ELS for OS
- CVEs
- Releases
- Projects
- Documentation
Live Patches
ELS for PHP
- CVEs
- Releases
- Projects
- Documentation
ELS for Python
- CVEs
- Releases
- Projects
- Documentation
ELS for Dotnet
- CVEs
- Releases
- Projects
- Documentation
ELS for Node.js
- CVEs
- Releases
- Projects
- Documentation

Release Info

Advisory: CLSA-2026:1771663697

OS: AlmaLinux 9.2 ESU

Public date: 2026-02-21 08:48:19.868125

Project: curl

Version: 7.76.1-31.el9_2.1.tuxcare.els5

Errata link: https://errata.tuxcare.com/els_os/almalinux9.2esu/CLSA-2026-1771663697.html

Changelog

- CVE-2025-14524: fix OAuth2 bearer token leak on cross-protocol redirect - CVE-2025-15224: fix libssh public-key auth fallback to SSH agent

Update

Update command: dnf update curl*

Packages list

curl-7.76.1-31.el9_2.1.tuxcare.els5.x86_64.rpm curl-minimal-7.76.1-31.el9_2.1.tuxcare.els5.x86_64.rpm libcurl-7.76.1-31.el9_2.1.tuxcare.els5.i686.rpm libcurl-7.76.1-31.el9_2.1.tuxcare.els5.x86_64.rpm libcurl-devel-7.76.1-31.el9_2.1.tuxcare.els5.i686.rpm libcurl-devel-7.76.1-31.el9_2.1.tuxcare.els5.x86_64.rpm libcurl-minimal-7.76.1-31.el9_2.1.tuxcare.els5.i686.rpm libcurl-minimal-7.76.1-31.el9_2.1.tuxcare.els5.x86_64.rpm

CVEs

CVE-2025-14524

CVE-2025-15224