RHSA-2021:4511-01 -- Redhat curl, libcurlID: oval:org.secpod.oval:def:86329 | Date: (C)2022-12-27 (M)2024-04-03 |
Class: PATCH | Family: unix |
The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP. Security Fix: * curl: Leak of authentication credentials in URL via automatic Referer * curl: TELNET stack contents disclosure * curl: Incorrect fix for CVE-2021-22898 TELNET stack contents disclosure For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.5 Release Notes linked from the References section.