Release Info

Advisory: CLSA-2023:1685378325

OS: CentOS 8.5 ELS

Public date: 2023-05-29 12:38:47

Project: curl

Version: 7.61.1-22.el8.tuxcare.els9

Errata link: https://errata.cloudlinux.com/centos8.5-els/CLSA-2023-1685378325.html

Changelog

- CVE-2022-43552: smb/telnet: do not free the protocol struct in *_done() - CVE-2022-35252: cookie: reject cookies with "control bytes"

Update

Update command: dnf update curl*

Packages list

curl-7.61.1-22.el8.tuxcare.els9.x86_64.rpm curl-minimal-7.61.1-22.el8.tuxcare.els9.x86_64.rpm libcurl-7.61.1-22.el8.tuxcare.els9.i686.rpm libcurl-7.61.1-22.el8.tuxcare.els9.x86_64.rpm libcurl-devel-7.61.1-22.el8.tuxcare.els9.i686.rpm libcurl-devel-7.61.1-22.el8.tuxcare.els9.x86_64.rpm libcurl-minimal-7.61.1-22.el8.tuxcare.els9.i686.rpm libcurl-minimal-7.61.1-22.el8.tuxcare.els9.x86_64.rpm

CVEs

CVE-2022-35252
CVE-2022-43552