SUSE-SU-2021:14768-1

Details

Description of the patch:

This update for curl fixes the following issues:

CVE-2021-22925: TELNET stack contents disclosure again. (bsc#1188220)
CVE-2021-22924: Bad connection reuse due to flawed path name checks. (bsc#1188219)
CVE-2021-22923: Insufficiently Protected Credentials. (bsc#1188218)
CVE-2021-22922: Wrong content via metalink not discarded. (bsc#1188217)

Affected Packages

curl-openssl1

SUSE Linux Enterprise Server 11-SECURITY

Fixed in:

7.37.0-70.71.1

libcurl4-openssl1

SUSE Linux Enterprise Server 11-SECURITY

Fixed in:

7.37.0-70.71.1

libcurl4-openssl1-32bit

SUSE Linux Enterprise Server 11-SECURITY

Fixed in: