SUSE-SU-2023:2224-2

Опубликовано: 21 июн. 2023

Источник: suse-cvrf

Описание

Security update for curl

This update for curl adds the following feature:

Update to version 8.0.1 (jsc#PED-2580)

CVE-2023-28319: use-after-free in SSH sha256 fingerprint check (bsc#1211230).
CVE-2023-28320: siglongjmp race condition (bsc#1211231).
CVE-2023-28321: IDN wildcard matching (bsc#1211232).
CVE-2023-28322: POST-after-PUT confusion (bsc#1211233).

Список пакетов

Container bci/bci-init:15.4

libcurl4-8.0.1-150400.5.23.1

Container bci/dotnet-aspnet:6.0

libcurl4-8.0.1-150400.5.23.1

Container bci/dotnet-aspnet:latest

libcurl4-8.0.1-150400.5.23.1

Container bci/dotnet-runtime:6.0

libcurl4-8.0.1-150400.5.23.1

Container bci/dotnet-runtime:latest

libcurl4-8.0.1-150400.5.23.1

Container bci/dotnet-sdk:6.0

libcurl4-8.0.1-150400.5.23.1

Container bci/dotnet-sdk:latest

libcurl4-8.0.1-150400.5.23.1

Container bci/golang:1.19

libcurl4-8.0.1-150400.5.23.1

Container bci/golang:1.20-openssl

libcurl4-8.0.1-150400.5.23.1

Container bci/golang:1.21

libcurl4-8.0.1-150400.5.23.1

Container bci/golang:latest

libcurl4-8.0.1-150400.5.23.1

Container bci/node:16

libcurl4-8.0.1-150400.5.23.1

Container bci/node:18

curl-8.0.1-150400.5.23.1

libcurl4-8.0.1-150400.5.23.1

Container bci/nodejs:latest

libcurl4-8.0.1-150400.5.23.1

Container bci/openjdk-devel:11

libcurl4-8.0.1-150400.5.23.1

Container bci/openjdk-devel:latest

libcurl4-8.0.1-150400.5.23.1

Container bci/openjdk:11

curl-8.0.1-150400.5.23.1

libcurl4-8.0.1-150400.5.23.1

Container bci/openjdk:17

curl-8.0.1-150400.5.23.1

libcurl4-8.0.1-150400.5.23.1

Container bci/openjdk:latest

libcurl4-8.0.1-150400.5.23.1

Container bci/php-apache:8

libcurl4-8.0.1-150400.5.23.1

Container bci/php-apache:latest

libcurl4-8.0.1-150400.5.23.1

Container bci/php-fpm:8

libcurl4-8.0.1-150400.5.23.1

Container bci/php-fpm:latest

libcurl4-8.0.1-150400.5.23.1

Container bci/php:8

libcurl4-8.0.1-150400.5.23.1

Container bci/php:latest

libcurl4-8.0.1-150400.5.23.1

Container bci/python:3

curl-8.0.1-150400.5.23.1

libcurl4-8.0.1-150400.5.23.1

Container bci/python:latest

curl-8.0.1-150400.5.23.1

libcurl4-8.0.1-150400.5.23.1

Container bci/ruby:latest

curl-8.0.1-150400.5.23.1

libcurl4-8.0.1-150400.5.23.1

Container bci/rust:1.68

libcurl4-8.0.1-150400.5.23.1

Container bci/rust:1.77

libcurl4-8.0.1-150400.5.23.1

Container bci/rust:latest

