📚 USN-3048-1: curl vulnerabilities

🕛 Zeit seit Veröffentlichung: 2798 Tage, 17 Stunden 58 Minuten
📆 Veröffentlicht am: 08.08.2016 um 21:00 Uhr
💡 Newskategorie: Unix Server
🔗 Quelle: ubuntu.com

Ubuntu Security Notice USN-3048-1

8th August, 2016

curl vulnerabilities

A security issue affects these releases of Ubuntu and its derivatives:

Ubuntu 16.04 LTS
Ubuntu 14.04 LTS
Ubuntu 12.04 LTS

Summary

Several security issues were fixed in curl.

Software description

curl - HTTP, HTTPS, and FTP client and client libraries

Details

Bru Rom discovered that curl incorrectly handled client certificates when
resuming a TLS session. (CVE-2016-5419)

It was discovered that curl incorrectly handled client certificates when
reusing TLS connections. (CVE-2016-5420)

Marcelo Echeverria and Fernando Muñoz discovered that curl incorrectly
reused a connection struct, contrary to expectations. This issue only
applied to Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. (CVE-2016-5421)

Update instructions

The problem can be corrected by updating your system to the following package version:

Ubuntu 16.04 LTS:: libcurl3-nss 7.47.0-1ubuntu2.1; libcurl3-gnutls 7.47.0-1ubuntu2.1; libcurl3 7.47.0-1ubuntu2.1
Ubuntu 14.04 LTS:: libcurl3-nss 7.35.0-1ubuntu2.8; libcurl3-gnutls 7.35.0-1ubuntu2.8; libcurl3 7.35.0-1ubuntu2.8
Ubuntu 12.04 LTS:: libcurl3-nss 7.22.0-3ubuntu4.16; libcurl3-gnutls 7.22.0-3ubuntu4.16; libcurl3 7.22.0-3ubuntu4.16

To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.

In general, a standard system update will make all the necessary changes.

References

CVE-2016-5419, CVE-2016-5420, CVE-2016-5421

...

Sharing is caring on Social Media

Join the Team IT Security Community

📌 curl: Buffer overflow and affected url:-https://github.com/curl/curl/blob/master/docs/examples/hsts-preload.c

🕛 144 Tage, 2 Stunden 48 Minuten
📆 15.11.2023 um 02:23 Uhr
📈 32.67 Punkte

📌 --help, Linux beginner, i accidentally made a wrong curl, i can't download the package, and now want to remove the "curl" and stop getting errors when sudo apt-get updating

🕛 2069 Tage, 1 Stunden 44 Minuten
📆 08.08.2018 um 12:54 Uhr
📈 21.78 Punkte

📌 COVID-19 Tracker CLI v3 is out! A curl-based and local command line tracker for coronavirus. Join our official discord warengonza.ga/TtYvZ34 and visit official repo warengonza.ga/covid19-tracker-cli-repo. curl -L covid19.trackercli.com/help

🕛 1467 Tage, 1 Stunden 59 Minuten
📆 01.04.2020 um 12:40 Uhr
📈 21.78 Punkte

📌 curl: Invalid write (or double free) triggers curl command line tool crash

🕛 1420 Tage, 4 Stunden 57 Minuten
📆 16.05.2020 um 01:21 Uhr
📈 21.78 Punkte

📌 On this day, 23 years ago, the first-ever curl software was released as an open-source app. Happy birthday to all of us who use and appreciate curl.

🕛 1114 Tage, 4 Stunden 29 Minuten
📆 20.03.2021 um 10:25 Uhr
📈 21.78 Punkte

📌 curl: CVE-2023-23914: curl HSTS ignored on multiple requests

🕛 417 Tage, 3 Stunden 23 Minuten
📆 21.12.2022 um 10:59 Uhr
📈 21.78 Punkte

📌 curl: curl overwrites local file with -J option if file non-readable, but file writable.

🕛 1344 Tage, 18 Stunden 12 Minuten
📆 18.07.2020 um 02:52 Uhr
📈 21.78 Punkte

📌 curl: Parallel upload hangs curl if upload file not found

🕛 1255 Tage, 19 Stunden 26 Minuten
📆 26.10.2020 um 22:42 Uhr
📈 21.78 Punkte

📌 curl: error parse uri path in curl

🕛 670 Tage, 7 Stunden 53 Minuten
📆 12.05.2022 um 08:20 Uhr
📈 21.78 Punkte

📌 curl: CVE-2022-27778: curl removes wrong file on error

🕛 670 Tage, 7 Stunden 53 Minuten
📆 28.04.2022 um 14:58 Uhr
📈 21.78 Punkte

📌 curl: curl "globbing" can lead to denial of service attacks

🕛 660 Tage, 20 Stunden 24 Minuten
📆 16.05.2022 um 17:19 Uhr
📈 21.78 Punkte

📌 curl: curl file writing susceptible to symlink attacks

🕛 455 Tage, 13 Stunden 27 Minuten
📆 22.12.2022 um 05:12 Uhr
📈 21.78 Punkte

📌 curl: [Critical] Curl CVE-2023-38545 vulnerability code changes are disclosed on the internet

🕛 169 Tage, 19 Stunden 12 Minuten
📆 10.10.2023 um 06:25 Uhr
📈 21.78 Punkte

📌 USN-3123-1: curl vulnerabilities

🕛 2711 Tage, 19 Stunden 43 Minuten
📆 03.11.2016 um 19:16 Uhr
📈 21.38 Punkte

📌 USN-3123-1: curl vulnerabilities

🕛 2711 Tage, 19 Stunden 43 Minuten
📆 03.11.2016 um 19:16 Uhr
📈 21.38 Punkte

📌 USN-4402-1: curl vulnerabilities

🕛 1375 Tage, 20 Stunden 41 Minuten
📆 24.06.2020 um 09:51 Uhr
📈 21.38 Punkte

📌 USN-4665-2: curl vulnerabilities

🕛 1214 Tage, 19 Stunden 57 Minuten
📆 09.12.2020 um 17:46 Uhr
📈 21.38 Punkte

📌 USN-4898-1: curl vulnerabilities

🕛 1103 Tage, 2 Stunden 56 Minuten
📆 31.03.2021 um 12:50 Uhr
📈 21.38 Punkte

📌 USN-3441-1: curl vulnerabilities

🕛 2370 Tage, 22 Stunden 53 Minuten
📆 10.10.2017 um 16:05 Uhr
📈 21.38 Punkte

📌 USN-5499-1: curl vulnerabilities

🕛 646 Tage, 11 Stunden 24 Minuten
📆 01.07.2022 um 04:04 Uhr
📈 21.38 Punkte

📌 USN-5788-1: curl vulnerabilities

🕛 457 Tage, 18 Stunden 56 Minuten
📆 05.01.2023 um 18:15 Uhr
📈 21.38 Punkte

📌 USN-6535-1: curl vulnerabilities

🕛 122 Tage, 22 Stunden 41 Minuten
📆 06.12.2023 um 13:11 Uhr
📈 21.38 Punkte

📌 USN-3441-2: curl vulnerabilities

🕛 2357 Tage, 17 Stunden 42 Minuten
📆 23.10.2017 um 21:17 Uhr
📈 21.38 Punkte

📌 USN-4665-1: curl vulnerabilities

🕛 1215 Tage, 0 Stunden 56 Minuten
📆 09.12.2020 um 13:10 Uhr
📈 21.38 Punkte

📌 USN-6718-1: curl vulnerabilities

🕛 21 Tage, 5 Stunden 21 Minuten
📆 27.03.2024 um 12:43 Uhr
📈 21.38 Punkte

📌 USN-3498-1: curl vulnerabilities

🕛 2321 Tage, 0 Stunden 8 Minuten
📆 29.11.2017 um 14:51 Uhr
📈 21.38 Punkte

📌 USN-3554-1: curl vulnerabilities

🕛 2257 Tage, 13 Stunden 57 Minuten
📆 01.02.2018 um 01:02 Uhr
📈 21.38 Punkte

📌 USN-5495-1: curl vulnerabilities

🕛 649 Tage, 21 Stunden 54 Minuten
📆 27.06.2022 um 16:14 Uhr
📈 21.38 Punkte

📌 USN-3598-1: curl vulnerabilities

🕛 2215 Tage, 1 Stunden 9 Minuten
📆 15.03.2018 um 12:02 Uhr
📈 21.38 Punkte

📌 USN-5702-1: curl vulnerabilities

🕛 528 Tage, 17 Stunden 54 Minuten
📆 26.10.2022 um 19:28 Uhr
📈 21.38 Punkte

📌 USN-4129-1: curl vulnerabilities

🕛 1670 Tage, 0 Stunden 26 Minuten
📆 11.09.2019 um 10:37 Uhr
📈 21.38 Punkte

📌 USN-5964-1: curl vulnerabilities

🕛 383 Tage, 23 Stunden 42 Minuten
📆 20.03.2023 um 13:30 Uhr
📈 21.38 Punkte

📌 USN-5964-2: curl vulnerabilities

🕛 376 Tage, 20 Stunden 21 Minuten
📆 27.03.2023 um 16:47 Uhr
📈 21.38 Punkte