ALSA-2026:1350

[ALSA-2026:1350] Moderate: curl security update

Type:

security

Severity:

moderate

Release date:

2026-01-29

Description:

The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP.  

Security Fix(es):  

  * curl: libcurl: Curl out of bounds read for cookie path (CVE-2025-9086)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References:

Updated packages listed below:

Architecture	Package	Checksum
aarch64	libcurl-7.76.1-35.el9_7.3.aarch64.rpm	47ecd9344278c8069e363e30f62ffaf4808f60520566bb83e562aa63ebf8e12b
aarch64	curl-7.76.1-35.el9_7.3.aarch64.rpm	72e8d989c8f931def478a9b5c305d5e19184f96ceb354ec6353c4a0ff02026b7
aarch64	libcurl-devel-7.76.1-35.el9_7.3.aarch64.rpm	d1f6a814b233747b7daa019a9f91d648e08fac06397af4ad26534317ff8dd406
aarch64	libcurl-minimal-7.76.1-35.el9_7.3.aarch64.rpm	dc118258fe859803e878e342a83d327a03d1d6ae639882d8029bfbe37cb896f8
aarch64	curl-minimal-7.76.1-35.el9_7.3.aarch64.rpm	f3c1b915727ea878deff85e7374b75c23da6d9dde2b7c8b2cdfb99432ebdb436
i686	libcurl-minimal-7.76.1-35.el9_7.3.i686.rpm	6e9693f95de4ce36ba673b9dc813272859324b110693f57819e646bcfd03f7e9
i686	libcurl-devel-7.76.1-35.el9_7.3.i686.rpm	7fceca894e1dff344a7da0332ce52aa5e24ad0690cf7529d64cd5f2e99a80990
i686	libcurl-7.76.1-35.el9_7.3.i686.rpm	a6c8693d194eba4aec389fa4db4e51f1877a458ad4c1e862004cfabda722b201
ppc64le	curl-minimal-7.76.1-35.el9_7.3.ppc64le.rpm	5e9405fbada17c830f1c271d2bc445e2f9a2b3f70a4e4937e928f53c543f6527
ppc64le	libcurl-7.76.1-35.el9_7.3.ppc64le.rpm	66fed6300b0f5e49163d1e35136edc44f6c3d6a1e4a2aed2edcfaeaa8f19caff
ppc64le	libcurl-minimal-7.76.1-35.el9_7.3.ppc64le.rpm	cdb40d782270bc8dc9a6e659dddfb563d3d6b7c72e13dadc88e001625a4f7c5f
ppc64le	libcurl-devel-7.76.1-35.el9_7.3.ppc64le.rpm	ce25ad8ddf49fcf8ac8801ef4e3479678c74adabb1b47c1f287f7657ccf3938a
ppc64le	curl-7.76.1-35.el9_7.3.ppc64le.rpm	db2505cc9fcac14d5c282b95b8378900df49443629106135de278668f264349d
s390x	libcurl-7.76.1-35.el9_7.3.s390x.rpm	09acf1b76b79b4d3a3fb6ebdd5b41856d67a485bdcc29d644e396f68720e626f
s390x	libcurl-devel-7.76.1-35.el9_7.3.s390x.rpm	37072e61d192d6955427ccdc9edfceab5b75ba749a5fadbb8ac0818f1da6d141
s390x	libcurl-minimal-7.76.1-35.el9_7.3.s390x.rpm	9906e5900358763b86ccf486bd05012fa7e0fac8eeacbbd8ef16f588e891f5fe
s390x	curl-7.76.1-35.el9_7.3.s390x.rpm	da4a8f09baf1d7f08498638a30c95b2d5593960a1cd84c88f04337ae8a241973
s390x	curl-minimal-7.76.1-35.el9_7.3.s390x.rpm	dd9047369acd9db768fb1eb672c8ed397e2696dd1f0528c1e627be34dcf1ad99
x86_64	curl-7.76.1-35.el9_7.3.x86_64.rpm	0172ca153204bdab203a621f4b7d5d6d40d6b3a2d385ab3d65ec5ace5b939d8c
x86_64	libcurl-7.76.1-35.el9_7.3.x86_64.rpm	6bb973188cdd21d8dcc42f337236972c622dc5f2006667b654a22bfce6b7b5b3
x86_64	curl-minimal-7.76.1-35.el9_7.3.x86_64.rpm	8ab2cf75a801649d861dc8ef38d33a511888b8a67d77507076927a6c27859335
x86_64	libcurl-devel-7.76.1-35.el9_7.3.x86_64.rpm	cc8b45d4006db2ca163594cdca1de7b800e5b0bab95059d4b0ad872fe1916e12
x86_64	libcurl-minimal-7.76.1-35.el9_7.3.x86_64.rpm	e0ae1aa8e0957376843c734c78fccd59cd7454eb62705b76d5479b7a3cc62cdd

Notes:

This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.