logo
DATABASE RESOURCES PRICING ABOUT US

(RHSA-2022:1354) Moderate: rh-dotnet31-curl security update

Description

.NET Core is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. Security Fix(es): * curl: Leak of authentication credentials in URL via automatic Referer (CVE-2021-22876) * curl: Bad connection reuse due to flawed path name checks (CVE-2021-22924) * curl: Requirement to use TLS not properly enforced for IMAP, POP3, and FTP protocols (CVE-2021-22946) * curl: Server responses received before STARTTLS processed after TLS handshake (CVE-2021-22947) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.


Affected Package


OS OS Version Package Name Package Version
RedHat 7 rh-dotnet31-curl 7.61.1-22.el7_9
RedHat 7 rh-dotnet31-libcurl 7.61.1-22.el7_9
RedHat 7 rh-dotnet31-libcurl-devel 7.61.1-22.el7_9
RedHat 7 rh-dotnet31-curl 7.61.1-22.el7_9
RedHat 7 rh-dotnet31-curl-debuginfo 7.61.1-22.el7_9

Related