ALSA-2025:23383

[ALSA-2025:23383] Moderate: curl security update

Type:

security

Severity:

moderate

Release date:

2025-12-22

Description:

The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP.  

Security Fix(es):  

  * curl: libcurl: Curl out of bounds read for cookie path (CVE-2025-9086)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References:

Updated packages listed below:

Architecture	Package	Checksum
aarch64	libcurl-7.61.1-34.el8_10.9.aarch64.rpm	2b213ca41f4543b74e898ec82a60c7417069841d57655a8a09ade9e137d96ad9
aarch64	curl-7.61.1-34.el8_10.9.aarch64.rpm	a7e4bfc3166268cfb6231c5dc7e824c4568f13fe32bf0e900552f4f5e85751fa
aarch64	libcurl-devel-7.61.1-34.el8_10.9.aarch64.rpm	bb61e556124c9e9470f48e900d1f3e9ff5cbe486807c55d51f21a8f9b3caf565
aarch64	libcurl-minimal-7.61.1-34.el8_10.9.aarch64.rpm	c88093f02bce909dce21f32f513841f2f7d3ed9812de63f70b88e4de35063d39
i686	libcurl-7.61.1-34.el8_10.9.i686.rpm	6aaf7e6de8ecabcd1c6a7f24e6877d8a1af07a09145944e62acbcaad5ee29f12
i686	libcurl-minimal-7.61.1-34.el8_10.9.i686.rpm	87cfa2aa098325de143a43f1a77e622057d5d6aba294d9295ac207dbb2665ce7
i686	libcurl-devel-7.61.1-34.el8_10.9.i686.rpm	dba0b72e8261ab62976845d9fd1178ae82e65784d008e2d8d380da9e6e72aae1
ppc64le	libcurl-7.61.1-34.el8_10.9.ppc64le.rpm	35ce6818bf998f55932d9f40741a38a5227220d651ff7bd003036c782f7cff33
ppc64le	libcurl-minimal-7.61.1-34.el8_10.9.ppc64le.rpm	6b0af96a82ad1f48d3d6a5b00f22b7802918d425b301e9eb61ef210581b16f30
ppc64le	libcurl-devel-7.61.1-34.el8_10.9.ppc64le.rpm	add5d6bbd4ff00b70c4b56a8ece9db0c91708cff03f643e9a863a9e9c7487ce9
ppc64le	curl-7.61.1-34.el8_10.9.ppc64le.rpm	f152bc83c96549f8360970ec8144d0ab82313191a7a5c6381ecf4025eb0c2736
s390x	curl-7.61.1-34.el8_10.9.s390x.rpm	7084ec2a1c637d9889e1d3146d0a44626a8f008d280d88b219156ecddd1b0c39
s390x	libcurl-minimal-7.61.1-34.el8_10.9.s390x.rpm	713b8b4ba3278d8c384acc034b388f594b0c6a19480c47c7710a47c5acb65d5f
s390x	libcurl-7.61.1-34.el8_10.9.s390x.rpm	84f92c14fce321d57c8534ad9d3cd30f506c7fafeac780fe871a2e94b07ec14e
s390x	libcurl-devel-7.61.1-34.el8_10.9.s390x.rpm	d0a8d92b4edab3bed1eea9e4b94665f9e3fdd5635aa1f11c66f1d32ef9921d5f
x86_64	libcurl-7.61.1-34.el8_10.9.x86_64.rpm	1b49693a2192653cfe19043b98dad6986f9966095fd477dc3f1e8fba496bcbe2
x86_64	libcurl-devel-7.61.1-34.el8_10.9.x86_64.rpm	7ee070f9ab39e418aab225cd374a9c937090c0f183cd43fd7f8ca3d6b647e1d5
x86_64	curl-7.61.1-34.el8_10.9.x86_64.rpm	ac5de6b0f2446a13d7ecb56abe71a567f40ba3c9f9a0680f00e2fd8d570e21a6
x86_64	libcurl-minimal-7.61.1-34.el8_10.9.x86_64.rpm	dc6748919ee674eab1342f610d867cb1989127b75e090a16b02150f38a676fb1

Notes:

This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.