Release Info

Advisory: CLSA-2022:1661173301

OS: Ubuntu 16.04 ELS

Public date: 2022-08-22 00:00:00

Project: curl

Version: 7.47.0-1ubuntu2.23+tuxcare.els4

Errata link: https://errata.cloudlinux.com/ubuntu16-els/CLSA-2022-1661173301.html

Changelog

* SECURITY UPDATE: When curl less than 7.84.0 does FTP transfers secured by krb5, it handles message verification failures wrongly. - debian/patches/CVE-2022-32208.patch: krb5: return error properly on decode errors - CVE-2022-32208

Update

Update command: apt-get update apt-get --only-upgrade install curl*

Packages list

curl_7.47.0-1ubuntu2.23+tuxcare.els4_amd64.deb libcurl3_7.47.0-1ubuntu2.23+tuxcare.els4_amd64.deb libcurl3-gnutls_7.47.0-1ubuntu2.23+tuxcare.els4_amd64.deb libcurl3-nss_7.47.0-1ubuntu2.23+tuxcare.els4_amd64.deb libcurl4-doc_7.47.0-1ubuntu2.23+tuxcare.els4_all.deb libcurl4-gnutls-dev_7.47.0-1ubuntu2.23+tuxcare.els4_amd64.deb libcurl4-nss-dev_7.47.0-1ubuntu2.23+tuxcare.els4_amd64.deb libcurl4-openssl-dev_7.47.0-1ubuntu2.23+tuxcare.els4_amd64.deb

CVEs

CVE-2022-32208