Oval Definition:oval:org.opensuse.security:def:89391
Revision Date:2021-05-27Version:1
Title:Security update for curl (Moderate)
Description:

This update for curl fixes the following issues: - CVE-2021-22898: TELNET stack contents disclosure (bsc#1186114) - CVE-2021-22876: The automatic referer leaks credentials (bsc#1183933) - CVE-2020-8286: Inferior OCSP verification (bsc#1179593) - CVE-2020-8285: FTP wildcard stack overflow (bsc#1179399) - CVE-2020-8284: Trusting FTP PASV responses (bsc#1179398) - CVE-2020-8231: libcurl will pick and use the wrong connection with multiple requests with libcurl's multi API and the 'CURLOPT_CONNECT_ONLY' option (bsc#1175109) - Fix: SFTP uploads result in empty uploaded files (bsc#1177976)
Family:unixClass:patch
Status:Reference(s):1175109
1177976
1179398
1179399
1179593
1183933
1186114
CVE-2020-8231
CVE-2020-8284
CVE-2020-8285
CVE-2020-8286
CVE-2021-22876
CVE-2021-22898
SUSE-SU-2021:1786-1
Platform(s):SUSE Linux Enterprise Server 12 SP4-LTSS
Product(s):
Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4-LTSS is installed
  • AND Package Information
  • curl-7.60.0-4.20.1 is installed
  • OR libcurl4-7.60.0-4.20.1 is installed
  • OR libcurl4-32bit-7.60.0-4.20.1 is installed
    • BACK