Cookie Consent by Free Privacy Policy Generator ๐Ÿ“Œ USN-4402-1: curl vulnerabilities

๐Ÿ  Team IT Security News

TSecurity.de ist eine Online-Plattform, die sich auf die Bereitstellung von Informationen,alle 15 Minuten neuste Nachrichten, Bildungsressourcen und Dienstleistungen rund um das Thema IT-Sicherheit spezialisiert hat.
Ob es sich um aktuelle Nachrichten, Fachartikel, Blogbeitrรคge, Webinare, Tutorials, oder Tipps & Tricks handelt, TSecurity.de bietet seinen Nutzern einen umfassenden รœberblick รผber die wichtigsten Aspekte der IT-Sicherheit in einer sich stรคndig verรคndernden digitalen Welt.

16.12.2023 - TIP: Wer den Cookie Consent Banner akzeptiert, kann z.B. von Englisch nach Deutsch รผbersetzen, erst Englisch auswรคhlen dann wieder Deutsch!

Google Android Playstore Download Button fรผr Team IT Security



๐Ÿ“š USN-4402-1: curl vulnerabilities


๐Ÿ’ก Newskategorie: Unix Server
๐Ÿ”— Quelle: usn.ubuntu.com

curl vulnerabilities

A security issue affects these releases of Ubuntu and its derivatives:

  • Ubuntu 20.04 LTS
  • Ubuntu 19.10
  • Ubuntu 18.04 LTS
  • Ubuntu 16.04 LTS
  • Ubuntu 14.04 ESM
  • Ubuntu 12.04 ESM

Summary

Several security issues were fixed in curl.

Software Description

  • curl - HTTP, HTTPS, and FTP client and client libraries

Details

Marek Szlagor, Gregory Jefferis and Jeroen Ooms discovered that curl incorrectly handled certain credentials. An attacker could possibly use this issue to expose sensitive information. This issue only affected Ubuntu 19.10 and Ubuntu 20.04 LTS. (CVE-2020-8169)

It was discovered that curl incorrectly handled certain parameters. An attacker could possibly use this issue to overwrite a local file. (CVE-2020-8177)

Update instructions

The problem can be corrected by updating your system to the following package versions:

Ubuntu 20.04 LTS
curl - 7.68.0-1ubuntu2.1
libcurl3-gnutls - 7.68.0-1ubuntu2.1
libcurl3-nss - 7.68.0-1ubuntu2.1
libcurl4 - 7.68.0-1ubuntu2.1
Ubuntu 19.10
curl - 7.65.3-1ubuntu3.1
libcurl3-gnutls - 7.65.3-1ubuntu3.1
libcurl3-nss - 7.65.3-1ubuntu3.1
libcurl4 - 7.65.3-1ubuntu3.1
Ubuntu 18.04 LTS
curl - 7.58.0-2ubuntu3.9
libcurl3-gnutls - 7.58.0-2ubuntu3.9
libcurl3-nss - 7.58.0-2ubuntu3.9
libcurl4 - 7.58.0-2ubuntu3.9
Ubuntu 16.04 LTS
curl - 7.47.0-1ubuntu2.15
libcurl3 - 7.47.0-1ubuntu2.15
libcurl3-gnutls - 7.47.0-1ubuntu2.15
libcurl3-nss - 7.47.0-1ubuntu2.15
Ubuntu 14.04 ESM
curl - 7.35.0-1ubuntu2.20+esm4
libcurl3 - 7.35.0-1ubuntu2.20+esm4
libcurl3-gnutls - 7.35.0-1ubuntu2.20+esm4
libcurl3-nss - 7.35.0-1ubuntu2.20+esm4
Ubuntu 12.04 ESM
curl - 7.22.0-3ubuntu4.28
libcurl3 - 7.22.0-3ubuntu4.28
libcurl3-gnutls - 7.22.0-3ubuntu4.28
libcurl3-nss - 7.22.0-3ubuntu4.28

To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.

In general, a standard system update will make all the necessary changes.

References

...



