CLSA-2023-1688070599

See a problem?

Import Source

https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu18.04els/CLSA-2023-1688070599.json

JSON Data

https://api.test.osv.dev/v1/vulns/CLSA-2023-1688070599

Upstream

CVE-2023-28321

CVE-2023-28322

Published

2023-06-29T20:30:06Z

Modified

2026-06-04T10:04:35.347796672Z

Summary

Fix CVE(s): CVE-2023-28322, CVE-2023-28321

Details

SECURITY UPDATE: More POST-after-PUT confusion
- debian/patches/CVE-2023-28322.patch: fix mess in upload/method handling
- CVE-2023-28322
SECURITY UPDATE: incorrect IDN wildcard match
- debian/patches/CVE-2023-28321.patch: fix erroneous logic in wildcard handling, drop support for wildcards in the middle of domain name
- CVE-2023-28321

References

https://errata.cloudlinux.com/ubuntu18_04-els/CLSA-2023-1688070599

Affected packages

TuxCare:Ubuntu:18.04

curl

Package

Name: curl
Purl: pkg:deb/tuxcare/curl?distro=ubuntu-18.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

7.58.0-2ubuntu3.24+tuxcare.els1

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu18.04els/CLSA-2023-1688070599.json"

libcurl3-gnutls

Package

Name: libcurl3-gnutls
Purl: pkg:deb/tuxcare/libcurl3-gnutls?distro=ubuntu-18.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

7.58.0-2ubuntu3.24+tuxcare.els1

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu18.04els/CLSA-2023-1688070599.json"

libcurl3-nss

Package

Name: libcurl3-nss
Purl: pkg:deb/tuxcare/libcurl3-nss?distro=ubuntu-18.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

7.58.0-2ubuntu3.24+tuxcare.els1

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu18.04els/CLSA-2023-1688070599.json"

libcurl4

Package

Name: libcurl4
Purl: pkg:deb/tuxcare/libcurl4?distro=ubuntu-18.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

7.58.0-2ubuntu3.24+tuxcare.els1

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu18.04els/CLSA-2023-1688070599.json"

libcurl4-doc

Package

Name: libcurl4-doc
Purl: pkg:deb/tuxcare/libcurl4-doc?distro=ubuntu-18.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

7.58.0-2ubuntu3.24+tuxcare.els1

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu18.04els/CLSA-2023-1688070599.json"

libcurl4-gnutls-dev

Package

Name: libcurl4-gnutls-dev
Purl: pkg:deb/tuxcare/libcurl4-gnutls-dev?distro=ubuntu-18.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

7.58.0-2ubuntu3.24+tuxcare.els1

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu18.04els/CLSA-2023-1688070599.json"

libcurl4-nss-dev

Package

Name: libcurl4-nss-dev
Purl: pkg:deb/tuxcare/libcurl4-nss-dev?distro=ubuntu-18.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

7.58.0-2ubuntu3.24+tuxcare.els1

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu18.04els/CLSA-2023-1688070599.json"

libcurl4-openssl-dev

Package

Name: libcurl4-openssl-dev
Purl: pkg:deb/tuxcare/libcurl4-openssl-dev?distro=ubuntu-18.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

7.58.0-2ubuntu3.24+tuxcare.els1

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu18.04els/CLSA-2023-1688070599.json"