[ALSA-2023:6679] Moderate: curl security update
Type:
security
Severity:
moderate
Release date:
2023-11-15
Description:
The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP. Security Fix(es): * curl: GSS delegation too eager connection re-use (CVE-2023-27536) * curl: TELNET option IAC injection (CVE-2023-27533) * curl: SFTP path ~ resolving discrepancy (CVE-2023-27534) * curl: SSH connection too eager reuse still (CVE-2023-27538) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section.
References:
Updated packages listed below:
Architecture Package Checksum
aarch64 libcurl-7.76.1-26.el9.aarch64.rpm 42e826bb2e08dbec048c99ed5f02629a7c8a17c00559f1750d64b8b59e2ebe6c
aarch64 libcurl-devel-7.76.1-26.el9.aarch64.rpm 576a05537e050102b4369947a0a84f74298986efb603944b6f9787de6868945a
aarch64 curl-7.76.1-26.el9.aarch64.rpm 6aa434bd64cf9f5b01163b3971bfa53ad41d823769937d5630d02f1501d718a1
aarch64 curl-minimal-7.76.1-26.el9.aarch64.rpm bfe851acfc765e92dfd36fca449678a5799e723df24ee5760441a5a31421c6ad
aarch64 libcurl-minimal-7.76.1-26.el9.aarch64.rpm c82e7fb409902d84fefcd8248d94a040581b6109102b9dfd1db21884809e5ca0
i686 libcurl-minimal-7.76.1-26.el9.i686.rpm 41b8634872da908a32d789035df80b7559b614464eb449935a521d284b299e63
i686 libcurl-devel-7.76.1-26.el9.i686.rpm 8770bbb6d2ae7a61f270ba56dac9589b8d383bc654f3fabc0b889ca81898909f
i686 libcurl-7.76.1-26.el9.i686.rpm 89406a938fcc36719c8d4f2657211b1ecc9cd4d1d96061c0bd35450a4c3d62d5
ppc64le libcurl-devel-7.76.1-26.el9.ppc64le.rpm 09be9db80fc89dc13b3d9ad5b61b80c898e4e3f73c560fbc0a118142a80b3f15
ppc64le libcurl-7.76.1-26.el9.ppc64le.rpm 0d19dab4b13198c72388a25070691eda6fa323e77625a63f981d9dbc82c99aea
ppc64le libcurl-minimal-7.76.1-26.el9.ppc64le.rpm 28304c78465c873c91c561dcaf029b22c21b9da25678b22b2fbd43d449070459
ppc64le curl-7.76.1-26.el9.ppc64le.rpm 3965b395b41e8d785558da217ee1f18b1c5e3ae16443cc40c82b61df3d31a3a2
ppc64le curl-minimal-7.76.1-26.el9.ppc64le.rpm d07112744ad74198f7e7e60a7a6f83d7c4dc5b34bfcfe6f3c2130d5ecf14e0a8
s390x libcurl-7.76.1-26.el9.s390x.rpm 041c8627e17a547d86dd461d3d90864a7f8cadacea629a29b6745f3d70abb7fa
s390x libcurl-devel-7.76.1-26.el9.s390x.rpm 19e8475674ff48d86aeeab8ab405be0a6850865254f39dd5626464bc6c57d014
s390x curl-7.76.1-26.el9.s390x.rpm 36043bb39928a88bf68dbdf55da90f5fc185cb547250a8c0e6a6fa1c2b34d09c
s390x libcurl-minimal-7.76.1-26.el9.s390x.rpm 3796e09a9211a74d44d27548c5a403961d19d234043203d384a3b1cc541bf5df
s390x curl-minimal-7.76.1-26.el9.s390x.rpm b4932de49028d424cfe0457247544138e986bfee49b4e643b7460b948920983c
x86_64 libcurl-7.76.1-26.el9.x86_64.rpm 3c88dce5cede2c28f9edfc16a1825a4949b78e23afa6074c88baed366eb915d6
x86_64 curl-minimal-7.76.1-26.el9.x86_64.rpm 7fff6492eb9d1442da8f67f957a510864da404a895b629e391d47a2497dc3c61
x86_64 curl-7.76.1-26.el9.x86_64.rpm 8f990e2a41cd1dbd8d5a938baa8363f2bf0afdb46340afd2491beece82179253
x86_64 libcurl-minimal-7.76.1-26.el9.x86_64.rpm c832a23f62facd1c8105dcc77ca3c6b7cba3052a61d89b21a322d1eb1e6d8a6f
x86_64 libcurl-devel-7.76.1-26.el9.x86_64.rpm f1c2eb5efd0df8575d712180537532f174f43fbd6d807f329e1f61c8170c6d6b
Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.