Oval Definition:
oval:org.opensuse.security:def:99419
Revision Date
:
2021-10-06
Version
:
1
Title
:
(Moderate)
Description
:
This update for curl fixes the following issues:
- CVE-2021-22947: Fixed STARTTLS protocol injection via MITM (bsc#1190374). - CVE-2021-22946: Fixed protocol downgrade required TLS bypassed (bsc#1190373).
Family
:
unix
Class
:
patch
Status
:
Reference(s)
:
1177125
1177222
1190373
1190374
CVE-2020-25613
CVE-2021-22946
CVE-2021-22947
SUSE-SU-2021:0933-1
Platform(s)
:
Image SLES15-SP3-Manager-4-2-Proxy-BYOS-EC2-HVM
SUSE Linux Enterprise Server 15 SP1-BCL
Product(s)
:
Definition Synopsis
Image SLES15-SP3-Manager-4-2-Proxy-BYOS-EC2-HVM is installed
AND
Package Information
curl-7.66.0-4.27.1 is installed
OR
libcurl4-7.66.0-4.27.1 is installed
Definition Synopsis
SUSE Linux Enterprise Server 15 SP1-BCL is installed
AND
Package Information
libruby2_5-2_5-2.5.8-4.14.1 is installed
OR
ruby2.5-2.5.8-4.14.1 is installed
OR
ruby2.5-devel-2.5.8-4.14.1 is installed
OR
ruby2.5-devel-extra-2.5.8-4.14.1 is installed
OR
ruby2.5-stdlib-2.5.8-4.14.1 is installed
BACK