USN-5964-1 fixed several vulnerabilities in curl. This update provides
the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM.
Original advisory details:
Harry Sintonen discovered that curl incorrectly handled certain TELNET
connection options. Due to lack of proper input scrubbing, curl could pass
on user name and telnet options to the server as provided, contrary to
expectations. (CVE-2023-27533)
Harry Sintonen discovered that curl incorrectly reused certain FTP
connections. This could lead to the wrong credentials being reused,
contrary to expectations. (CVE-2023-27535)
Harry Sintonen discovered that curl incorrectly reused connections when the
GSS delegation option had been changed. This could lead to the option being
reused, contrary to expectations. (CVE-2023-27536)
More Stories
chromium-122.0.6261.128-1.el8
FEDORA-EPEL-2024-f653e0bbf9 Packages in this update: chromium-122.0.6261.128-1.el8 Update description: upstream security release 122.0.6261.128 High CVE-2024-2400: Use after free in Performance Manager...
chromium-122.0.6261.128-1.el9
FEDORA-EPEL-2024-879bfd3d5b Packages in this update: chromium-122.0.6261.128-1.el9 Update description: upstream security release 122.0.6261.128 High CVE-2024-2400: Use after free in Performance Manager...
chromium-122.0.6261.128-1.el7
FEDORA-EPEL-2024-6e2c9aa156 Packages in this update: chromium-122.0.6261.128-1.el7 Update description: upstream security release 122.0.6261.128 High CVE-2024-2400: Use after free in Performance Manager...
USN-6700-1: Linux kernel vulnerabilities
It was discovered that the Layer 2 Tunneling Protocol (L2TP) implementation in the Linux kernel contained a race condition when...
USN-6701-1: Linux kernel vulnerabilities
Ruihan Li discovered that the bluetooth subsystem in the Linux kernel did not properly perform permissions checks when handling HCI...
w3m-0.5.3-63.git20230121.el7
FEDORA-EPEL-2024-5253d48b14 Packages in this update: w3m-0.5.3-63.git20230121.el7 Update description: Added upstream patch to fix out-of-bounds access due to multiple backspaces to...