
  • OR java-1_7_0-ibm-jdbc-1.7.0_sr9.30-45.1 is installed
  • OR java-1_7_0-ibm-plugin-1.7.0_sr9.30-45.1 is installed
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Server 11 SP3 is installed
  • AND
  • glibc-2.11.3-17.95.2 is installed
  • OR glibc-32bit-2.11.3-17.95.2 is installed
  • OR glibc-devel-2.11.3-17.95.2 is installed
  • OR glibc-devel-32bit-2.11.3-17.95.2 is installed
  • OR glibc-html-2.11.3-17.95.2 is installed
  • OR glibc-i18ndata-2.11.3-17.95.2 is installed
  • OR glibc-info-2.11.3-17.95.2 is installed
  • OR glibc-locale-2.11.3-17.95.2 is installed
  • OR glibc-locale-32bit-2.11.3-17.95.2 is installed
  • OR glibc-locale-x86-2.11.3-17.95.2 is installed
  • OR glibc-profile-2.11.3-17.95.2 is installed
  • OR glibc-profile-32bit-2.11.3-17.95.2 is installed
  • OR glibc-profile-x86-2.11.3-17.95.2 is installed
  • OR glibc-x86-2.11.3-17.95.2 is installed
  • OR nscd-2.11.3-17.95.2 is installed
  • OR Package Information
  • SUSE Linux Enterprise Server for VMWare 11 SP3 is installed
  • AND
  • glibc-2.11.3-17.95.2 is installed
  • OR glibc-32bit-2.11.3-17.95.2 is installed
  • OR glibc-devel-2.11.3-17.95.2 is installed
  • OR glibc-devel-32bit-2.11.3-17.95.2 is installed
  • OR glibc-html-2.11.3-17.95.2 is installed
  • OR glibc-i18ndata-2.11.3-17.95.2 is installed
  • OR glibc-info-2.11.3-17.95.2 is installed
  • OR glibc-locale-2.11.3-17.95.2 is installed
  • OR glibc-locale-32bit-2.11.3-17.95.2 is installed
  • OR glibc-locale-x86-2.11.3-17.95.2 is installed
  • OR glibc-profile-2.11.3-17.95.2 is installed
  • OR glibc-profile-32bit-2.11.3-17.95.2 is installed
  • OR glibc-profile-x86-2.11.3-17.95.2 is installed
  • OR glibc-x86-2.11.3-17.95.2 is installed
  • OR nscd-2.11.3-17.95.2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 11 SP3 is installed
  • AND Package Information
  • bzip2-1.0.5-34.253.1 is installed
  • OR bzip2-doc-1.0.5-34.253.1 is installed
  • OR libbz2-1-1.0.5-34.253.1 is installed
  • OR libbz2-1-32bit-1.0.5-34.253.1 is installed
  • OR libbz2-1-x86-1.0.5-34.253.1 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 11 SP4 is installed
  • AND Package Information
  • curl-7.19.7-1.42.1 is installed
  • OR libcurl4-7.19.7-1.42.1 is installed
  • OR libcurl4-32bit-7.19.7-1.42.1 is installed
  • OR libcurl4-x86-7.19.7-1.42.1 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 is installed
  • AND Package Information
  • cyrus-sasl-2.1.26-7 is installed
  • OR cyrus-sasl-32bit-2.1.26-7 is installed
  • OR cyrus-sasl-crammd5-2.1.26-7 is installed
  • OR cyrus-sasl-crammd5-32bit-2.1.26-7 is installed
  • OR cyrus-sasl-digestmd5-2.1.26-7 is installed
  • OR cyrus-sasl-gssapi-2.1.26-7 is installed
  • OR cyrus-sasl-gssapi-32bit-2.1.26-7 is installed
  • OR cyrus-sasl-otp-2.1.26-7 is installed
  • OR cyrus-sasl-otp-32bit-2.1.26-7 is installed
  • OR cyrus-sasl-plain-2.1.26-7 is installed
  • OR cyrus-sasl-plain-32bit-2.1.26-7 is installed
  • OR cyrus-sasl-saslauthd-2.1.26-7 is installed
  • OR cyrus-sasl-sqlauxprop-2.1.26-7 is installed
  • OR cyrus-sasl-sqlauxprop-32bit-2.1.26-7 is installed
  • OR libsasl2-3-2.1.26-7 is installed
  • OR libsasl2-3-32bit-2.1.26-7 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1 is installed
  • AND Package Information
  • DirectFB-1.7.1-4 is installed
  • OR lib++dfb-1_7-1-1.7.1-4 is installed
  • OR libdirectfb-1_7-1-1.7.1-4 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2 is installed
  • AND Package Information
  • MozillaFirefox-45.4.0esr-81 is installed
  • OR MozillaFirefox-translations-45.4.0esr-81 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3 is installed
  • AND chrony-2.3-3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4 is installed
  • AND Package Information
  • libxerces-c-3_1-3.1.1-12 is installed
  • OR libxerces-c-3_1-32bit-3.1.1-12 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server for Raspberry Pi 12 SP2 is installed
  • AND Package Information
  • MozillaFirefox-45.4.0esr-81 is installed
  • OR MozillaFirefox-translations-45.4.0esr-81 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server for SAP Applications 12 SP1 is installed
  • AND Package Information
  • curl-7.37.0-37.43 is installed
  • OR libcurl4-7.37.0-37.43 is installed
  • OR libcurl4-32bit-7.37.0-37.43 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server for SAP Applications 12 SP2 is installed
  • AND Package Information
  • git-2.12.3-27.14 is installed
  • OR git-core-2.12.3-27.14 is installed
  • OR git-doc-2.12.3-27.14 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Software Development Kit 11 SP3 is installed
  • AND Package Information
  • freetype2-devel-2.3.7-25.34.1 is installed
  • OR freetype2-devel-32bit-2.3.7-25.34.1 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Software Development Kit 11 SP4 is installed
  • AND Package Information
  • OpenEXR-32bit-1.6.1-83.17.1 is installed
  • OR OpenEXR-devel-1.6.1-83.17.1 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Software Development Kit 12 is installed
  • AND aaa_base-malloccheck-13.2+git20140911.61c1681-1 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Software Development Kit 12 SP1 is installed
  • AND Package Information
  • binutils-devel-2.25.0-13 is installed
  • OR binutils-gold-2.25.0-13 is installed
  • OR cross-ppc-binutils-2.25.0-13 is installed
  • OR cross-spu-binutils-2.25.0-13 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Software Development Kit 12 SP2 is installed
  • AND alsa-devel-1.0.27.2-11 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Software Development Kit 12 SP4 is installed
  • AND slf4j-1.7.12-3.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Workstation Extension 12 is installed
  • AND Package Information
  • gcc48-gij-4.8.3+r212056-6 is installed
  • OR gcc48-gij-32bit-4.8.3+r212056-6 is installed
  • OR libgcj48-4.8.3+r212056-6 is installed
  • OR libgcj48-32bit-4.8.3+r212056-6 is installed
  • OR libgcj48-jar-4.8.3+r212056-6 is installed
  • OR libgcj_bc1-4.8.3+r212056-6 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Workstation Extension 12 SP1 is installed
  • AND bogofilter-1.2.4-3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Workstation Extension 12 SP2 is installed
  • AND argyllcms-1.6.3-3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Workstation Extension 12 SP3 is installed
  • AND Package Information
  • NetworkManager-1.0.12-12 is installed
  • OR NetworkManager-lang-1.0.12-12 is installed
  • OR typelib-1_0-NM-1_0-1.0.12-12 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Workstation Extension 12 SP4 is installed
  • AND Package Information
  • dia-0.97.3-15 is installed
  • OR dia-lang-0.97.3-15 is installed
    • BACK