libcurl4-8.0.1-150400.5.23.1

Container rancher/elemental-builder-image/5.3:latest

libcurl4-8.0.1-150400.5.23.1

Container rancher/elemental-operator/5.3:latest

libcurl4-8.0.1-150400.5.23.1

Container rancher/elemental-operator:latest

libcurl4-8.0.1-150400.5.23.1

Container rancher/elemental-teal-iso/5.3:latest

libcurl4-8.0.1-150400.5.23.1

Container rancher/elemental-teal-iso/5.4:latest

libcurl4-8.0.1-150400.5.23.1

Container rancher/elemental-teal-rt/5.3:latest

libcurl4-8.0.1-150400.5.23.1

Container rancher/elemental-teal-rt/5.4:latest

libcurl4-8.0.1-150400.5.23.1

Container rancher/elemental-teal/5.3:latest

libcurl4-8.0.1-150400.5.23.1

Container rancher/elemental-teal/5.4:latest

libcurl4-8.0.1-150400.5.23.1

Container rancher/seedimage-builder/5.3:latest

curl-8.0.1-150400.5.23.1

libcurl4-8.0.1-150400.5.23.1

Container rancher/seedimage-builder:latest

curl-8.0.1-150400.5.23.1

libcurl4-8.0.1-150400.5.23.1

Container suse/389-ds:latest

libcurl4-8.0.1-150400.5.23.1

Container suse/git:latest

libcurl4-8.0.1-150400.5.23.1

Container suse/hpc/warewulf4-x86_64/sle-hpc-node:latest

curl-8.0.1-150400.5.23.1

libcurl4-8.0.1-150400.5.23.1

Container suse/ltss/sle15.4/bci-base:latest

curl-8.0.1-150400.5.23.1

libcurl4-8.0.1-150400.5.23.1

Container suse/ltss/sle15.5/sle15:latest

curl-8.0.1-150400.5.23.1

libcurl4-8.0.1-150400.5.23.1

Container suse/manager/4.3/proxy-httpd:latest

curl-8.0.1-150400.5.23.1

libcurl4-8.0.1-150400.5.23.1

Container suse/manager/4.3/proxy-salt-broker:latest

curl-8.0.1-150400.5.23.1

libcurl4-8.0.1-150400.5.23.1

Container suse/pcp:5

libcurl4-8.0.1-150400.5.23.1

Container suse/postgres:14

libcurl4-8.0.1-150400.5.23.1

Container suse/postgres:latest

libcurl4-8.0.1-150400.5.23.1

Container suse/sle-micro-rancher/5.3:latest

curl-8.0.1-150400.5.23.1

libcurl4-8.0.1-150400.5.23.1

Container suse/sle-micro-rancher/5.4:latest

curl-8.0.1-150400.5.23.1

libcurl4-8.0.1-150400.5.23.1

Container suse/sle-micro/5.3/toolbox:latest

curl-8.0.1-150400.5.23.1

libcurl4-8.0.1-150400.5.23.1

Container suse/sle-micro/5.4/toolbox:latest

curl-8.0.1-150400.5.23.1

libcurl4-8.0.1-150400.5.23.1

Container suse/sle-micro/5.5/toolbox:latest

libcurl4-8.0.1-150400.5.23.1

Container suse/sle-micro/5.5:latest

libcurl4-8.0.1-150400.5.23.1

Container suse/sle-micro/base-5.5:latest

curl-8.0.1-150400.5.23.1

libcurl4-8.0.1-150400.5.23.1

Container suse/sle-micro/kvm-5.5:latest

