Zwei Probleme in curl
ID: | FEDORA-2021-065371f385 |
Distribution: | Fedora |
Plattformen: | Fedora 34 |
Datum: | Di, 6. April 2021, 07:40 |
Referenzen: | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22876
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22890 |
Applikationen: | curl |
Originalnachricht |
|
-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2021-065371f385 2021-04-06 00:14:52.001772 -------------------------------------------------------------------------------- Name : curl Product : Fedora 34 Version : 7.76.0 Release : 1.fc34 URL : https://curl.se/ Summary : A utility for getting files from remote servers (FTP, HTTP, and others) Description : curl is a command line tool for transferring data with URL syntax, supporting FTP, FTPS, HTTP, HTTPS, SCP, SFTP, TFTP, TELNET, DICT, LDAP, LDAPS, FILE, IMAP, SMTP, POP3 and RTSP. curl supports SSL certificates, HTTP POST, HTTP PUT, FTP uploading, HTTP form based upload, proxies, cookies, user+password authentication (Basic, Digest, NTLM, Negotiate, kerberos...), file transfer resume, proxy tunneling and a busload of other useful tricks. -------------------------------------------------------------------------------- Update Information: - fix TLS 1.3 session ticket proxy host mixup (CVE-2021-22890) - prevent automatic referer from leaking credentials (CVE-2021-22876) -------------------------------------------------------------------------------- ChangeLog: * Wed Mar 31 2021 Kamil Dudka |