curl-7.61.1-22.el8
エラータID: AXSA:2021-2762:06
リリース日:
2021/12/14 Tuesday - 07:25
題名:
curl-7.61.1-22.el8
影響のあるチャネル:
Asianux Server 8 for x86_64
Severity:
Moderate
Description:
以下項目について対処しました。
[Security Fix]
- libcurl には、送信する HTTP リクエストに Referrer ヘッダーを自動的に
挿入する際、URL からユーザーのクレデンシャルを取り除かないため、
送信先サーバーに個人情報が漏洩する脆弱性があります。
(CVE-2021-22876)
- libcurl には、CURLOPT_TELNETOPTIONS を用いて TELNET サーバーに
variable=content のペアを送信した場合、NEW_ENV 変数を送るための
オプションパーサーの問題が原因でスタック領域の初期化されていない
データをサーバーに引き渡してしまうため、平文のネットワークプロトコルを
使ってサーバーへ重要な機密情報を漏洩する脆弱性があります。
これは、curl において '-t' オプションを用いた場合も同様です。
(CVE-2021-22898)
- libcurl には、CURLOPT_TELNETOPTIONS を用いて TELNET サーバーに
variable=content のペアを送信した場合、NEW_ENV 変数を送るための
オプションパーサーの問題が原因でスタック領域の初期化されていない
データをサーバーに引き渡してしまうため、平文のネットワークプロトコルを
使ってサーバーへ重要な機密情報を漏洩する脆弱性があります。
これは、curl において '-t' オプションを用いた場合も同様です。
(CVE-2021-22925)
解決策:
パッケージをアップデートしてください。
CVE:
CVE-2021-22876
curl 7.1.1 to and including 7.75.0 is vulnerable to an "Exposure of Private Personal Information to an Unauthorized Actor" by leaking credentials in the HTTP Referer: header. libcurl does not strip off user credentials from the URL when automatically populating the Referer: HTTP request header field in outgoing HTTP requests, and therefore risks leaking sensitive data to the server that is the target of the second HTTP request.
curl 7.1.1 to and including 7.75.0 is vulnerable to an "Exposure of Private Personal Information to an Unauthorized Actor" by leaking credentials in the HTTP Referer: header. libcurl does not strip off user credentials from the URL when automatically populating the Referer: HTTP request header field in outgoing HTTP requests, and therefore risks leaking sensitive data to the server that is the target of the second HTTP request.
CVE-2021-22898
curl 7.7 through 7.76.1 suffers from an information disclosure when the `-t` command line option, known as `CURLOPT_TELNETOPTIONS` in libcurl, is used to send variable=content pairs to TELNET servers. Due to a flaw in the option parser for sending NEW_ENV variables, libcurl could be made to pass on uninitialized data from a stack based buffer to the server, resulting in potentially revealing sensitive internal information to the server using a clear-text network protocol.
curl 7.7 through 7.76.1 suffers from an information disclosure when the `-t` command line option, known as `CURLOPT_TELNETOPTIONS` in libcurl, is used to send variable=content pairs to TELNET servers. Due to a flaw in the option parser for sending NEW_ENV variables, libcurl could be made to pass on uninitialized data from a stack based buffer to the server, resulting in potentially revealing sensitive internal information to the server using a clear-text network protocol.
CVE-2021-22925
curl supports the `-t` command line option, known as `CURLOPT_TELNETOPTIONS`in libcurl. This rarely used option is used to send variable=content pairs toTELNET servers.Due to flaw in the option parser for sending `NEW_ENV` variables, libcurlcould be made to pass on uninitialized data from a stack based buffer to theserver. Therefore potentially revealing sensitive internal information to theserver using a clear-text network protocol.This could happen because curl did not call and use sscanf() correctly whenparsing the string provided by the application.
curl supports the `-t` command line option, known as `CURLOPT_TELNETOPTIONS`in libcurl. This rarely used option is used to send variable=content pairs toTELNET servers.Due to flaw in the option parser for sending `NEW_ENV` variables, libcurlcould be made to pass on uninitialized data from a stack based buffer to theserver. Therefore potentially revealing sensitive internal information to theserver using a clear-text network protocol.This could happen because curl did not call and use sscanf() correctly whenparsing the string provided by the application.
追加情報:
N/A
ダウンロード:
SRPMS
- curl-7.61.1-22.el8.src.rpm
MD5: 104ef097a4d636fd42fee1bbf5f21dc0
SHA-256: 402386bd9e5a5d5e6b889fc7fbda2d527ee2ff7299eea74a54f06832b48832b8
Size: 2.40 MB
Asianux Server 8 for x86_64
- curl-7.61.1-22.el8.x86_64.rpm
MD5: 7cc1d8ac97adfcee3cc78dfcbc699e23
SHA-256: e1d4dd82d7bc9e6b7d80e2a4b6f3d157b4e8319c2aa11bb512591d7d3566dc59
Size: 350.40 kB - libcurl-7.61.1-22.el8.x86_64.rpm
MD5: b25e02da5bcb8e00c7165ad486460a5b
SHA-256: f1ccb4696df4828a1c16749762f07efb57b88d5f62e5c08de61712718f1a759e
Size: 299.46 kB - libcurl-devel-7.61.1-22.el8.x86_64.rpm
MD5: 07f4c2316cbe0864e36590e1c3153bc3
SHA-256: 00d8761785d5afc7907d896fd12fbfafe803880f00cec12814ab06fa81c1dcfe
Size: 832.55 kB - libcurl-minimal-7.61.1-22.el8.x86_64.rpm
MD5: 02ed36b34c68a240afbf9b3838da390a
SHA-256: 92432527608d222bfc13b8e473af4260c4449b91833946ac5fbca7f55f27581c
Size: 286.04 kB - libcurl-7.61.1-22.el8.i686.rpm
MD5: 8f51fc56e5dddcbdfae0c0310d63853c
SHA-256: 851d45487b41e93ebbadac3badeb0cae8452d7c194fa461d291cba87500fb155
Size: 327.19 kB - libcurl-devel-7.61.1-22.el8.i686.rpm
MD5: af583821259885deb618b5eba275b8a5
SHA-256: 8dca8ea36b16a1d1991e44ccfb94c2fe7ff8cdb992a4ea8b04a9ad2ebfbf8a08
Size: 832.61 kB - libcurl-minimal-7.61.1-22.el8.i686.rpm
MD5: ffe2277b9ca1699d30146e9167073cff
SHA-256: feb6fb4490e9495b91955b94f5bff08872deaa1e1bf0d2f7970be4f7cd9f3602
Size: 312.70 kB