libcurl4-8.0.1-150400.5.23.1

Container suse/sle-micro/rt-5.5:latest

libcurl4-8.0.1-150400.5.23.1

Container suse/sle15:15.4

curl-8.0.1-150400.5.23.1

libcurl4-8.0.1-150400.5.23.1

Container suse/sle15:15.5

curl-8.0.1-150400.5.23.1

libcurl4-8.0.1-150400.5.23.1

Container suse/sles/15.5/cdi-apiserver:1.55.0

libcurl4-8.0.1-150400.5.23.1

Container suse/sles/15.5/cdi-cloner:1.55.0

curl-8.0.1-150400.5.23.1

libcurl4-8.0.1-150400.5.23.1

Container suse/sles/15.5/cdi-controller:1.55.0

libcurl4-8.0.1-150400.5.23.1

Container suse/sles/15.5/cdi-importer:1.55.0

curl-8.0.1-150400.5.23.1

libcurl4-8.0.1-150400.5.23.1

Container suse/sles/15.5/cdi-operator:1.55.0

libcurl4-8.0.1-150400.5.23.1

Container suse/sles/15.5/cdi-uploadproxy:1.55.0

libcurl4-8.0.1-150400.5.23.1

Container suse/sles/15.5/cdi-uploadserver:1.55.0

curl-8.0.1-150400.5.23.1

libcurl4-8.0.1-150400.5.23.1

Container suse/sles/15.5/libguestfs-tools:0.58.0

curl-8.0.1-150400.5.23.1

libcurl4-8.0.1-150400.5.23.1

Container suse/sles/15.5/virt-api:0.58.0

libcurl4-8.0.1-150400.5.23.1

Container suse/sles/15.5/virt-controller:0.58.0

libcurl4-8.0.1-150400.5.23.1

Container suse/sles/15.5/virt-exportproxy:0.58.0

libcurl4-8.0.1-150400.5.23.1

Container suse/sles/15.5/virt-exportserver:0.58.0

libcurl4-8.0.1-150400.5.23.1

Container suse/sles/15.5/virt-handler:0.58.0

curl-8.0.1-150400.5.23.1

libcurl4-8.0.1-150400.5.23.1

Container suse/sles/15.5/virt-launcher:0.58.0

curl-8.0.1-150400.5.23.1

libcurl4-8.0.1-150400.5.23.1

Container suse/sles/15.5/virt-operator:0.58.0

libcurl4-8.0.1-150400.5.23.1

Image SLES15-SP4

curl-8.0.1-150400.5.23.1

libcurl4-8.0.1-150400.5.23.1

Image SLES15-SP4-BYOS

curl-8.0.1-150400.5.23.1

libcurl4-8.0.1-150400.5.23.1

Image SLES15-SP4-BYOS-Azure

curl-8.0.1-150400.5.23.1

libcurl4-8.0.1-150400.5.23.1

Image SLES15-SP4-BYOS-EC2

curl-8.0.1-150400.5.23.1

libcurl4-8.0.1-150400.5.23.1

Image SLES15-SP4-BYOS-GCE

curl-8.0.1-150400.5.23.1

libcurl4-8.0.1-150400.5.23.1

Image SLES15-SP4-CHOST-BYOS

curl-8.0.1-150400.5.23.1

libcurl4-8.0.1-150400.5.23.1

Image SLES15-SP4-CHOST-BYOS-Aliyun

curl-8.0.1-150400.5.23.1

libcurl4-8.0.1-150400.5.23.1

Image SLES15-SP4-CHOST-BYOS-Azure

curl-8.0.1-150400.5.23.1

libcurl4-8.0.1-150400.5.23.1

Image SLES15-SP4-CHOST-BYOS-EC2

curl-8.0.1-150400.5.23.1

libcurl4-8.0.1-150400.5.23.1

Image SLES15-SP4-CHOST-BYOS-GCE

curl-8.0.1-150400.5.23.1

libcurl4-8.0.1-150400.5.23.1

Image SLES15-SP4-CHOST-BYOS-SAP-CCloud

curl-8.0.1-150400.5.23.1

libcurl4-8.0.1-150400.5.23.1

Image SLES15-SP4-GCE

curl-8.0.1-150400.5.23.1

libcurl4-8.0.1-150400.5.23.1

Image SLES15-SP4-HPC-BYOS

curl-8.0.1-150400.5.23.1

libcurl4-8.0.1-150400.5.23.1

Image SLES15-SP4-HPC-BYOS-Azure

curl-8.0.1-150400.5.23.1

libcurl4-8.0.1-150400.5.23.1

Image SLES15-SP4-HPC-BYOS-EC2

curl-8.0.1-150400.5.23.1

libcurl4-8.0.1-150400.5.23.1

Image SLES15-SP4-HPC-BYOS-GCE

curl-8.0.1-150400.5.23.1

libcurl4-8.0.1-150400.5.23.1

Image SLES15-SP4-HPC-EC2

curl-8.0.1-150400.5.23.1

libcurl4-8.0.1-150400.5.23.1

Image SLES15-SP4-HPC-GCE

curl-8.0.1-150400.5.23.1

libcurl4-8.0.1-150400.5.23.1

Image SLES15-SP4-Hardened-BYOS

curl-8.0.1-150400.5.23.1

libcurl4-8.0.1-150400.5.23.1

Image SLES15-SP4-Hardened-BYOS-Azure

curl-8.0.1-150400.5.23.1

libcurl4-8.0.1-150400.5.23.1

Image SLES15-SP4-Hardened-BYOS-EC2

curl-8.0.1-150400.5.23.1

libcurl4-8.0.1-150400.5.23.1

Image SLES15-SP4-Hardened-BYOS-GCE

curl-8.0.1-150400.5.23.1

libcurl4-8.0.1-150400.5.23.1

Image SLES15-SP4-Manager-Proxy-4-3-BYOS

curl-8.0.1-150400.5.23.1

libcurl4-8.0.1-150400.5.23.1

Image SLES15-SP4-Manager-Proxy-4-3-BYOS-Azure

curl-8.0.1-150400.5.23.1

libcurl4-8.0.1-150400.5.23.1

Image SLES15-SP4-Manager-Proxy-4-3-BYOS-EC2

curl-8.0.1-150400.5.23.1

libcurl4-8.0.1-150400.5.23.1

Image SLES15-SP4-Manager-Proxy-4-3-BYOS-GCE

curl-8.0.1-150400.5.23.1

libcurl4-8.0.1-150400.5.23.1

Image SLES15-SP4-Manager-Server-4-3

curl-8.0.1-150400.5.23.1

libcurl4-8.0.1-150400.5.23.1

Image SLES15-SP4-Manager-Server-4-3-Azure-llc

curl-8.0.1-150400.5.23.1

libcurl4-8.0.1-150400.5.23.1

Image SLES15-SP4-Manager-Server-4-3-Azure-ltd

curl-8.0.1-150400.5.23.1

libcurl4-8.0.1-150400.5.23.1

Image SLES15-SP4-Manager-Server-4-3-BYOS

curl-8.0.1-150400.5.23.1

libcurl4-8.0.1-150400.5.23.1

Image SLES15-SP4-Manager-Server-4-3-BYOS-Azure

curl-8.0.1-150400.5.23.1

libcurl4-8.0.1-150400.5.23.1

Image SLES15-SP4-Manager-Server-4-3-BYOS-EC2

curl-8.0.1-150400.5.23.1

libcurl4-8.0.1-150400.5.23.1

Image SLES15-SP4-Manager-Server-4-3-BYOS-GCE

curl-8.0.1-150400.5.23.1

libcurl4-8.0.1-150400.5.23.1

Image SLES15-SP4-Manager-Server-4-3-EC2-llc

curl-8.0.1-150400.5.23.1

libcurl4-8.0.1-150400.5.23.1

Image SLES15-SP4-Manager-Server-4-3-EC2-ltd

curl-8.0.1-150400.5.23.1

libcurl4-8.0.1-150400.5.23.1

Image SLES15-SP4-Micro-5-3

