curl-7.61.1-30.el8

エラータID: AXSA:2023-5803:08

Release date: 
Monday, June 5, 2023 - 06:17
Subject: 
curl-7.61.1-30.el8
Affected Channels: 
Asianux Server 8 for x86_64
Severity: 
Low
Description: 

The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP.

Security Fix(es):

* curl: Incorrect handling of control code characters in cookies (CVE-2022-35252)
* curl: Use-after-free triggered by an HTTP proxy deny response (CVE-2022-43552)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

CVE-2022-35252
When curl is used to retrieve and parse cookies from a HTTP(S) server, itaccepts cookies using control codes that when later are sent back to a HTTPserver might make the server return 400 responses. Effectively allowing a"sister site" to deny service to all siblings.
CVE-2022-43552
A use after free vulnerability exists in curl <7.87.0. Curl can be asked to *tunnel* virtually all protocols it supports through an HTTP proxy. HTTP proxies can (and often do) deny such tunnel operations. When getting denied to tunnel the specific protocols SMB or TELNET, curl would use a heap-allocated struct after it had been freed, in its transfer shutdown code path.

Solution: 

Update packages.

CVEs: 
CVE-2022-35252
When curl is used to retrieve and parse cookies from a HTTP(S) server, itaccepts cookies using control codes that when later are sent back to a HTTPserver might make the server return 400 responses. Effectively allowing a"sister site" to deny service to all siblings.
CVE-2022-43552
A use after free vulnerability exists in curl <7.87.0. Curl can be asked to *tunnel* virtually all protocols it supports through an HTTP proxy. HTTP proxies can (and often do) deny such tunnel operations. When getting denied to tunnel the specific protocols SMB or TELNET, curl would use a heap-allocated struct after it had been freed, in its transfer shutdown code path.
Additional Info: 

N/A

Download: 

SRPMS
  1. curl-7.61.1-30.el8.src.rpm
    MD5: d1b85eb128958c5373893329bd44553d
    SHA-256: d360f77eda95cd5f89adc5d9da3fc0f5aedecc132ac3bb38a09765fd094324e8
    Size: 2.43 MB

Asianux Server 8 for x86_64
  1. curl-7.61.1-30.el8.x86_64.rpm
    MD5: 4f94b3cbc0ce41874f7e8ba575768e11
    SHA-256: a825fcb4ceed522cc27f3e46ed9d690f797bfc53d7224818786cbe8ae7c997f6
    Size: 351.55 kB
  2. libcurl-7.61.1-30.el8.i686.rpm
    MD5: 660885382b804eb6cd7bf79ef60baa79
    SHA-256: ac1e8fa38356232c847d616afca0a16b578aecd94d3d27039dd0218debdb48b6
    Size: 329.69 kB
  3. libcurl-7.61.1-30.el8.x86_64.rpm
    MD5: 7df85515b66a626f76fa006d6ab72252
    SHA-256: 846efff2901824c1f8e803812d309b5e585b55814238b436b6ca1df2f1788951
    Size: 301.61 kB
  4. libcurl-devel-7.61.1-30.el8.i686.rpm
    MD5: 88becbbf665cd257ed29d0dd4bb2eef1
    SHA-256: 06428ac4785be7e45b6f43c7f640fc04d3e71282ba94b2fa0a06c6d1a7a8c672
    Size: 833.80 kB
  5. libcurl-devel-7.61.1-30.el8.x86_64.rpm
    MD5: 8699611c6541142db37809f8fc4c89a8
    SHA-256: 551a5fa8b8c4e719d986900154bfc121b4f8940f2ad21abe1afc32f865f3310f
    Size: 833.76 kB
  6. libcurl-minimal-7.61.1-30.el8.i686.rpm
    MD5: 1bf7c6b65b8b75a6aecc550ef917e3b4
    SHA-256: edf40dbb913154e17fa871e14a18bfc98ae8d5a4319bf0d9fbac2ec9b27911c1
    Size: 314.75 kB
  7. libcurl-minimal-7.61.1-30.el8.x86_64.rpm
    MD5: 3888f28dd354b53df18184793b1ad774
    SHA-256: eda5c1de4e09d15c6628844ad219af0e1fd9f7f742b333c724020a4cd3dcc06c
    Size: 288.15 kB