Download
| Alert*
|
oval:org.secpod.oval:def:2600424
The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP. oval:org.secpod.oval:def:508043 The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP. Security Fix: curl: GSS delegation too eager connection re-use curl: TELNET option IAC injection curl: SFTP path ~ resolving discrepancy cu ... oval:org.secpod.oval:def:97724 [CLSA-2023:1682347721] curl: Fix of CVE-2023-27534 oval:org.secpod.oval:def:1601685 A vulnerability was found in curl. In this issue, curl can be asked to tunnel all protocols virtually it supports through an HTTP proxy. HTTP proxies can deny these tunnel operations using an appropriate HTTP error response code. When getting denied to tunnel the specific SMB or TELNET protocols, cu ... oval:org.secpod.oval:def:19500235 The curl advisory describes this issue as follows:curl supports communicating using the TELNET protocol and as a part of this it offers users to pass on user name and "telnet options" for the server negotiation.Due to lack of proper input scrubbing and without it being the documented functionality, ... oval:org.secpod.oval:def:89048859 This update for curl fixes the following issues: * CVE-2023-28320: Fixed siglongjmp race condition . * CVE-2023-28321: Fixed IDN wildcard matching . * CVE-2023-28322: Fixed POST-after-PUT confusion . * CVE-2023-27533: Fixed TELNET option IAC injection . * CVE-2023-27534: Fixed SFTP path ~ resolving ... oval:org.secpod.oval:def:89048862 This update for curl fixes the following issues: * CVE-2023-28320: Fixed siglongjmp race condition . * CVE-2023-28321: Fixed IDN wildcard matching . * CVE-2023-28322: Fixed POST-after-PUT confusion . * CVE-2023-27533: Fixed TELNET option IAC injection . * CVE-2023-27534: Fixed SFTP path ~ resolving ... oval:org.secpod.oval:def:708036 curl: HTTP, HTTPS, and FTP client and client libraries Several security issues were fixed in curl. oval:org.secpod.oval:def:1701346 The curl advisory describes this issue as follows:curl supports communicating using the TELNET protocol and as a part of this it offers users to pass on user name and "telnet options" for the server negotiation.Due to lack of proper input scrubbing and without it being the documented functionality, ... oval:org.secpod.oval:def:125200 curl is a command line tool for transferring data with URL syntax, supporting FTP, FTPS, HTTP, HTTPS, SCP, SFTP, TFTP, TELNET, DICT, LDAP, LDAPS, FILE, IMAP, SMTP, POP3 and RTSP. curl supports SSL certificates, HTTP POST, HTTP PUT, FTP uploading, HTTP form based upload, proxies, cookies, user+passwo ... oval:org.secpod.oval:def:89048676 This update for curl fixes the following issues: * CVE-2023-27533: Fixed TELNET option IAC injection . * CVE-2023-27534: Fixed SFTP path ~ resolving discrepancy . * CVE-2023-27535: Fixed FTP too eager connection reuse . * CVE-2023-27536: Fixed GSS delegation too eager connection reuse . * CVE-2023-2 ... oval:org.secpod.oval:def:125265 curl is a command line tool for transferring data with URL syntax, supporting FTP, FTPS, HTTP, HTTPS, SCP, SFTP, TFTP, TELNET, DICT, LDAP, LDAPS, FILE, IMAP, SMTP, POP3 and RTSP. curl supports SSL certificates, HTTP POST, HTTP PUT, FTP uploading, HTTP form based upload, proxies, cookies, user+passwo ... oval:org.secpod.oval:def:89048586 This update for curl fixes the following issues: * CVE-2023-27533: Fixed TELNET option IAC injection . * CVE-2023-27534: Fixed SFTP path ~ resolving discrepancy . * CVE-2023-27535: Fixed FTP too eager connection reuse . * CVE-2023-27536: Fixed GSS delegation too eager connection reuse . * CVE-2023-2 ... oval:org.secpod.oval:def:89503 curl: HTTP, HTTPS, and FTP client and client libraries Several security issues were fixed in curl. oval:org.secpod.oval:def:90727 The host is missing a patch containing a security fixes, which affects the following package(s): oss.lib.libcurl |
