curl-7.19.7-53.AXS4
エラータID: AXSA:2017-1587:01
リリース日:
2017/04/12 Wednesday - 17:11
題名:
curl-7.19.7-53.AXS4
影響のあるチャネル:
Asianux Server 4 for x86_64
Asianux Server 4 for x86
Severity:
Moderate
Description:
以下項目について対処しました。
[Security Fix]
- curl は,CVE-2015-3148 の修正を正しくバックポートしていませんでした。
また HAVE_GSSAPI 定義が USE_HTTP_NEGOTIATE によって置き換えられた
ことを反映していない脆弱性があります。(CVE-2017-2628)
一部CVEの翻訳文はJVNからの引用になります。
http://jvndb.jvn.jp/
解決策:
パッケージをアップデートしてください。
CVE:
CVE-2017-2628
curl, as shipped in Red Hat Enterprise Linux 6 before version 7.19.7-53, did not correctly backport the fix for CVE-2015-3148 because it did not reflect the fact that the HAVE_GSSAPI define was meanwhile substituted by USE_HTTP_NEGOTIATE. This issue was introduced in RHEL 6.7 and affects RHEL 6 curl only.
curl, as shipped in Red Hat Enterprise Linux 6 before version 7.19.7-53, did not correctly backport the fix for CVE-2015-3148 because it did not reflect the fact that the HAVE_GSSAPI define was meanwhile substituted by USE_HTTP_NEGOTIATE. This issue was introduced in RHEL 6.7 and affects RHEL 6 curl only.
追加情報:
N/A
ダウンロード:
SRPMS
- curl-7.19.7-53.AXS4.src.rpm
MD5: fed1cfb70b24ed5eeb4ecd9dd151a5cb
SHA-256: 6c86a81af5d55270201a02c027e29b716e3b9a0c81f32b29c6feac4d5d287476
Size: 2.07 MB
Asianux Server 4 for x86
- curl-7.19.7-53.AXS4.i686.rpm
MD5: 54f3be62a3ff4bd1b888d481db8bd57a
SHA-256: 59c25de839cc40de52856b3285ec171660a86765aa14e39d6ac07ab7a794354c
Size: 196.91 kB - libcurl-7.19.7-53.AXS4.i686.rpm
MD5: 4c7dccbafddc5f6813d6e1d2162114fc
SHA-256: 2c14e8ec314365fcd84485133ca88ef755c13b7019b6be2a66f083fb26bb2759
Size: 175.82 kB - libcurl-devel-7.19.7-53.AXS4.i686.rpm
MD5: 4893fe6bdabd17107ce94d1acbf34308
SHA-256: 7a24e3e6f092cea1f2f50ecca939e841e11c13b74a099af88ccf4b578a412633
Size: 246.73 kB
Asianux Server 4 for x86_64
- curl-7.19.7-53.AXS4.x86_64.rpm
MD5: 95ddac153c58a21882cf8b5e681aa9c3
SHA-256: 10d58682962422e571cdad25084fcfba49052628a5012b29082ec22995923794
Size: 196.51 kB - libcurl-7.19.7-53.AXS4.x86_64.rpm
MD5: b38032fb4d7bfb9829b908ac33895108
SHA-256: e42872824b4e47b2bf41f19beb029b8eb6080b3a42d84974eaccf57b7b12d3c0
Size: 168.46 kB - libcurl-devel-7.19.7-53.AXS4.x86_64.rpm
MD5: 4470a8accf6f1f4ea3834bd428f11603
SHA-256: 86bc519bfa4548757fe8314da6755dc1fdbbe1c2b6d2676c357343791f20e0f4
Size: 246.29 kB - libcurl-7.19.7-53.AXS4.i686.rpm
MD5: 4c7dccbafddc5f6813d6e1d2162114fc
SHA-256: 2c14e8ec314365fcd84485133ca88ef755c13b7019b6be2a66f083fb26bb2759
Size: 175.82 kB - libcurl-devel-7.19.7-53.AXS4.i686.rpm
MD5: 4893fe6bdabd17107ce94d1acbf34308
SHA-256: 7a24e3e6f092cea1f2f50ecca939e841e11c13b74a099af88ccf4b578a412633
Size: 246.73 kB
English