[ALSA-2023:6745] Important: curl security update
Type:
security
Severity:
important
Release date:
2023-11-14
Description:
The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP. Security Fix(es): * curl: a heap-based buffer overflow in the SOCKS5 proxy handshake (CVE-2023-38545) * curl: cookie injection with none file (CVE-2023-38546) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Updated packages listed below:
Architecture Package Checksum
aarch64 libcurl-minimal-7.76.1-26.el9_3.2.aarch64.rpm 3067ea1988e1cfe5946b9f4f673db49998839cc7f39b998eac854a477e8b266f
aarch64 curl-7.76.1-26.el9_3.2.aarch64.rpm 415e8eda1d94eb6ed2c159b1a43c61ed436abcd6bfa7be715f0ff448c7b86103
aarch64 libcurl-devel-7.76.1-26.el9_3.2.aarch64.rpm 689cb5000b927c2cbc62adbd9fa982c781346980bb8774945af299b66561adbf
aarch64 curl-minimal-7.76.1-26.el9_3.2.aarch64.rpm 695b426f584bb63e56f49d9b103a1f695a76c47158705e56621f31d54d5d47f0
aarch64 libcurl-7.76.1-26.el9_3.2.aarch64.rpm a6fb67131c9a280bb62dbf8e1c6a2099c79dc8389ba3a00810db2289b8629dd6
i686 libcurl-devel-7.76.1-26.el9_3.2.i686.rpm 75acd9f5ab4089a943181110875cca9c9c5b648302c588a368ea050af9950439
i686 libcurl-minimal-7.76.1-26.el9_3.2.i686.rpm 9abf40a9c978bd87624a0dad792d1f6eee67d4b3baa93112849d5be950c764ba
i686 libcurl-7.76.1-26.el9_3.2.i686.rpm 9cbf8115f0901a41b0e129d801395867be99ee164cc8a1cf8040f852f3ff1c06
ppc64le libcurl-7.76.1-26.el9_3.2.ppc64le.rpm 05c1f89f8c78e96d4e18c65e17637545b9b83ccaa975e479b8fc52ba102e2129
ppc64le curl-minimal-7.76.1-26.el9_3.2.ppc64le.rpm 4f6f3c925c7dfb31076dcc312c8a1540e4bc9534e451a47487e14a8e61bf2710
ppc64le libcurl-minimal-7.76.1-26.el9_3.2.ppc64le.rpm 911834a48af054b5f2704b37917c2f4ecaf9ef77c45a4b0c88c763cc2be317e3
ppc64le libcurl-devel-7.76.1-26.el9_3.2.ppc64le.rpm a9592c925f6b83340686ed9110b79feccb02f0518065c06bf01cb7bc13341ba1
ppc64le curl-7.76.1-26.el9_3.2.ppc64le.rpm e96f8a68e6f6d9a6f43e6d9a2cde27281cd16b975dde19fdbc9c9b8f66b54a15
s390x libcurl-7.76.1-26.el9_3.2.s390x.rpm ae93cf04e9ba03c18711c3e36e041120c30f7b332813b14ae0d6e59ce5df4014
s390x curl-minimal-7.76.1-26.el9_3.2.s390x.rpm c541767d824314e808023e325d83500612ba9dd20a90a292ad3a53ef29cc5a05
s390x curl-7.76.1-26.el9_3.2.s390x.rpm d1bf0b1feb32e8cc3f3a95891116f0b550b2b931ccd27cb45991a4c1afc1abd6
s390x libcurl-devel-7.76.1-26.el9_3.2.s390x.rpm edbf15f591c8701946437045308d253a1fb5256d58e1b029073f34edd44a7b14
s390x libcurl-minimal-7.76.1-26.el9_3.2.s390x.rpm f6f8e5802c2a834f05fa18b6cad61710d43d3d7c7d6774eee581a3c4e9e19dd3
x86_64 curl-minimal-7.76.1-26.el9_3.2.x86_64.rpm 295a2a453b2d00ad78902e49944d7fa5b5fddab46d0e08331c4f44b5690ea935
x86_64 libcurl-7.76.1-26.el9_3.2.x86_64.rpm 457c5ce364e08073856ce55846d66dd81b6e560aa3ba68927116af09ec9a54e4
x86_64 curl-7.76.1-26.el9_3.2.x86_64.rpm 4eb35ab37f7a846688db71d86959afab9e175a95614b6bb98c1db6eee6431011
x86_64 libcurl-devel-7.76.1-26.el9_3.2.x86_64.rpm a588bcca5150b37046b5a3f839781b924203473929a075327a4180fa770c7bbc
x86_64 libcurl-minimal-7.76.1-26.el9_3.2.x86_64.rpm dca71a10affef9e2b5ef7790551df59ee3743b8a22adf454836b2923b50af355
Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.