Advisories ยป MGASA-2021-0384

Updated curl packages fix security vulnerabilities

Publication date: 27 Jul 2021
Modification date: 27 Jul 2021
Type: security
Affected Mageia releases : 8
CVE: CVE-2021-22922 , CVE-2021-22923 , CVE-2021-22924 , CVE-2021-22925

Description

Wrong content via metalink not discarded (CVE-2021-22922).

Metalink download sends credentials (CVE-2021-22923).

Bad connection reuse due to flawed path name checks (CVE-2021-22924).

TELNET stack contents disclosure again (CVE-2021-22925).
                

References

SRPMS

8/core