What is the severity of RHSA-2021:4059?

The severity of RHSA-2021:4059 is classified as Moderate due to the potential for unauthorized access via insecure communication protocols.

How do I fix RHSA-2021:4059?

To fix RHSA-2021:4059, you should update the affected curl packages to version 7.61.1-18.el8_4.2 or higher.

What specific packages are affected by RHSA-2021:4059?

The affected packages include curl, libcurl, curl-debuginfo, libcurl-debuginfo, and several others related to these libraries.

What is CVE-2021-22945 related to RHSA-2021:4059?

CVE-2021-22945 highlights the failure to properly enforce TLS usage in protocols like IMAP, POP3, and FTP within curl.

How can I verify if my system is affected by RHSA-2021:4059?

You can verify if your system is affected by checking the installed versions of curl and related packages against the provided vulnerable versions.

Vulnerability/
RHSA-2021:4059

2/11/2021

RHSA-2021:4059: Moderate: curl security update

First published: Tue Nov 02 2021(Updated: )

The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP.<br>Security Fix(es):<br><li> curl: Requirement to use TLS not properly enforced for IMAP, POP3, and FTP protocols (CVE-2021-22946)</li> <li> curl: Server responses received before STARTTLS processed after TLS handshake (CVE-2021-22947)</li> For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Affected Software	Affected Version	How to fix
redhat/curl	<7.61.1-18.el8_4.2	7.61.1-18.el8_4.2
redhat/curl	<7.61.1-18.el8_4.2	7.61.1-18.el8_4.2
redhat/curl-debuginfo	<7.61.1-18.el8_4.2	7.61.1-18.el8_4.2
redhat/curl-debuginfo	<7.61.1-18.el8_4.2	7.61.1-18.el8_4.2
redhat/curl-debugsource	<7.61.1-18.el8_4.2	7.61.1-18.el8_4.2
redhat/curl-debugsource	<7.61.1-18.el8_4.2	7.61.1-18.el8_4.2
redhat/curl-minimal-debuginfo	<7.61.1-18.el8_4.2	7.61.1-18.el8_4.2
redhat/curl-minimal-debuginfo	<7.61.1-18.el8_4.2	7.61.1-18.el8_4.2
redhat/libcurl	<7.61.1-18.el8_4.2	7.61.1-18.el8_4.2
redhat/libcurl	<7.61.1-18.el8_4.2	7.61.1-18.el8_4.2
redhat/libcurl-debuginfo	<7.61.1-18.el8_4.2	7.61.1-18.el8_4.2
redhat/libcurl-debuginfo	<7.61.1-18.el8_4.2	7.61.1-18.el8_4.2
redhat/libcurl-devel	<7.61.1-18.el8_4.2	7.61.1-18.el8_4.2
redhat/libcurl-devel	<7.61.1-18.el8_4.2	7.61.1-18.el8_4.2
redhat/libcurl-minimal	<7.61.1-18.el8_4.2	7.61.1-18.el8_4.2
redhat/libcurl-minimal	<7.61.1-18.el8_4.2	7.61.1-18.el8_4.2
redhat/libcurl-minimal-debuginfo	<7.61.1-18.el8_4.2	7.61.1-18.el8_4.2
redhat/libcurl-minimal-debuginfo	<7.61.1-18.el8_4.2	7.61.1-18.el8_4.2
redhat/curl	<7.61.1-18.el8_4.2	7.61.1-18.el8_4.2
redhat/curl-debuginfo	<7.61.1-18.el8_4.2	7.61.1-18.el8_4.2
redhat/curl-debugsource	<7.61.1-18.el8_4.2	7.61.1-18.el8_4.2
redhat/curl-minimal-debuginfo	<7.61.1-18.el8_4.2	7.61.1-18.el8_4.2
redhat/libcurl	<7.61.1-18.el8_4.2	7.61.1-18.el8_4.2
redhat/libcurl-debuginfo	<7.61.1-18.el8_4.2	7.61.1-18.el8_4.2
redhat/libcurl-devel	<7.61.1-18.el8_4.2	7.61.1-18.el8_4.2
redhat/libcurl-minimal	<7.61.1-18.el8_4.2	7.61.1-18.el8_4.2
redhat/libcurl-minimal-debuginfo	<7.61.1-18.el8_4.2	7.61.1-18.el8_4.2
redhat/curl	<7.61.1-18.el8_4.2.aa	7.61.1-18.el8_4.2.aa
redhat/curl-debuginfo	<7.61.1-18.el8_4.2.aa	7.61.1-18.el8_4.2.aa
redhat/curl-debugsource	<7.61.1-18.el8_4.2.aa	7.61.1-18.el8_4.2.aa
redhat/curl-minimal-debuginfo	<7.61.1-18.el8_4.2.aa	7.61.1-18.el8_4.2.aa
redhat/libcurl	<7.61.1-18.el8_4.2.aa	7.61.1-18.el8_4.2.aa
redhat/libcurl-debuginfo	<7.61.1-18.el8_4.2.aa	7.61.1-18.el8_4.2.aa
redhat/libcurl-devel	<7.61.1-18.el8_4.2.aa	7.61.1-18.el8_4.2.aa
redhat/libcurl-minimal	<7.61.1-18.el8_4.2.aa	7.61.1-18.el8_4.2.aa
redhat/libcurl-minimal-debuginfo	<7.61.1-18.el8_4.2.aa	7.61.1-18.el8_4.2.aa

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of RHSA-2021:4059?
The severity of RHSA-2021:4059 is classified as Moderate due to the potential for unauthorized access via insecure communication protocols.
How do I fix RHSA-2021:4059?
To fix RHSA-2021:4059, you should update the affected curl packages to version 7.61.1-18.el8_4.2 or higher.
What specific packages are affected by RHSA-2021:4059?
The affected packages include curl, libcurl, curl-debuginfo, libcurl-debuginfo, and several others related to these libraries.
What is CVE-2021-22945 related to RHSA-2021:4059?
CVE-2021-22945 highlights the failure to properly enforce TLS usage in protocols like IMAP, POP3, and FTP within curl.
How can I verify if my system is affected by RHSA-2021:4059?
You can verify if your system is affected by checking the installed versions of curl and related packages against the provided vulnerable versions.

agent/references
agent/severity
agent/type
agent/first-publish-date
agent/last-modified-date
agent/softwarecombine
collector/redhat-errata
source/Red Hat
anchor-id/RHSA-2021:4059
agent/software-canonical-lookup
agent/remedy
agent/title
agent/description
agent/event
agent/trending
agent/tags
agent/source
package-manager/redhat