stable

curl-7.71.1-10.fc33

FEDORA-2021-5d21b90a30 created by kdudka a year ago for Fedora 33
  • fix TELNET stack contents disclosure again (CVE-2021-22925)
  • fix bad connection reuse due to flawed path name checks (CVE-2021-22924)
  • disable metalink support to fix the following vulnerabilities CVE-2021-22923 - metalink download sends credentials CVE-2021-22922 - wrong content via metalink not discarded

How to install

sudo dnf upgrade --refresh --advisory=FEDORA-2021-5d21b90a30

This update has been submitted for testing by kdudka.

a year ago

This update's test gating status has been changed to 'failed'.

a year ago

This update's test gating status has been changed to 'waiting'.

a year ago

This update's test gating status has been changed to 'failed'.

a year ago

This update's test gating status has been changed to 'passed'.

a year ago

This update has been pushed to testing.

a year ago

This update has been submitted for stable by bodhi.

a year ago

This update has been pushed to stable.

a year ago

Please login to add feedback.

Metadata
Type
security
Severity
medium
Karma
0
Signed
Content Type
RPM
Test Gating
Builds
1
curl-7.71.1-10.fc33
Settings
Unstable by Karma
-3
Stable by Karma
3
Stable by Time
14 days
Dates
submitted
a year ago
in testing
a year ago
in stable
a year ago
BZ#1984325 CVE-2021-22922 curl: wrong content via metalink is not being discarded [fedora-all]
0
0
BZ#1984326 CVE-2021-22923 curl: Metalink download sends credentials [fedora-all]
0
0
BZ#1984327 CVE-2021-22924 curl: bad connection reuse due to flawed path name checks [fedora-all]
0
0
BZ#1984328 CVE-2021-22925 curl: Incorrect fix for CVE-2021-22898 TELNET stack contents disclosure [fedora-all]
0
0
curl-7.71.1-10.fc33

Automated Test Results

passed

Copyright © 2007-2023 Red Hat, Inc. and others.

Running bodhi-server 7.0.1 on bodhi-web-66-dxxtt.

bodhi is Free Software. Please file issues if you have any problems. Read the documentation.

Composes Legal Privacy policy