Debian Bug report logs -
#1031371
curl: CVE-2023-23914 CVE-2023-23915 CVE-2023-23916
Package:
src:curl;
Maintainer for src:curl is Alessandro Ghedini <ghedo@debianorg>;
Reported by: Moritz Mühlenhoff <jmm@inutilorg>
Date: Wed, 15 Feb 2023 22:27:01 UTC
Severity: grave
Tags: security, upstream
Found in version curl ...
Patrick Monnerat discovered that Curl's support for chained HTTP
compression algorithms was susceptible to denial of service
For the stable distribution (bullseye), this problem has been fixed in
version 7740-13+deb11u7 This update also fixes a regression in
the previously released fix for
CVE-2022-27774
We recommend that you upgrade your cur ...
A flaw was found in the Curl package, where the HSTS mechanism would be ignored by subsequent transfers when done on the same command line because the state would not be properly carried This issue may result in limited confidentiality and integrity (CVE-2023-23914)
A flaw was found in the Curl package, where the HSTS mechanism could fail when mu ...
A vulnerability was found in curl In this issue, curl can be asked to tunnel all protocols virtually it supports through an HTTP proxy HTTP proxies can deny these tunnel operations using an appropriate HTTP error response code When getting denied to tunnel the specific SMB or TELNET protocols, curl can use a heap-allocated struct after it has be ...
Description<!----> This CVE is under investigation by Red Hat Product Security ...
Synopsis
Moderate: curl security update
Type/Severity
Security Advisory: Moderate
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory
View affected systems
Topic
An update for curl is now available for Red Hat Enterprise Linux 84 Advanced Mission Critical Update Support, Red Hat Enterprise Linu ...
Synopsis
Moderate: Red Hat Advanced Cluster Management 265 security updates and bug fixes
Type/Severity
Security Advisory: Moderate
Topic
Red Hat Advanced Cluster Management for Kubernetes 265 GeneralAvailability release images, which fix bugs and security updates container imagesRed Hat Product Security has rated this update as having a ...
Synopsis
Important: Red Hat JBoss Core Services Apache HTTP Server 2451 SP2 security update
Type/Severity
Security Advisory: Important
Topic
Red Hat JBoss Core Services Apache HTTP Server 2451 Service Pack 2 is now availableRed Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Sco ...
Synopsis
Important: Red Hat JBoss Core Services Apache HTTP Server 2451 SP2 security update
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory
View affected systems
Topic
An update is now available for Red Hat JBoss Core Services Apache HTTP Server 2 ...
Synopsis
Moderate: Logging Subsystem for Red Hat OpenShift - 559 security update
Type/Severity
Security Advisory: Moderate
Topic
An update is now available for Logging Subsystem for Red Hat OpenShift - 559Red Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring System (CVSS) b ...
Synopsis
Moderate: Red Hat OpenShift Service Mesh Containers for 232 security update
Type/Severity
Security Advisory: Moderate
Topic
Red Hat OpenShift Service Mesh Containers for 232Red Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring System (CVSS) base score, which gives a ...
Synopsis
Moderate: Multicluster Engine for Kubernetes 216 security updates and bug fixes
Type/Severity
Security Advisory: Moderate
Topic
Multicluster Engine for Kubernetes 216 General Availability release images, which fix bugs and security updates container imagesRed Hat Product Security has rated this update as having a security impact ...
Synopsis
Important: Red Hat OpenShift Data Foundation 4117 Bug Fix and security update
Type/Severity
Security Advisory: Important
Topic
Updated images that fix several bugs are now available for Red Hat OpenShift Data Foundation 4117 on Red Hat Enterprise Linux 8 from Red Hat Container RegistryRed Hat Product Security has rated this upda ...
Synopsis
Moderate: Migration Toolkit for Containers (MTC) 179 security and bug fix update
Type/Severity
Security Advisory: Moderate
Topic
The Migration Toolkit for Containers (MTC) 179 is now availableRed Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring System (CVSS) base ...
Synopsis
Moderate: Red Hat Advanced Cluster Management 258 security updates and bug fixes
Type/Severity
Security Advisory: Moderate
Topic
Red Hat Advanced Cluster Management for Kubernetes 258 GeneralAvailability release images, which fix bugs and security updates container imagesRed Hat Product Security has rated this update as having a ...
