Oval Definition:	oval:org.opensuse.security:def:99636
Revision Date: 2021-05-26 Version: 1 Title: (Moderate) Description: This update for curl fixes the following issues: - CVE-2021-22898: Fixed curl TELNET stack contents disclosure (bsc#1186114). - Allow partial chain verification [jsc#SLE-17956] * Have intermediate certificates in the trust store be treated as trust-anchors, in the same way as self-signed root CA certificates are. This allows users to verify servers using the intermediate cert only, instead of needing the whole chain. * Set FLAG_TRUSTED_FIRST unconditionally. * Do not check partial chains with CRL check. Family: unix Class: patch Status: Reference(s): 1173886 1179908 1183421 1186114 CVE-2020-13987 CVE-2020-13988 CVE-2020-17437 CVE-2020-17438 CVE-2021-22898 SUSE-SU-2021:1164-1 Platform(s): Image SLES15-SP3-Manager-4-2-Proxy-BYOS-GCE SUSE Linux Enterprise Server for SAP Applications 15 SP1 Product(s): Definition Synopsis Image SLES15-SP3-Manager-4-2-Proxy-BYOS-GCE is installed AND Package Information curl-7.66.0-4.17.1 is installed OR libcurl4-7.66.0-4.17.1 is installed Definition Synopsis SUSE Linux Enterprise Server for SAP Applications 15 SP1 is installed AND Package Information iscsiuio-0.7.8.2-13.42.1 is installed OR libopeniscsiusr0_2_0-2.0.876-13.42.1 is installed OR open-iscsi-2.0.876-13.42.1 is installed OR open-iscsi-devel-2.0.876-13.42.1 is installed
BACK