USN-5702-2
- Source
- https://ubuntu.com/security/notices/USN-5702-2
- Import Source
- https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-5702-2.json
- JSON Data
- https://api.osv.dev/v1/vulns/USN-5702-2
- Related
- Published
- 2022-10-26T19:33:46.157008Z
- Modified
- 2022-10-26T19:33:46.157008Z
- Summary
- curl vulnerability
- Details
-
USN-5702-1 fixed a vulnerability in curl. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM.
Original advisory details:
Robby Simpson discovered that curl incorrectly handled certain POST operations after PUT operations. This issue could cause applications using curl to send the wrong data, perform incorrect memory operations, or crash. (CVE-2022-32221)
- References
Affected packages
Ubuntu:Pro:14.04:LTS / curl
Package
- Name
- curl
- Purl
- pkg:deb/ubuntu/curl?arch=src?distro=trusty/esm
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed7.35.0-1ubuntu2.20+esm13
Affected versions
7.*
7.32.0-1ubuntu1
7.33.0-1ubuntu1
7.34.0-1ubuntu1
7.35.0-1ubuntu1
7.35.0-1ubuntu2
7.35.0-1ubuntu2.1
7.35.0-1ubuntu2.2
7.35.0-1ubuntu2.3
7.35.0-1ubuntu2.5
7.35.0-1ubuntu2.6
7.35.0-1ubuntu2.7
7.35.0-1ubuntu2.8
7.35.0-1ubuntu2.9
7.35.0-1ubuntu2.10
7.35.0-1ubuntu2.11
7.35.0-1ubuntu2.12
7.35.0-1ubuntu2.13
7.35.0-1ubuntu2.14
7.35.0-1ubuntu2.15
7.35.0-1ubuntu2.16
7.35.0-1ubuntu2.17
7.35.0-1ubuntu2.19
7.35.0-1ubuntu2.20
7.35.0-1ubuntu2.20+esm3
7.35.0-1ubuntu2.20+esm4
7.35.0-1ubuntu2.20+esm5
7.35.0-1ubuntu2.20+esm6
7.35.0-1ubuntu2.20+esm7
7.35.0-1ubuntu2.20+esm8
7.35.0-1ubuntu2.20+esm9
7.35.0-1ubuntu2.20+esm10
7.35.0-1ubuntu2.20+esm11
7.35.0-1ubuntu2.20+esm12
Ecosystem specific
{
"availability": "Available with Ubuntu Pro (Infra-only): https://ubuntu.com/pro",
"binaries": [
{
"binary_version": "7.35.0-1ubuntu2.20+esm13",
"binary_name": "curl"
},
{
"binary_version": "7.35.0-1ubuntu2.20+esm13",
"binary_name": "curl-dbgsym"
},
{
"binary_version": "7.35.0-1ubuntu2.20+esm13",
"binary_name": "curl-udeb"
},
{
"binary_version": "7.35.0-1ubuntu2.20+esm13",
"binary_name": "curl-udeb-dbgsym"
},
{
"binary_version": "7.35.0-1ubuntu2.20+esm13",
"binary_name": "libcurl3"
},
{
"binary_version": "7.35.0-1ubuntu2.20+esm13",
"binary_name": "libcurl3-dbg"
},
{
"binary_version": "7.35.0-1ubuntu2.20+esm13",
"binary_name": "libcurl3-dbgsym"
},
{
"binary_version": "7.35.0-1ubuntu2.20+esm13",
"binary_name": "libcurl3-gnutls"
},
{
"binary_version": "7.35.0-1ubuntu2.20+esm13",
"binary_name": "libcurl3-gnutls-dbgsym"
},
{
"binary_version": "7.35.0-1ubuntu2.20+esm13",
"binary_name": "libcurl3-nss"
},
{
"binary_version": "7.35.0-1ubuntu2.20+esm13",
"binary_name": "libcurl3-nss-dbgsym"
},
{
"binary_version": "7.35.0-1ubuntu2.20+esm13",
"binary_name": "libcurl3-udeb"
},
{
"binary_version": "7.35.0-1ubuntu2.20+esm13",
"binary_name": "libcurl3-udeb-dbgsym"
},
{
