Lucene search

AlmaLinuxALSA-2022:8299

HistoryNov 15, 2022 - 12:00 a.m.

Low: curl security update

2022-11-1500:00:00

errata.almalinux.org

curl package

libcurl library

downloading files

http

ftp

ldap

security fix

cve-2022-27775

cvss score

almalinux release notes

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

0.002 Low

EPSS

Percentile

58.4%

JSON

The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP.

Security Fix(es):

curl: bad local IPv6 connection reuse (CVE-2022-27775)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Additional Changes:

For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section.

OSVersionArchitecturePackageVersionFilename
almalinux9i686libcurl-devel< 7.76.1-19.el9libcurl-devel-7.76.1-19.el9.i686.rpm
almalinux9x86_64libcurl-devel< 7.76.1-19.el9libcurl-devel-7.76.1-19.el9.x86_64.rpm
almalinux9ppc64lelibcurl-devel< 7.76.1-19.el9libcurl-devel-7.76.1-19.el9.ppc64le.rpm
almalinux9aarch64libcurl-devel< 7.76.1-19.el9libcurl-devel-7.76.1-19.el9.aarch64.rpm
almalinux9s390xlibcurl-devel< 7.76.1-19.el9libcurl-devel-7.76.1-19.el9.s390x.rpm
almalinux9i686libcurl< 7.76.1-19.el9libcurl-7.76.1-19.el9.i686.rpm
almalinux9i686libcurl-minimal< 7.76.1-19.el9libcurl-minimal-7.76.1-19.el9.i686.rpm
almalinux9ppc64lelibcurl-minimal< 7.76.1-19.el9libcurl-minimal-7.76.1-19.el9.ppc64le.rpm
almalinux9ppc64lelibcurl< 7.76.1-19.el9libcurl-7.76.1-19.el9.ppc64le.rpm
almalinux9ppc64lecurl< 7.76.1-19.el9curl-7.76.1-19.el9.ppc64le.rpm

OS	Version	Architecture	Package	Version	Filename
almalinux	9	i686	libcurl-devel	< 7.76.1-19.el9	libcurl-devel-7.76.1-19.el9.i686.rpm
almalinux	9	x86_64	libcurl-devel	< 7.76.1-19.el9	libcurl-devel-7.76.1-19.el9.x86_64.rpm
almalinux	9	ppc64le	libcurl-devel	< 7.76.1-19.el9	libcurl-devel-7.76.1-19.el9.ppc64le.rpm
almalinux	9	aarch64	libcurl-devel	< 7.76.1-19.el9	libcurl-devel-7.76.1-19.el9.aarch64.rpm
almalinux	9	s390x	libcurl-devel	< 7.76.1-19.el9	libcurl-devel-7.76.1-19.el9.s390x.rpm
almalinux	9	i686	libcurl	< 7.76.1-19.el9	libcurl-7.76.1-19.el9.i686.rpm
almalinux	9	i686	libcurl-minimal	< 7.76.1-19.el9	libcurl-minimal-7.76.1-19.el9.i686.rpm
almalinux	9	ppc64le	libcurl-minimal	< 7.76.1-19.el9	libcurl-minimal-7.76.1-19.el9.ppc64le.rpm
almalinux	9	ppc64le	libcurl	< 7.76.1-19.el9	libcurl-7.76.1-19.el9.ppc64le.rpm
almalinux	9	ppc64le	curl	< 7.76.1-19.el9	curl-7.76.1-19.el9.ppc64le.rpm