Red Hat Security Advisory 2024-1601-03 - An update for curl is now available for Red Hat Enterprise Linux 8. Issues addressed include an information leakage vulnerability.
2e8ac22152907c39e9381f748fe4cffe8c0e877488f619bc5b2d3257ab8a2f82Red Hat Security Advisory 2024-0585-03 - An update for curl is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Issues addressed include an information leakage vulnerability.
c9f6b909a7cbc2511ec10fd9b537910946de3bcea2bbbb06d0cdefc60bf23c3eRed Hat Security Advisory 2023-5379-01 - Network Observability 1.4.0. Issues addressed include a denial of service vulnerability.
2d6fbc492e175e1c827d748108c91f9a5fc1a72f3a137ab6a7f8546bc8427c43Ubuntu Security Notice 6237-3 - USN-6237-1 fixed several vulnerabilities in curl. This update provides the corresponding updates for Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, and Ubuntu 18.04 LTS. Hiroki Kurosawa discovered that curl incorrectly handled validating certain certificate wildcards. A remote attacker could possibly use this issue to spoof certain website certificates using IDN hosts.
4aab60fd32ca66bfe087d6a307e821248cd1fc2c9b55fb50ae6a43d6c19b5921Red Hat Security Advisory 2023-4628-01 - Red Hat JBoss Core Services is a set of supplementary software for Red Hat JBoss middleware products. This software, such as Apache HTTP Server, is common to multiple JBoss middleware products and packaged under Red Hat JBoss Core Services, to allow for faster distribution of updates and for a more consistent update experience. This release of Red Hat JBoss Core Services Apache HTTP Server 2.4.57 serves as a replacement for Red Hat JBoss Core Services Apache HTTP Server 2.4.51 Service Pack 2, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include HTTP response splitting, bypass, integer overflow, out of bounds write, and use-after-free vulnerabilities.
2421b3b97cc7191c9230548e299fe246f93d5b82a4d21e6fa8eaf14abddaa1f0Red Hat Security Advisory 2023-4629-01 - Red Hat JBoss Core Services is a set of supplementary software for Red Hat JBoss middleware products. This software, such as Apache HTTP Server, is common to multiple JBoss middleware products and packaged under Red Hat JBoss Core Services, to allow for faster distribution of updates and for a more consistent update experience. This release of Red Hat JBoss Core Services Apache HTTP Server 2.4.57 serves as a replacement for Red Hat JBoss Core Services Apache HTTP Server 2.4.51 Service Pack 2, and includes bug fixes and enhancements, which are documented in the Release Notes linked to in the References section. Issues addressed include HTTP response splitting, bypass, integer overflow, and use-after-free vulnerabilities.
6c109e8112c245ff647417e707926d11d65d612b66e7ae46f1f05cb3ab724077Red Hat Security Advisory 2023-4456-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.13.8. Issues addressed include an add administrator vulnerability.
b0a498344d09cd12609bee557f305594f2cff6126e3cae1cdc620fc9159bf3ecRed Hat Security Advisory 2023-4354-01 - The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP.
678caf3e66249a1a4fe481296e802717677af7b21664f828ece96b591563c218Apple Security Advisory 2023-07-24-6 - macOS Big Sur 11.7.9 addresses code execution, out of bounds read, and use-after-free vulnerabilities.
ee0e370612feffcdd195d2217699ccfdfa302e2ed0cf29ec464c6c6c2bde8f81Apple Security Advisory 2023-07-24-5 - macOS Monterey 12.6.8 addresses code execution, out of bounds read, and use-after-free vulnerabilities.
8f28ed064f450316ecc855c2c8e034834dfbba8071bddb178c5eb88e95963236Apple Security Advisory 2023-07-24-4 - macOS Ventura 13.5 addresses bypass, code execution, out of bounds read, and use-after-free vulnerabilities.
c637626493b675cefdcd4fdba35ad174a41ee73e582783331eefed49239a1e71Ubuntu Security Notice 6237-2 - USN-6237-1 fixed vulnerabilities in curl. The update caused a certificate wildcard handling regression on Ubuntu 22.04 LTS. This update fixes the problem. Hiroki Kurosawa discovered that curl incorrectly handled validating certain certificate wildcards. A remote attacker could possibly use this issue to spoof certain website certificates using IDN hosts. Hiroki Kurosawa discovered that curl incorrectly handled callbacks when certain options are set by applications. This could cause applications using curl to misbehave, resulting in information disclosure, or a denial of service. It was discovered that curl incorrectly handled saving cookies to files. A local attacker could possibly use this issue to create or overwrite files. This issue only affected Ubuntu 22.10, and Ubuntu 23.04.
e8dd9101762b6b8471b622e391d8e553d5793d3028a030db99705ea7fe07b3a9Ubuntu Security Notice 6237-1 - Hiroki Kurosawa discovered that curl incorrectly handled validating certain certificate wildcards. A remote attacker could possibly use this issue to spoof certain website certificates using IDN hosts. Hiroki Kurosawa discovered that curl incorrectly handled callbacks when certain options are set by applications. This could cause applications using curl to misbehave, resulting in information disclosure, or a denial of service.
51f46d8ba4e11574eb483e508710565644dc207c352aed8e601c8ec28e6a4ba4
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed