SUSE-SU-2020:1735-1

UNKNOWN

Security update for curl

Published Jun 24, 2020

Modified 5 years ago

Fix available

Details

This update for curl fixes the following issues:

CVE-2020-8177: Fixed an issue where curl could have been tricked by a malicious server to overwrite a local file when using the -J option (bsc#1173027).

Affected Packages

curl

SUSE Linux Enterprise Server 12 SP4SUSE Linux Enterprise Server for SAP Applications 12 SP4SUSE Linux Enterprise Software Development Kit 12 SP4

Fixed in:

7.60.0-4.15.2

libcurl4

SUSE Linux Enterprise Server 12 SP4SUSE Linux Enterprise Server for SAP Applications 12 SP4

Fixed in:

7.60.0-4.15.2

libcurl4-32bit

SUSE Linux Enterprise Server 12 SP4SUSE Linux Enterprise Server for SAP Applications 12 SP4

Fixed in:

7.60.0-4.15.2

libcurl-devel

SUSE Linux Enterprise Software Development Kit 12 SP4

Fixed in:

7.60.0-4.15.2

References

Upstream

Ecosystems

Timeline

PublishedJun 24, 2020

ModifiedJun 24, 2020

SUSE-SU-2020:1735-1 | Mondoo Vulnerability Intelligence