Описание
Security update for curl
This update for curl fixes the following issues:
- CVE-2022-27781: Fixed an issue where curl will get stuck in an infinite loop when trying to retrieve details about a TLS server's certificate chain (bnc#1199223).
- CVE-2022-27782: Fixed an issue where TLS and SSH connections would be reused even when a related option had been changed (bsc#1199224).
- CVE-2022-32206: Fixed an uncontrolled memory consumption issue caused by an unbounded number of compression layers (bsc#1200735).
- CVE-2022-32208: Fixed an incorrect message verification issue when performing FTP transfers using krb5 (bsc#1200737).
Список пакетов
Container suse/sles12sp4:latest
Image SLES12-SP4-SAP-Azure-LI-BYOS-Production
Image SLES12-SP4-SAP-Azure-VLI-BYOS-Production
SUSE Linux Enterprise Server 12 SP4-LTSS
SUSE Linux Enterprise Server for SAP Applications 12 SP4
SUSE OpenStack Cloud 9
SUSE OpenStack Cloud Crowbar 9
Ссылки
- Link for SUSE-SU-2022:2813-1
- E-Mail link for SUSE-SU-2022:2813-1
- SUSE Security Ratings
- SUSE Bug 1199223
- SUSE Bug 1199224
- SUSE Bug 1200735
- SUSE Bug 1200737
- SUSE CVE CVE-2022-27781 page
- SUSE CVE CVE-2022-27782 page
- SUSE CVE CVE-2022-32206 page
- SUSE CVE CVE-2022-32208 page
Описание
libcurl provides the `CURLOPT_CERTINFO` option to allow applications torequest details to be returned about a server's certificate chain.Due to an erroneous function, a malicious server could make libcurl built withNSS get stuck in a never-ending busy-loop when trying to retrieve thatinformation.
Затронутые продукты
Ссылки
- CVE-2022-27781
- SUSE Bug 1199223
Описание
libcurl would reuse a previously created connection even when a TLS or SSHrelated option had been changed that should have prohibited reuse.libcurl keeps previously used connections in a connection pool for subsequenttransfers to reuse if one of them matches the setup. However, several TLS andSSH settings were left out from the configuration match checks, making themmatch too easily.
Затронутые продукты
Ссылки
- CVE-2022-27782
- SUSE Bug 1199224
- SUSE Bug 1200694
- SUSE Bug 1203786
- SUSE Bug 1205070
- SUSE Bug 1209214
Описание
curl < 7.84.0 supports "chained" HTTP compression algorithms, meaning that a serverresponse can be compressed multiple times and potentially with different algorithms. The number of acceptable "links" in this "decompression chain" was unbounded, allowing a malicious server to insert a virtually unlimited number of compression steps.The use of such a decompression chain could result in a "malloc bomb", makingcurl end up spending enormous amounts of allocated heap memory, or trying toand returning out of memory errors.
Затронутые продукты
Ссылки
- CVE-2022-32206
- SUSE Bug 1200735
- SUSE Bug 1207992
Описание
When curl < 7.84.0 does FTP transfers secured by krb5, it handles message verification failures wrongly. This flaw makes it possible for a Man-In-The-Middle attack to go unnoticed and even allows it to inject data to the client.
Затронутые продукты
Ссылки
- CVE-2022-32208
- SUSE Bug 1200737