ALSA-2022:6157

[ALSA-2022:6157] Moderate: curl security update

Type:

security

Severity:

moderate

Release date:

2022-08-30

Description:

The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP.
Security Fix(es):
* curl: HTTP compression denial of service (CVE-2022-32206)
* curl: Unpreserved file permissions (CVE-2022-32207)
* curl: FTP-KRB bad message verification (CVE-2022-32208)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References:

Updated packages listed below:

Architecture	Package	Checksum
aarch64	curl-minimal-7.76.1-14.el9_0.5.aarch64.rpm	402e8d10ed798b031f805d57a6f6b2e0a1e8d3a028829a4e8fbe828782413eb0
aarch64	libcurl-devel-7.76.1-14.el9_0.5.aarch64.rpm	68e67bed26783c0837850e13c34ecb7eba750b42532acc268fe611a3f5a83407
aarch64	libcurl-minimal-7.76.1-14.el9_0.5.aarch64.rpm	8a277c0d3f37dd113d2d638a7143aa1b215a635f0324daca4ef2637f5c8c8922
aarch64	curl-7.76.1-14.el9_0.5.aarch64.rpm	e69cb8daad76b95b7a16a64581e174f107e0e3bf87bdf74d0514ff4c42632a44
aarch64	libcurl-7.76.1-14.el9_0.5.aarch64.rpm	ed4059b4056e9cc54cf2f3799c536f081164fdcce5f813bbe67707e44442f273
i686	libcurl-minimal-7.76.1-14.el9_0.5.i686.rpm	09b13614d1581e90fdd443a1a9015c34131b57d870ede16ec7bb82e94d92be79
i686	libcurl-7.76.1-14.el9_0.5.i686.rpm	1aa1835ebebba0e81d55ccc34cdb2e59e415487bf64f4657a4341cd3a6633de0
i686	libcurl-devel-7.76.1-14.el9_0.5.i686.rpm	23f2c28f2dc6f874159fd622ea094b4df7383185f8440a874fec217c411c08d7
ppc64le	libcurl-devel-7.76.1-14.el9_0.5.ppc64le.rpm	12c668f08f5390a8558a25fbc9c3fd48f2c517be6ff2c696a44fa3d88f9fb038
ppc64le	libcurl-7.76.1-14.el9_0.5.ppc64le.rpm	2e5c6358e5ed5a9d61714274901c6a83cab55fb6393fda1fede5e1e90682f703
ppc64le	libcurl-minimal-7.76.1-14.el9_0.5.ppc64le.rpm	6dcf7bb5b4b0699a25e4ac628935d9852dc17cabf697c7062528343459c7bce0
ppc64le	curl-7.76.1-14.el9_0.5.ppc64le.rpm	d3095a714b7527d9742973ba6db8c38fa06d806fb456633632105f2aec6844c5
ppc64le	curl-minimal-7.76.1-14.el9_0.5.ppc64le.rpm	fbff2cf81ae49697aa8fcc4885c8ce92f10a05df28f886ad21fe86c940eaddfb
s390x	curl-minimal-7.76.1-14.el9_0.5.s390x.rpm	4932a3edafa05bb711a1d10122b0ca63b7cde5f83cd6eb040c7c300b9a685b8f
s390x	libcurl-minimal-7.76.1-14.el9_0.5.s390x.rpm	6c2ca659861bae86bb98a954ab7768c718971cfa51468f11d0ea50dbe9ef9671
s390x	libcurl-devel-7.76.1-14.el9_0.5.s390x.rpm	7d1bad3dd6f1856757371d6eb026ddf00f4761fd7a32457e6c496d4228cb6864
s390x	libcurl-7.76.1-14.el9_0.5.s390x.rpm	8de310a61ed9bc03273bc051d2d004d9482c288156212e440ee16397fa569547
s390x	curl-7.76.1-14.el9_0.5.s390x.rpm	d99d0828c7bd4e888b4e12d99c8e7ced9bbfe7bf1c787d97d092765600768c16
x86_64	libcurl-7.76.1-14.el9_0.5.x86_64.rpm	2d96426c0d69d091b03c65014ab2485c9b580599744618ea5d8d6f808544a010
x86_64	libcurl-minimal-7.76.1-14.el9_0.5.x86_64.rpm	8952a283d1864149f73c6dd9688e33278c64667f0a0eaa96cbe4cd00453a4f22
x86_64	libcurl-devel-7.76.1-14.el9_0.5.x86_64.rpm	b975f675c45821d7de9b30c6d358bcf3253fc3644fd4edd813f03f197c32195b
x86_64	curl-minimal-7.76.1-14.el9_0.5.x86_64.rpm	ed1875b39b0182f49828fa857fdf88dcd4eabdb29098fdfd46627a548356fb52
x86_64	curl-7.76.1-14.el9_0.5.x86_64.rpm	fb907e7b85d74622be95d44354df9081ba6897c7bc54306828da4f848fe8967d

Notes:

This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.