[CLSA-2021:1617285762] Fixed CVE-2021-22876 in curl
Type:
security
Severity:
Moderate
Release date:
2021-04-01
Description:
- back-port urlapi from v7.75.0 (used by CVE-2021-22876) - strip credentials from the auto-referer header (CVE-2021-22876)
Updated packages:
  • libcurl-devel-7.19.7-56.el6.cloudlinux.els6.x86_64.rpm
    sha:cfe023d5526391644c23a6eb98e2f411cf361cac
  • curl-7.19.7-56.el6.cloudlinux.els6.x86_64.rpm
    sha:e2a98267ff5b6bb0d59e3f8d9c1ae6488eee39ee
  • libcurl-7.19.7-56.el6.cloudlinux.els6.i686.rpm
    sha:05d9f4521b61d33b60626ff711d9564271ee8056
  • libcurl-7.19.7-56.el6.cloudlinux.els6.x86_64.rpm
    sha:455bc7971eb8328c56a3b48d75bb6facceb233ed
  • libcurl-devel-7.19.7-56.el6.cloudlinux.els6.i686.rpm
    sha:eb85dff2ede257d29fec9e0f572ef10ffa440baa
Notes:
This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.