Release Info

Advisory: CLSA-2022:1658855227

OS: CentOS 8.4 ELS

Public date: 2022-07-26 00:00:00

Project: curl

Version: 7.61.1-22.el8.tuxcare.els3

Errata link: https://errata.cloudlinux.com/centos8.4-els/CLSA-2022-1658855227.html

Changelog

- CVE-2022-27774: fix credential leak on redirect - CVE-2022-27776: fix auth/cookie leak on redirect

Update

Update command: dnf update curl*

Packages list

libcurl-7.61.1-22.el8.tuxcare.els3.i686.rpm curl-minimal-7.61.1-22.el8.tuxcare.els3.x86_64.rpm libcurl-devel-7.61.1-22.el8.tuxcare.els3.x86_64.rpm curl-7.61.1-22.el8.tuxcare.els3.x86_64.rpm libcurl-minimal-7.61.1-22.el8.tuxcare.els3.x86_64.rpm libcurl-7.61.1-22.el8.tuxcare.els3.x86_64.rpm libcurl-devel-7.61.1-22.el8.tuxcare.els3.i686.rpm libcurl-minimal-7.61.1-22.el8.tuxcare.els3.i686.rpm

CVEs

CVE-2022-27774
CVE-2022-27776