Lucene search

K
oraclelinuxOracleLinuxELSA-2022-5245
HistoryJun 30, 2022 - 12:00 a.m.

curl security update

2022-06-3000:00:00
linux.oracle.com
14
curl update
security fix
tls connection
ssh connection
srp credentials
makefile tests
cve-2022-27782
cve-2022-27774
cve-2022-27776
cve-2022-22576
unix

EPSS

0.003

Percentile

68.9%

[7.76.1-14.el9_0.4]

  • fix too eager reuse of TLS and SSH connections (CVE-2022-27782)
    [7.76.1-14.el9_0.3]
  • fix leak of SRP credentials in redirects (CVE-2022-27774)
    [7.76.1-14.el9_0.2]
  • add missing tests to Makefile
    [7.76.1-14.el9_0.1]
  • fix credential leak on redirect (CVE-2022-27774)
  • fix auth/cookie leak on redirect (CVE-2022-27776)
  • fix OAUTH2 bearer bypass in connection re-use (CVE-2022-22576)