First published: Tue Nov 09 2021(Updated: )
The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP.<br>Security Fix(es):<br><li> curl: Leak of authentication credentials in URL via automatic Referer (CVE-2021-22876)</li> <li> curl: TELNET stack contents disclosure (CVE-2021-22898)</li> <li> curl: Incorrect fix for CVE-2021-22898 TELNET stack contents disclosure (CVE-2021-22925)</li> For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.<br>Additional Changes:<br>For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.5 Release Notes linked from the References section.
Affected Software | Affected Version | How to fix |
---|---|---|
redhat/curl | <7.61.1-22.el8 | 7.61.1-22.el8 |
redhat/curl | <7.61.1-22.el8 | 7.61.1-22.el8 |
redhat/curl-debuginfo | <7.61.1-22.el8 | 7.61.1-22.el8 |
redhat/curl-debuginfo | <7.61.1-22.el8 | 7.61.1-22.el8 |
redhat/curl-debugsource | <7.61.1-22.el8 | 7.61.1-22.el8 |
redhat/curl-debugsource | <7.61.1-22.el8 | 7.61.1-22.el8 |
redhat/curl-minimal-debuginfo | <7.61.1-22.el8 | 7.61.1-22.el8 |
redhat/curl-minimal-debuginfo | <7.61.1-22.el8 | 7.61.1-22.el8 |
redhat/libcurl | <7.61.1-22.el8 | 7.61.1-22.el8 |
redhat/libcurl | <7.61.1-22.el8 | 7.61.1-22.el8 |
redhat/libcurl-debuginfo | <7.61.1-22.el8 | 7.61.1-22.el8 |
redhat/libcurl-debuginfo | <7.61.1-22.el8 | 7.61.1-22.el8 |
redhat/libcurl-devel | <7.61.1-22.el8 | 7.61.1-22.el8 |
redhat/libcurl-devel | <7.61.1-22.el8 | 7.61.1-22.el8 |
redhat/libcurl-minimal | <7.61.1-22.el8 | 7.61.1-22.el8 |
redhat/libcurl-minimal | <7.61.1-22.el8 | 7.61.1-22.el8 |
redhat/libcurl-minimal-debuginfo | <7.61.1-22.el8 | 7.61.1-22.el8 |
redhat/libcurl-minimal-debuginfo | <7.61.1-22.el8 | 7.61.1-22.el8 |
redhat/curl | <7.61.1-22.el8 | 7.61.1-22.el8 |
redhat/curl-debuginfo | <7.61.1-22.el8 | 7.61.1-22.el8 |
redhat/curl-debugsource | <7.61.1-22.el8 | 7.61.1-22.el8 |
redhat/curl-minimal-debuginfo | <7.61.1-22.el8 | 7.61.1-22.el8 |
redhat/libcurl | <7.61.1-22.el8 | 7.61.1-22.el8 |
redhat/libcurl-debuginfo | <7.61.1-22.el8 | 7.61.1-22.el8 |
redhat/libcurl-devel | <7.61.1-22.el8 | 7.61.1-22.el8 |
redhat/libcurl-minimal | <7.61.1-22.el8 | 7.61.1-22.el8 |
redhat/libcurl-minimal-debuginfo | <7.61.1-22.el8 | 7.61.1-22.el8 |
redhat/curl | <7.61.1-22.el8.aa | 7.61.1-22.el8.aa |
redhat/curl-debuginfo | <7.61.1-22.el8.aa | 7.61.1-22.el8.aa |
redhat/curl-debugsource | <7.61.1-22.el8.aa | 7.61.1-22.el8.aa |
redhat/curl-minimal-debuginfo | <7.61.1-22.el8.aa | 7.61.1-22.el8.aa |
redhat/libcurl | <7.61.1-22.el8.aa | 7.61.1-22.el8.aa |
redhat/libcurl-debuginfo | <7.61.1-22.el8.aa | 7.61.1-22.el8.aa |
redhat/libcurl-devel | <7.61.1-22.el8.aa | 7.61.1-22.el8.aa |
redhat/libcurl-minimal | <7.61.1-22.el8.aa | 7.61.1-22.el8.aa |
redhat/libcurl-minimal-debuginfo | <7.61.1-22.el8.aa | 7.61.1-22.el8.aa |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.