RLSA-2023:3106

Source

https://storage.googleapis.com/resf-osv-data/RLSA-2023:3106.json

Aliases

CVE-2023-27535 ( DLA-3398-1 )

Published

2023-05-18T19:18:14.459089Z

Modified

2023-05-18T19:19:34.575273Z

Details

The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP.

Security Fix(es):

curl: FTP too eager connection reuse (CVE-2023-27535)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Bug Fix(es):

Cannot upload files to Jscape SFTP server: file gets created empty (BZ#2188029)

References

https://errata.rockylinux.org/RLSA-2023:3106
https://bugzilla.redhat.com/show_bug.cgi?id=2179073
https://bugzilla.redhat.com/show_bug.cgi?id=2188029

Affected packages

Rocky Linux:8 / curl

curl

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0

Fixed

7.61.1-30.el8_8.2

RLSA-2023:3106

Affected packages

Rocky Linux:8 / curl

Affected ranges

Affected versions