curl-7.61.1-18.el8.2
エラータID: AXSA:2021-2528:05
リリース日:
2021/11/04 Thursday - 15:37
題名:
curl-7.61.1-18.el8.2
影響のあるチャネル:
Asianux Server 8 for x86_64
Severity:
Moderate
Description:
以下項目について対処しました。
[Security Fix]
- curl には、IMAP、POP3、あるいはFTP サーバーと通信する際に、ユーザーが TLS への
アップグレードを成功させるために要求を出しますが、サーバーが細工されているにも
かかわらず正当であるかのような応答を返すとアップグレード要求はバイパスされてしまう
問題があります。
これによって、curl が指示や期待に反して TLS なしでサイレントに操作を続行し、
機密データをクリアテキストでネットワーク上に公開することができる脆弱性があります。
(CVE-2021-22946)
- curl には、IMAP や POP3 サーバーに接続し、TLS へアップグレードする際に、
キュー内のキャッシュされた応答をフラッシュせず、代わりにTLSハンドシェイク前に取得した
応答を認証されたかのように使用および信頼し続ける問題があり、これによって、攻撃者が
偽の応答を挿入し、次に正しいサーバーからの TLS トラフィックをパススルーし、curl を
だまして、攻撃者が挿入したデータを TLS で保護されたサーバーからのもののようにデータを
ユーザーに送付する、中間者攻撃を引き起こすことが可能な脆弱性があります。
(CVE-2021-22947)
解決策:
パッケージをアップデートしてください。
CVE:
CVE-2021-22946
A user can tell curl >= 7.20.0 and <= 7.78.0 to require a successful upgrade to TLS when speaking to an IMAP, POP3 or FTP server (`--ssl-reqd` on the command line or`CURLOPT_USE_SSL` set to `CURLUSESSL_CONTROL` or `CURLUSESSL_ALL` withlibcurl). This requirement could be bypassed if the server would return a properly crafted but perfectly legitimate response.This flaw would then make curl silently continue its operations **withoutTLS** contrary to the instructions and expectations, exposing possibly sensitive data in clear text over the network.
A user can tell curl >= 7.20.0 and <= 7.78.0 to require a successful upgrade to TLS when speaking to an IMAP, POP3 or FTP server (`--ssl-reqd` on the command line or`CURLOPT_USE_SSL` set to `CURLUSESSL_CONTROL` or `CURLUSESSL_ALL` withlibcurl). This requirement could be bypassed if the server would return a properly crafted but perfectly legitimate response.This flaw would then make curl silently continue its operations **withoutTLS** contrary to the instructions and expectations, exposing possibly sensitive data in clear text over the network.
CVE-2021-22947
When curl >= 7.20.0 and <= 7.78.0 connects to an IMAP or POP3 server to retrieve data using STARTTLS to upgrade to TLS security, the server can respond and send back multiple responses at once that curl caches. curl would then upgrade to TLS but not flush the in-queue of cached responses but instead continue using and trustingthe responses it got *before* the TLS handshake as if they were authenticated.Using this flaw, it allows a Man-In-The-Middle attacker to first inject the fake responses, then pass-through the TLS traffic from the legitimate server and trick curl into sending data back to the user thinking the attacker's injected data comes from the TLS-protected server.
When curl >= 7.20.0 and <= 7.78.0 connects to an IMAP or POP3 server to retrieve data using STARTTLS to upgrade to TLS security, the server can respond and send back multiple responses at once that curl caches. curl would then upgrade to TLS but not flush the in-queue of cached responses but instead continue using and trustingthe responses it got *before* the TLS handshake as if they were authenticated.Using this flaw, it allows a Man-In-The-Middle attacker to first inject the fake responses, then pass-through the TLS traffic from the legitimate server and trick curl into sending data back to the user thinking the attacker's injected data comes from the TLS-protected server.
追加情報:
N/A
ダウンロード:
SRPMS
- curl-7.61.1-18.el8.2.src.rpm
MD5: 9b4b9b7bc92c4e298167316480bf98bd
SHA-256: 14501e8df66e83228380ed4e7f6f8c1ce411139386e1c8999b9f4183530cffa0
Size: 2.40 MB
Asianux Server 8 for x86_64
- curl-7.61.1-18.el8.2.x86_64.rpm
MD5: 31e1cdefdf778160822b7092eb2b23e3
SHA-256: 2cec5d263cf03e3d5ebb8e337bf7893ade406ee88b97db4691a6d271c4e14619
Size: 350.04 kB - libcurl-7.61.1-18.el8.2.x86_64.rpm
MD5: f48c72333ba5c0b691781ebf8190dd45
SHA-256: dc416d7f8e9f86c12e0c4c0f01206b13a2901b50f82462b826a9095f425d6ab5
Size: 298.80 kB - libcurl-devel-7.61.1-18.el8.2.x86_64.rpm
MD5: a2074d5a9430e189bd26a8d37de41337
SHA-256: 3ff122b90f043faebbe9be2822d23a1a12afab22d98274066069da6a33ffabe4
Size: 832.18 kB - libcurl-minimal-7.61.1-18.el8.2.x86_64.rpm
MD5: 6cceca4fbe30037ca3fade98b72a9960
SHA-256: 3de8116de5915a85b1c2060a3da864bca456cb57c4bae5dd186728ef52fb3d46
Size: 285.57 kB - libcurl-7.61.1-18.el8.2.i686.rpm
MD5: c7c18a20f4caac9730680773c42194c7
SHA-256: ec504a190ad4340eda962a996db06d6e58c23796bb208633025e4fc5beca9d40
Size: 326.92 kB - libcurl-devel-7.61.1-18.el8.2.i686.rpm
MD5: 09aceb1ec14edfb107dc186d9fdcf460
SHA-256: 6d3f248dbd6eaa7fad9559a17611a049ad2fd6e84af4e84f10cd69016366f2a9
Size: 832.22 kB - libcurl-minimal-7.61.1-18.el8.2.i686.rpm
MD5: 1ab434cbab1c51452d27b33cd74fc68a
SHA-256: 76a13701a7f826a981facdf974cf28cdd58ca8de99c2e7317ff50195f14aaef3
Size: 312.41 kB