Synopsis
Moderate: Multicluster Engine for Kubernetes 208 security updates and bug fixes
Type/Severity
Security Advisory: Moderate
Topic
Multicluster Engine for Kubernetes 208 General Availability release images, which fix bugs and security updates container imagesRed Hat Product Security has rated this update as having a security impact ...
Synopsis
Critical: Multicluster Engine for Kubernetes 223 security updates and bug fixes
Type/Severity
Security Advisory: Critical
Topic
Multicluster Engine for Kubernetes 223 General Availability release images, which fix bugs and security updates container imagesRed Hat Product Security has rated this update as having a security impact ...
Synopsis
Important: Service Telemetry Framework 152 security update
Type/Severity
Security Advisory: Important
Topic
An update is now available for Service Telemetry Framework 152Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (CVSS) base score, which gives a ...
Synopsis
Important: Self Node Remediation Operator 051 security update
Type/Severity
Security Advisory: Important
Topic
This is an updated version of the Self Node Remediation Operator This Operator is delivered by Red Hat Workload AvailabilityRed Hat Product Security has rated this update as having a security impact of Important A Commo ...
Synopsis
Moderate: curl security update
Type/Severity
Security Advisory: Moderate
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory
View affected systems
Topic
An update for curl is now available for Red Hat Enterprise Linux 90 Extended Update SupportRed Hat Product Security has rated this u ...
Synopsis
Moderate: curl security update
Type/Severity
Security Advisory: Moderate
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory
View affected systems
Topic
An update for curl is now available for Red Hat Enterprise Linux 9Red Hat Product Security has rated this update as having a security ...
Synopsis
Moderate: curl security update
Type/Severity
Security Advisory: Moderate
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory
View affected systems
Topic
An update for curl is now available for Red Hat Enterprise Linux 86 Extended Update SupportRed Hat Product Security has rated this u ...
Synopsis
Critical: Multicluster Engine for Kubernetes 20 hotfix security update for console
Type/Severity
Security Advisory: Critical
Topic
Red Hat Multicluster Engine Hotfix Security Update for ConsoleRed Hat Product Security has rated this update as having a security impactof Critical A Common Vulnerability Scoring System (CVSS) base scor ...
概述
Moderate: curl security update
类型/严重性
Security Advisory: Moderate
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory
View affected systems
标题
An update for curl is now available for Red Hat Enterprise Linux 8Red Hat Product Security has rated this update as having a securi ...
Synopsis
Critical: Red Hat Advanced Cluster Management 273 security fixes and bug fixes
Type/Severity
Security Advisory: Critical
Topic
Red Hat Advanced Cluster Management for Kubernetes 273 GeneralAvailability release images, which fix bugs and security updates container imagesRed Hat Product Security has rated this update as having a s ...
Synopsis
Moderate: OpenShift API for Data Protection (OADP) 113 security and bug fix update
Type/Severity
Security Advisory: Moderate
Topic
OpenShift API for Data Protection (OADP) 113 is now availableRed Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring System (CVSS) base ...
Synopsis
Important: Migration Toolkit for Applications security and bug fix update
Type/Severity
Security Advisory: Important
Topic
Migration Toolkit for Applications 610 releaseRed Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (CVSS) base score, which gives a deta ...
Synopsis
Moderate: Red Hat OpenShift GitOps security update
Type/Severity
Security Advisory: Moderate
Topic
An update is now available for Red Hat OpenShift GitOps 17Red Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity ...
Synopsis
Moderate: Red Hat OpenShift GitOps security update
Type/Severity
Security Advisory: Moderate
Topic
An update is now available for Red Hat OpenShift GitOps 16Red Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity ...
Synopsis
Moderate: Red Hat OpenShift Data Foundation 4122 Bug Fix and security update
Type/Severity
Security Advisory: Moderate
Topic
Updated images that fix several bugs are now available for Red Hat OpenShift Data Foundation 4122 on Red Hat Enterprise Linux 8 from Red Hat Container RegistryRed Hat Product Security has rated this update ...
Synopsis
Moderate: Secondary Scheduler Operator for Red Hat OpenShift 111 security update
Type/Severity
Security Advisory: Moderate
Topic
Secondary Scheduler Operator for Red Hat OpenShift 111Red Hat Product Security has rated this update as having a security impact ofModerate A Common Vulnerability Scoring System (CVSS) base score, whic ...