๐Ÿ“Œ curl: Buffer overflow and affected url:-https://github.com/curl/curl/blob/master/docs/examples/hsts-preload.c


๐Ÿ“ˆ 32.65 Punkte

๐Ÿ“Œ curl: Invalid write (or double free) triggers curl command line tool crash


๐Ÿ“ˆ 21.77 Punkte

๐Ÿ“Œ curl: CVE-2023-23914: curl HSTS ignored on multiple requests


๐Ÿ“ˆ 21.77 Punkte

๐Ÿ“Œ curl: curl overwrites local file with -J option if file non-readable, but file writable.


๐Ÿ“ˆ 21.77 Punkte

๐Ÿ“Œ curl: Parallel upload hangs curl if upload file not found


๐Ÿ“ˆ 21.77 Punkte

๐Ÿ“Œ curl: error parse uri path in curl


๐Ÿ“ˆ 21.77 Punkte

๐Ÿ“Œ curl: CVE-2022-27778: curl removes wrong file on error


๐Ÿ“ˆ 21.77 Punkte

๐Ÿ“Œ curl: curl "globbing" can lead to denial of service attacks


๐Ÿ“ˆ 21.77 Punkte

๐Ÿ“Œ curl: curl file writing susceptible to symlink attacks


๐Ÿ“ˆ 21.77 Punkte

๐Ÿ“Œ curl: [Critical] Curl CVE-2023-38545 vulnerability code changes are disclosed on the internet


๐Ÿ“ˆ 21.77 Punkte

๐Ÿ“Œ USN-3123-1: curl vulnerabilities


๐Ÿ“ˆ 21.35 Punkte

๐Ÿ“Œ USN-3123-1: curl vulnerabilities


๐Ÿ“ˆ 21.35 Punkte

๐Ÿ“Œ USN-4665-2: curl vulnerabilities


๐Ÿ“ˆ 21.35 Punkte

๐Ÿ“Œ USN-4898-1: curl vulnerabilities


๐Ÿ“ˆ 21.35 Punkte

๐Ÿ“Œ USN-3048-1: curl vulnerabilities


๐Ÿ“ˆ 21.35 Punkte

๐Ÿ“Œ USN-4665-1: curl vulnerabilities


๐Ÿ“ˆ 21.35 Punkte

๐Ÿ“Œ USN-5499-1: curl vulnerabilities


๐Ÿ“ˆ 21.35 Punkte

๐Ÿ“Œ USN-5788-1: curl vulnerabilities


๐Ÿ“ˆ 21.35 Punkte

๐Ÿ“Œ USN-6535-1: curl vulnerabilities


๐Ÿ“ˆ 21.35 Punkte

๐Ÿ“Œ USN-3048-1: curl vulnerabilities


๐Ÿ“ˆ 21.35 Punkte

๐Ÿ“Œ USN-5495-1: curl vulnerabilities


๐Ÿ“ˆ 21.35 Punkte

๐Ÿ“Œ USN-3441-1: curl vulnerabilities


๐Ÿ“ˆ 21.35 Punkte

๐Ÿ“Œ USN-3441-2: curl vulnerabilities


๐Ÿ“ˆ 21.35 Punkte

๐Ÿ“Œ USN-5702-1: curl vulnerabilities


๐Ÿ“ˆ 21.35 Punkte

๐Ÿ“Œ USN-3498-1: curl vulnerabilities


๐Ÿ“ˆ 21.35 Punkte

๐Ÿ“Œ USN-3554-1: curl vulnerabilities


๐Ÿ“ˆ 21.35 Punkte

๐Ÿ“Œ USN-5964-1: curl vulnerabilities


๐Ÿ“ˆ 21.35 Punkte

๐Ÿ“Œ USN-3598-1: curl vulnerabilities


๐Ÿ“ˆ 21.35 Punkte

๐Ÿ“Œ USN-5964-2: curl vulnerabilities


๐Ÿ“ˆ 21.35 Punkte

๐Ÿ“Œ USN-4129-1: curl vulnerabilities


๐Ÿ“ˆ 21.35 Punkte

๐Ÿ“Œ USN-4466-1: curl vulnerability


๐Ÿ“ˆ 16.54 Punkte

๐Ÿ“Œ USN-4466-2: curl vulnerability


๐Ÿ“ˆ 16.54 Punkte











matomo