[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244411

 
 

909

 
 

193363

 
 

277

Paid content will be excluded from the download.


Download | Alert*
OVAL

ALAS-2016-742 ---- curl, libcurl

ID: oval:org.secpod.oval:def:1600454Date: (C)2016-09-28   (M)2023-12-20
Class: PATCHFamily: unix




After testing original CVE-2016-5420 patch, it was discovered that libcurl built on top of NSS still incorrectly re-uses client certificates if a certificate from file is used for one TLS connection but no certificate is set for a subsequent TLS connection.

Platform:
Amazon Linux AMI
Product:
curl
libcurl
Reference:
ALAS-2016-742
CVE-2016-7167
CVE-2016-7141
CVE    2
CVE-2016-7141
CVE-2016-7167
CPE    2
cpe:/o:amazon:linux
cpe:/a:haxx:curl

© SecPod Technologies