OESA-2023-1959
- Source
- https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2023-1959
- Import Source
- https://repo.openeuler.org/security/data/osv/OESA-2023-1959.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/OESA-2023-1959
- Upstream
- Published
- 2023-12-22T11:06:33Z
- Modified
- 2025-08-12T05:23:04.536503Z
- Summary
- curl security update
- Details
-
cURL is a computer software project providing a library (libcurl) and command-line tool (curl) for transferring data using various protocols.
Security Fix(es):
When saving HSTS data to an excessively long file name, curl could end up removing all contents, making subsequent requests using that file unaware of the HSTS status they should otherwise use. (CVE-2023-46219)
- Database specific
{ "severity": "Low" }- References
Affected packages
openEuler:20.03-LTS-SP3 / curl
Package
- Name
- curl
- Purl
- pkg:rpm/openEuler/curl&distro=openEuler-20.03-LTS-SP3
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed7.71.1-32.oe1
Ecosystem specific
{
"src": [
"curl-7.71.1-32.oe1.src.rpm"
],
"x86_64": [
"libcurl-7.71.1-32.oe1.x86_64.rpm",
"curl-debuginfo-7.71.1-32.oe1.x86_64.rpm",
"curl-7.71.1-32.oe1.x86_64.rpm",
"libcurl-devel-7.71.1-32.oe1.x86_64.rpm",
"curl-debugsource-7.71.1-32.oe1.x86_64.rpm"
],
"aarch64": [
"curl-debugsource-7.71.1-32.oe1.aarch64.rpm",
"curl-debuginfo-7.71.1-32.oe1.aarch64.rpm",
"curl-7.71.1-32.oe1.aarch64.rpm",
"libcurl-devel-7.71.1-32.oe1.aarch64.rpm",
"libcurl-7.71.1-32.oe1.aarch64.rpm"
],
"noarch": [
"curl-help-7.71.1-32.oe1.noarch.rpm"
]
}