First published: Tue Feb 22 2022(Updated: )
The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP.<br>Security Fix(es):<br><li> curl: Requirement to use TLS not properly enforced for IMAP, POP3, and FTP protocols (CVE-2021-22946)</li> <li> curl: Server responses received before STARTTLS processed after TLS handshake (CVE-2021-22947)</li> For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Affected Software | Affected Version | How to fix |
---|---|---|
redhat/curl | <7.61.1-12.el8_2.4 | 7.61.1-12.el8_2.4 |
redhat/curl | <7.61.1-12.el8_2.4 | 7.61.1-12.el8_2.4 |
redhat/curl-debuginfo | <7.61.1-12.el8_2.4 | 7.61.1-12.el8_2.4 |
redhat/curl-debuginfo | <7.61.1-12.el8_2.4 | 7.61.1-12.el8_2.4 |
redhat/curl-debugsource | <7.61.1-12.el8_2.4 | 7.61.1-12.el8_2.4 |
redhat/curl-debugsource | <7.61.1-12.el8_2.4 | 7.61.1-12.el8_2.4 |
redhat/curl-minimal-debuginfo | <7.61.1-12.el8_2.4 | 7.61.1-12.el8_2.4 |
redhat/curl-minimal-debuginfo | <7.61.1-12.el8_2.4 | 7.61.1-12.el8_2.4 |
redhat/libcurl | <7.61.1-12.el8_2.4 | 7.61.1-12.el8_2.4 |
redhat/libcurl | <7.61.1-12.el8_2.4 | 7.61.1-12.el8_2.4 |
redhat/libcurl-debuginfo | <7.61.1-12.el8_2.4 | 7.61.1-12.el8_2.4 |
redhat/libcurl-debuginfo | <7.61.1-12.el8_2.4 | 7.61.1-12.el8_2.4 |
redhat/libcurl-devel | <7.61.1-12.el8_2.4 | 7.61.1-12.el8_2.4 |
redhat/libcurl-devel | <7.61.1-12.el8_2.4 | 7.61.1-12.el8_2.4 |
redhat/libcurl-minimal | <7.61.1-12.el8_2.4 | 7.61.1-12.el8_2.4 |
redhat/libcurl-minimal | <7.61.1-12.el8_2.4 | 7.61.1-12.el8_2.4 |
redhat/libcurl-minimal-debuginfo | <7.61.1-12.el8_2.4 | 7.61.1-12.el8_2.4 |
redhat/libcurl-minimal-debuginfo | <7.61.1-12.el8_2.4 | 7.61.1-12.el8_2.4 |
redhat/curl | <7.61.1-12.el8_2.4 | 7.61.1-12.el8_2.4 |
redhat/curl-debuginfo | <7.61.1-12.el8_2.4 | 7.61.1-12.el8_2.4 |
redhat/curl-debugsource | <7.61.1-12.el8_2.4 | 7.61.1-12.el8_2.4 |
redhat/curl-minimal-debuginfo | <7.61.1-12.el8_2.4 | 7.61.1-12.el8_2.4 |
redhat/libcurl | <7.61.1-12.el8_2.4 | 7.61.1-12.el8_2.4 |
redhat/libcurl-debuginfo | <7.61.1-12.el8_2.4 | 7.61.1-12.el8_2.4 |
redhat/libcurl-devel | <7.61.1-12.el8_2.4 | 7.61.1-12.el8_2.4 |
redhat/libcurl-minimal | <7.61.1-12.el8_2.4 | 7.61.1-12.el8_2.4 |
redhat/libcurl-minimal-debuginfo | <7.61.1-12.el8_2.4 | 7.61.1-12.el8_2.4 |
redhat/curl | <7.61.1-12.el8_2.4.aa | 7.61.1-12.el8_2.4.aa |
redhat/curl-debuginfo | <7.61.1-12.el8_2.4.aa | 7.61.1-12.el8_2.4.aa |
redhat/curl-debugsource | <7.61.1-12.el8_2.4.aa | 7.61.1-12.el8_2.4.aa |
redhat/curl-minimal-debuginfo | <7.61.1-12.el8_2.4.aa | 7.61.1-12.el8_2.4.aa |
redhat/libcurl | <7.61.1-12.el8_2.4.aa | 7.61.1-12.el8_2.4.aa |
redhat/libcurl-debuginfo | <7.61.1-12.el8_2.4.aa | 7.61.1-12.el8_2.4.aa |
redhat/libcurl-devel | <7.61.1-12.el8_2.4.aa | 7.61.1-12.el8_2.4.aa |
redhat/libcurl-minimal | <7.61.1-12.el8_2.4.aa | 7.61.1-12.el8_2.4.aa |
redhat/libcurl-minimal-debuginfo | <7.61.1-12.el8_2.4.aa | 7.61.1-12.el8_2.4.aa |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.