ELS for OS
- CVEs
- Releases
- Projects
- Documentation
Live Patches
ELS for PHP
- CVEs
- Releases
- Projects
- Documentation
ELS for Python
- CVEs
- Releases
- Projects
- Documentation
ELS for Dotnet
- CVEs
- Releases
- Projects
- Documentation
ELS for Node.js
- CVEs
- Releases
- Projects
- Documentation

Release Info

Advisory: CLSA-2026:1771664389

OS: TuxCare 9.6 ESU

Public date: 2026-02-21 08:59:52.28906

Project: curl

Version: 7.76.1-31.el9_6.1.tuxcare.els5

Errata link: https://errata.tuxcare.com/els_os/tuxcare9.6esu/CLSA-2026-1771664389.html

Changelog

- CVE-2025-14524: fix OAuth2 bearer token leak on cross-protocol redirect - CVE-2025-15224: fix libssh public-key auth fallback to SSH agent

Update

Update command: dnf update curl*

Packages list

curl-7.76.1-31.el9_6.1.tuxcare.els5.x86_64.rpm curl-minimal-7.76.1-31.el9_6.1.tuxcare.els5.x86_64.rpm libcurl-7.76.1-31.el9_6.1.tuxcare.els5.i686.rpm libcurl-7.76.1-31.el9_6.1.tuxcare.els5.x86_64.rpm libcurl-devel-7.76.1-31.el9_6.1.tuxcare.els5.i686.rpm libcurl-devel-7.76.1-31.el9_6.1.tuxcare.els5.x86_64.rpm libcurl-minimal-7.76.1-31.el9_6.1.tuxcare.els5.i686.rpm libcurl-minimal-7.76.1-31.el9_6.1.tuxcare.els5.x86_64.rpm

CVEs

CVE-2025-15224

CVE-2025-14524