curl-8.0.1-150400.5.23.1

libcurl4-8.0.1-150400.5.23.1

Image SLES15-SP4-Micro-5-3-BYOS

curl-8.0.1-150400.5.23.1

libcurl4-8.0.1-150400.5.23.1

Image SLES15-SP4-Micro-5-3-BYOS-Azure

curl-8.0.1-150400.5.23.1

libcurl4-8.0.1-150400.5.23.1

Image SLES15-SP4-Micro-5-3-BYOS-EC2

curl-8.0.1-150400.5.23.1

libcurl4-8.0.1-150400.5.23.1

Image SLES15-SP4-Micro-5-3-BYOS-GCE

curl-8.0.1-150400.5.23.1

libcurl4-8.0.1-150400.5.23.1

Image SLES15-SP4-Micro-5-3-EC2

curl-8.0.1-150400.5.23.1

libcurl4-8.0.1-150400.5.23.1

Image SLES15-SP4-Micro-5-4

curl-8.0.1-150400.5.23.1

libcurl4-8.0.1-150400.5.23.1

Image SLES15-SP4-Micro-5-4-Azure

curl-8.0.1-150400.5.23.1

libcurl4-8.0.1-150400.5.23.1

Image SLES15-SP4-Micro-5-4-BYOS

curl-8.0.1-150400.5.23.1

libcurl4-8.0.1-150400.5.23.1

Image SLES15-SP4-Micro-5-4-BYOS-Azure

curl-8.0.1-150400.5.23.1

libcurl4-8.0.1-150400.5.23.1

Image SLES15-SP4-Micro-5-4-BYOS-EC2

curl-8.0.1-150400.5.23.1

libcurl4-8.0.1-150400.5.23.1

Image SLES15-SP4-Micro-5-4-BYOS-GCE

curl-8.0.1-150400.5.23.1

libcurl4-8.0.1-150400.5.23.1

Image SLES15-SP4-Micro-5-4-EC2

curl-8.0.1-150400.5.23.1

libcurl4-8.0.1-150400.5.23.1

Image SLES15-SP4-Micro-5-4-GCE

curl-8.0.1-150400.5.23.1

libcurl4-8.0.1-150400.5.23.1

Image SLES15-SP4-SAP

curl-8.0.1-150400.5.23.1

libcurl-devel-8.0.1-150400.5.23.1

libcurl4-8.0.1-150400.5.23.1

libcurl4-32bit-8.0.1-150400.5.23.1

Image SLES15-SP4-SAP-Azure

curl-8.0.1-150400.5.23.1

libcurl-devel-8.0.1-150400.5.23.1

libcurl4-8.0.1-150400.5.23.1

libcurl4-32bit-8.0.1-150400.5.23.1

Image SLES15-SP4-SAP-Azure-LI-BYOS

curl-8.0.1-150400.5.23.1

libcurl4-8.0.1-150400.5.23.1

Image SLES15-SP4-SAP-Azure-LI-BYOS-Production

curl-8.0.1-150400.5.23.1

libcurl4-8.0.1-150400.5.23.1

Image SLES15-SP4-SAP-Azure-VLI-BYOS

curl-8.0.1-150400.5.23.1

libcurl4-8.0.1-150400.5.23.1

Image SLES15-SP4-SAP-Azure-VLI-BYOS-Production

curl-8.0.1-150400.5.23.1

libcurl4-8.0.1-150400.5.23.1

Image SLES15-SP4-SAP-BYOS

curl-8.0.1-150400.5.23.1

libcurl4-8.0.1-150400.5.23.1

Image SLES15-SP4-SAP-BYOS-Azure

curl-8.0.1-150400.5.23.1

libcurl4-8.0.1-150400.5.23.1

Image SLES15-SP4-SAP-BYOS-EC2

curl-8.0.1-150400.5.23.1

libcurl4-8.0.1-150400.5.23.1

Image SLES15-SP4-SAP-BYOS-GCE

curl-8.0.1-150400.5.23.1

libcurl4-8.0.1-150400.5.23.1

Image SLES15-SP4-SAP-EC2

curl-8.0.1-150400.5.23.1

libcurl-devel-8.0.1-150400.5.23.1

libcurl4-8.0.1-150400.5.23.1

libcurl4-32bit-8.0.1-150400.5.23.1