"binary_version": "7.35.0-1ubuntu2.20+esm13",
"binary_name": "libcurl4-doc"
},
{
"binary_version": "7.35.0-1ubuntu2.20+esm13",
"binary_name": "libcurl4-gnutls-dev"
},
{
"binary_version": "7.35.0-1ubuntu2.20+esm13",
"binary_name": "libcurl4-gnutls-dev-dbgsym"
},
{
"binary_version": "7.35.0-1ubuntu2.20+esm13",
"binary_name": "libcurl4-nss-dev"
},
{
"binary_version": "7.35.0-1ubuntu2.20+esm13",
"binary_name": "libcurl4-nss-dev-dbgsym"
},
{
"binary_version": "7.35.0-1ubuntu2.20+esm13",
"binary_name": "libcurl4-openssl-dev"
},
{
"binary_version": "7.35.0-1ubuntu2.20+esm13",
"binary_name": "libcurl4-openssl-dev-dbgsym"
}
]
}
Ubuntu:Pro:16.04:LTS / curl
Package
- Name
- curl
- Purl
- pkg:deb/ubuntu/curl?arch=src?distro=esm-infra/xenial
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed7.47.0-1ubuntu2.19+esm6
Affected versions
7.*
7.43.0-1ubuntu2
7.45.0-1ubuntu1
7.46.0-1ubuntu1
7.47.0-1ubuntu1
7.47.0-1ubuntu2
7.47.0-1ubuntu2.1
7.47.0-1ubuntu2.2
7.47.0-1ubuntu2.3
7.47.0-1ubuntu2.4
7.47.0-1ubuntu2.5
7.47.0-1ubuntu2.6
7.47.0-1ubuntu2.7
7.47.0-1ubuntu2.8
7.47.0-1ubuntu2.9
7.47.0-1ubuntu2.11
7.47.0-1ubuntu2.12
7.47.0-1ubuntu2.13
7.47.0-1ubuntu2.14
7.47.0-1ubuntu2.15
7.47.0-1ubuntu2.16
7.47.0-1ubuntu2.18
7.47.0-1ubuntu2.19
7.47.0-1ubuntu2.19+esm1
7.47.0-1ubuntu2.19+esm2
7.47.0-1ubuntu2.19+esm3
7.47.0-1ubuntu2.19+esm4
7.47.0-1ubuntu2.19+esm5
Ecosystem specific
{
"availability": "Available with Ubuntu Pro (Infra-only): https://ubuntu.com/pro",
"binaries": [
{
"binary_version": "7.47.0-1ubuntu2.19+esm6",
"binary_name": "curl"
},
{
"binary_version": "7.47.0-1ubuntu2.19+esm6",
"binary_name": "curl-dbgsym"
},
{
"binary_version": "7.47.0-1ubuntu2.19+esm6",
"binary_name": "libcurl3"
},
{
"binary_version": "7.47.0-1ubuntu2.19+esm6",
"binary_name": "libcurl3-dbg"
},
{
"binary_version": "7.47.0-1ubuntu2.19+esm6",
"binary_name": "libcurl3-dbgsym"
},
{
"binary_version": "7.47.0-1ubuntu2.19+esm6",
"binary_name": "libcurl3-gnutls"
},
{
"binary_version": "7.47.0-1ubuntu2.19+esm6",
"binary_name": "libcurl3-gnutls-dbgsym"
},
{
"binary_version": "7.47.0-1ubuntu2.19+esm6",
"binary_name": "libcurl3-nss"
},
{
"binary_version": "7.47.0-1ubuntu2.19+esm6",
"binary_name": "libcurl3-nss-dbgsym"
},
{
"binary_version": "7.47.0-1ubuntu2.19+esm6",
"binary_name": "libcurl4-doc"
},
{
"binary_version": "7.47.0-1ubuntu2.19+esm6",
"binary_name": "libcurl4-gnutls-dev"
},
{
"binary_version": "7.47.0-1ubuntu2.19+esm6",
"binary_name": "libcurl4-gnutls-dev-dbgsym"
},
{
"binary_version": "7.47.0-1ubuntu2.19+esm6",
"binary_name": "libcurl4-nss-dev"
},
{
"binary_version": "7.47.0-1ubuntu2.19+esm6",
"binary_name": "libcurl4-nss-dev-dbgsym"
},
{
"binary_version": "7.47.0-1ubuntu2.19+esm6",
"binary_name": "libcurl4-openssl-dev"
},
{
"binary_version": "7.47.0-1ubuntu2.19+esm6",
"binary_name": "libcurl4-openssl-dev-dbgsym"
}
]
}