logo
DATABASE RESOURCES PRICING ABOUT US

[slackware-security] curl

Description

New curl packages are available for Slackware 14.0, 14.1, 14.2, 15.0, and -current to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/curl-7.83.0-i586-1_slack15.0.txz: Upgraded. This update fixes security issues: OAUTH2 bearer bypass in connection re-use. Credential leak on redirect. Bad local IPv6 connection reuse. Auth/cookie leak on redirect. For more information, see: https://curl.se/docs/CVE-2022-22576.html https://curl.se/docs/CVE-2022-27774.html https://curl.se/docs/CVE-2022-27775.html https://curl.se/docs/CVE-2022-27776.html https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22576 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27774 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27775 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27776 (* Security fix *) Where to find the new packages: Thanks to the friendly folks at the OSU Open Source Lab (http://osuosl.org) for donating FTP and rsync hosting to the Slackware project! :-) Also see the "Get Slack" section on http://slackware.com for additional mirror sites near you. Updated package for Slackware 14.0: ftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/curl-7.83.0-i486-1_slack14.0.txz Updated package for Slackware x86_64 14.0: ftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/curl-7.83.0-x86_64-1_slack14.0.txz Updated package for Slackware 14.1: ftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/curl-7.83.0-i486-1_slack14.1.txz Updated package for Slackware x86_64 14.1: ftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/curl-7.83.0-x86_64-1_slack14.1.txz Updated package for Slackware 14.2: ftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/curl-7.83.0-i586-1_slack14.2.txz Updated package for Slackware x86_64 14.2: ftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/curl-7.83.0-x86_64-1_slack14.2.txz Updated package for Slackware 15.0: ftp://ftp.slackware.com/pub/slackware/slackware-15.0/patches/packages/curl-7.83.0-i586-1_slack15.0.txz Updated package for Slackware x86_64 15.0: ftp://ftp.slackware.com/pub/slackware/slackware64-15.0/patches/packages/curl-7.83.0-x86_64-1_slack15.0.txz Updated package for Slackware -current: ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/curl-7.83.0-i586-1.txz Updated package for Slackware x86_64 -current: ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/curl-7.83.0-x86_64-1.txz MD5 signatures: Slackware 14.0 package: 607b20f1371350e8f7593018cc238913 curl-7.83.0-i486-1_slack14.0.txz Slackware x86_64 14.0 package: b5ad2b55e38ff8b3aeb5c90393e418c6 curl-7.83.0-x86_64-1_slack14.0.txz Slackware 14.1 package: 00e82861084a0786a7f68b22967a8c1e curl-7.83.0-i486-1_slack14.1.txz Slackware x86_64 14.1 package: e125ccdc37ac93e6dda401804b68d920 curl-7.83.0-x86_64-1_slack14.1.txz Slackware 14.2 package: 0b4718eb4fe11d2bf332ba2ec2ac2a7d curl-7.83.0-i586-1_slack14.2.txz Slackware x86_64 14.2 package: 9352461a4f1474e0595e9fd059b72825 curl-7.83.0-x86_64-1_slack14.2.txz Slackware 15.0 package: 553edba4be92fac1a49385c00cc523d0 curl-7.83.0-i586-1_slack15.0.txz Slackware x86_64 15.0 package: 63728de433fd85551d330a170a9293fb curl-7.83.0-x86_64-1_slack15.0.txz Slackware -current package: 85ee2ff366110682670227d31bc7b178 n/curl-7.83.0-i586-1.txz Slackware x86_64 -current package: c8fa7d26aac235ab9d6a49778b7fa6b1 n/curl-7.83.0-x86_64-1.txz Installation instructions: Upgrade the package as root: > upgradepkg curl-7.83.0-i586-1_slack15.0.txz


Affected Package


OS OS Version Package Name Package Version
Slackware 14.0 curl 7.83.0
Slackware 14.0 curl 7.83.0
Slackware 14.1 curl 7.83.0
Slackware 14.1 curl 7.83.0
Slackware 14.2 curl 7.83.0
Slackware 14.2 curl 7.83.0
Slackware 15.0 curl 7.83.0
Slackware 15.0 curl 7.83.0
Slackware current curl 7.83.0
Slackware current curl 7.83.0

Related