Image SLES15-SP4-SAP-GCE

curl-8.0.1-150400.5.23.1

libcurl-devel-8.0.1-150400.5.23.1

libcurl4-8.0.1-150400.5.23.1

libcurl4-32bit-8.0.1-150400.5.23.1

Image SLES15-SP4-SAP-Hardened

curl-8.0.1-150400.5.23.1

libcurl4-8.0.1-150400.5.23.1

Image SLES15-SP4-SAP-Hardened-Azure

curl-8.0.1-150400.5.23.1

libcurl4-8.0.1-150400.5.23.1

Image SLES15-SP4-SAP-Hardened-BYOS

curl-8.0.1-150400.5.23.1

libcurl4-8.0.1-150400.5.23.1

Image SLES15-SP4-SAP-Hardened-BYOS-Azure

curl-8.0.1-150400.5.23.1

libcurl4-8.0.1-150400.5.23.1

Image SLES15-SP4-SAP-Hardened-BYOS-EC2

curl-8.0.1-150400.5.23.1

libcurl4-8.0.1-150400.5.23.1

Image SLES15-SP4-SAP-Hardened-BYOS-GCE

curl-8.0.1-150400.5.23.1

libcurl4-8.0.1-150400.5.23.1

Image SLES15-SP4-SAP-Hardened-GCE

curl-8.0.1-150400.5.23.1

libcurl4-8.0.1-150400.5.23.1

Image SLES15-SP4-SAPCAL

curl-8.0.1-150400.5.23.1

libcurl-devel-8.0.1-150400.5.23.1

libcurl4-8.0.1-150400.5.23.1

libcurl4-32bit-8.0.1-150400.5.23.1

Image SLES15-SP4-SAPCAL-Azure

curl-8.0.1-150400.5.23.1

libcurl-devel-8.0.1-150400.5.23.1

libcurl4-8.0.1-150400.5.23.1

libcurl4-32bit-8.0.1-150400.5.23.1

Image SLES15-SP4-SAPCAL-EC2

curl-8.0.1-150400.5.23.1

libcurl-devel-8.0.1-150400.5.23.1

libcurl4-8.0.1-150400.5.23.1

libcurl4-32bit-8.0.1-150400.5.23.1

Image SLES15-SP4-SAPCAL-GCE

curl-8.0.1-150400.5.23.1

libcurl-devel-8.0.1-150400.5.23.1

libcurl4-8.0.1-150400.5.23.1

libcurl4-32bit-8.0.1-150400.5.23.1

Image SLES15-SP4-SUSE-Rancher-Setup-BYOS

curl-8.0.1-150400.5.23.1

libcurl4-8.0.1-150400.5.23.1

Image SLES15-SP4-SUSE-Rancher-Setup-BYOS-EC2

curl-8.0.1-150400.5.23.1

libcurl4-8.0.1-150400.5.23.1

Image SLES15-SP5-Azure-3P

curl-8.0.1-150400.5.23.1

libcurl4-8.0.1-150400.5.23.1

Image SLES15-SP5-Azure-Basic

curl-8.0.1-150400.5.23.1

libcurl4-8.0.1-150400.5.23.1

Image SLES15-SP5-Azure-Standard

curl-8.0.1-150400.5.23.1

libcurl4-8.0.1-150400.5.23.1

Image SLES15-SP5-BYOS-Azure

curl-8.0.1-150400.5.23.1

libcurl4-8.0.1-150400.5.23.1

Image SLES15-SP5-BYOS-EC2

curl-8.0.1-150400.5.23.1

libcurl4-8.0.1-150400.5.23.1

Image SLES15-SP5-BYOS-GCE

curl-8.0.1-150400.5.23.1

libcurl4-8.0.1-150400.5.23.1

Image SLES15-SP5-CHOST-BYOS-Aliyun

curl-8.0.1-150400.5.23.1

libcurl4-8.0.1-150400.5.23.1

Image SLES15-SP5-CHOST-BYOS-Azure

curl-8.0.1-150400.5.23.1

libcurl4-8.0.1-150400.5.23.1

Image SLES15-SP5-CHOST-BYOS-EC2

curl-8.0.1-150400.5.23.1

libcurl4-8.0.1-150400.5.23.1

