SUSE-SU-2021:1762-1 -- SLES curl, libcurl-devel, libcurl4ID: oval:org.secpod.oval:def:89047337 | Date: (C)2022-10-21 (M)2024-04-03 |
Class: PATCH | Family: unix |
This update for curl fixes the following issues: - CVE-2021-22898: Fixed curl TELNET stack contents disclosure . - Allow partial chain verification [jsc#SLE-17956] * Have intermediate certificates in the trust store be treated as trust-anchors, in the same way as self-signed root CA certificates are. This allows users to verify servers using the intermediate cert only, instead of needing the whole chain. * Set FLAG_TRUSTED_FIRST unconditionally. * Do not check partial chains with CRL check.
Platform: |
SUSE Linux Enterprise Server 15 SP2 |
SUSE Linux Enterprise Server 15 SP3 |
SUSE Linux Enterprise Desktop 15 SP2 |
SUSE Linux Enterprise Desktop 15 SP3 |
Product: |
curl |
libcurl-devel |
libcurl4 |