SUSE-SU-2023:2226-1 -- SLES curl, libcurl4, libcurl-develID: oval:org.secpod.oval:def:89048862 | Date: (C)2023-06-02 (M)2024-04-03 |
Class: PATCH | Family: unix |
This update for curl fixes the following issues: * CVE-2023-28320: Fixed siglongjmp race condition . * CVE-2023-28321: Fixed IDN wildcard matching . * CVE-2023-28322: Fixed POST-after-PUT confusion . * CVE-2023-27533: Fixed TELNET option IAC injection . * CVE-2023-27534: Fixed SFTP path ~ resolving discrepancy . * CVE-2023-27535: Fixed FTP too eager connection reuse . * CVE-2023-27536: Fixed GSS delegation too eager connection reuse . * CVE-2023-27538: Fixed SSH connection too eager reuse still . * CVE-2022-43552: HTTP Proxy deny use-after-free . * CVE-2023-23916: Fixed HTTP multi-header compression denial of service .
Platform: |
SUSE Linux Enterprise Server 15 SP1 |
Product: |
curl |
libcurl4 |
libcurl-devel |