MGASA-2021-0384
- Source
- https://advisories.mageia.org/MGASA-2021-0384.html
- Import Source
- https://advisories.mageia.org/MGASA-2021-0384.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/MGASA-2021-0384
- Related
- Published
- 2021-07-27T20:21:53Z
- Modified
- 2021-07-27T19:59:12Z
- Summary
- Updated curl packages fix security vulnerabilities
- Details
-
Wrong content via metalink not discarded (CVE-2021-22922).
Metalink download sends credentials (CVE-2021-22923).
Bad connection reuse due to flawed path name checks (CVE-2021-22924).
TELNET stack contents disclosure again (CVE-2021-22925).
- References
-
- https://advisories.mageia.org/MGASA-2021-0384.html
- https://bugs.mageia.org/show_bug.cgi?id=29278
- https://curl.se/docs/CVE-2021-22922.html
- https://curl.se/docs/CVE-2021-22923.html
- https://curl.se/docs/CVE-2021-22924.html
- https://curl.se/docs/CVE-2021-22925.html
- https://lists.suse.com/pipermail/sle-security-updates/2021-July/009187.html
- Credits
-
-
- Mageia - COORDINATOR
-
Affected packages
Mageia:8 / curl
Package
- Name
- curl
- Purl
- pkg:rpm/mageia/curl?distro=mageia-8