Image SLES15-SP5-CHOST-BYOS-GCE

curl-8.0.1-150400.5.23.1

libcurl4-8.0.1-150400.5.23.1

Image SLES15-SP5-CHOST-BYOS-GDC

curl-8.0.1-150400.5.23.1

libcurl4-8.0.1-150400.5.23.1

Image SLES15-SP5-CHOST-BYOS-SAP-CCloud

curl-8.0.1-150400.5.23.1

libcurl4-8.0.1-150400.5.23.1

Image SLES15-SP5-EC2

curl-8.0.1-150400.5.23.1

libcurl4-8.0.1-150400.5.23.1

Image SLES15-SP5-EC2-ECS-HVM

curl-8.0.1-150400.5.23.1

libcurl4-8.0.1-150400.5.23.1

Image SLES15-SP5-GCE

curl-8.0.1-150400.5.23.1

libcurl4-8.0.1-150400.5.23.1

Image SLES15-SP5-HPC-Azure

curl-8.0.1-150400.5.23.1

libcurl4-8.0.1-150400.5.23.1

Image SLES15-SP5-HPC-BYOS-Azure

curl-8.0.1-150400.5.23.1

libcurl4-8.0.1-150400.5.23.1

Image SLES15-SP5-HPC-BYOS-EC2

curl-8.0.1-150400.5.23.1

libcurl4-8.0.1-150400.5.23.1

Image SLES15-SP5-HPC-BYOS-GCE

curl-8.0.1-150400.5.23.1

libcurl4-8.0.1-150400.5.23.1

Image SLES15-SP5-HPC-EC2

curl-8.0.1-150400.5.23.1

libcurl4-8.0.1-150400.5.23.1

Image SLES15-SP5-HPC-GCE

curl-8.0.1-150400.5.23.1

libcurl4-8.0.1-150400.5.23.1

Image SLES15-SP5-Hardened-BYOS-Azure

curl-8.0.1-150400.5.23.1

libcurl4-8.0.1-150400.5.23.1

Image SLES15-SP5-Hardened-BYOS-EC2

curl-8.0.1-150400.5.23.1

libcurl4-8.0.1-150400.5.23.1

Image SLES15-SP5-Hardened-BYOS-GCE

curl-8.0.1-150400.5.23.1

libcurl4-8.0.1-150400.5.23.1

Image SLES15-SP5-Manager-Proxy-5-0-BYOS

curl-8.0.1-150400.5.23.1

libcurl4-8.0.1-150400.5.23.1

Image SLES15-SP5-Manager-Proxy-5-0-BYOS-Azure

curl-8.0.1-150400.5.23.1

libcurl4-8.0.1-150400.5.23.1

Image SLES15-SP5-Manager-Proxy-5-0-BYOS-EC2

curl-8.0.1-150400.5.23.1

libcurl4-8.0.1-150400.5.23.1

Image SLES15-SP5-Manager-Proxy-5-0-BYOS-GCE

curl-8.0.1-150400.5.23.1

libcurl4-8.0.1-150400.5.23.1

Image SLES15-SP5-Manager-Server-5-0

curl-8.0.1-150400.5.23.1

libcurl4-8.0.1-150400.5.23.1

Image SLES15-SP5-Manager-Server-5-0-Azure-llc

curl-8.0.1-150400.5.23.1

libcurl4-8.0.1-150400.5.23.1

Image SLES15-SP5-Manager-Server-5-0-Azure-ltd

curl-8.0.1-150400.5.23.1

libcurl4-8.0.1-150400.5.23.1

Image SLES15-SP5-Manager-Server-5-0-BYOS

curl-8.0.1-150400.5.23.1

libcurl4-8.0.1-150400.5.23.1

Image SLES15-SP5-Manager-Server-5-0-BYOS-Azure

curl-8.0.1-150400.5.23.1

libcurl4-8.0.1-150400.5.23.1

Image SLES15-SP5-Manager-Server-5-0-BYOS-EC2

curl-8.0.1-150400.5.23.1

libcurl4-8.0.1-150400.5.23.1

Image SLES15-SP5-Manager-Server-5-0-BYOS-GCE

curl-8.0.1-150400.5.23.1

libcurl4-8.0.1-150400.5.23.1

Image SLES15-SP5-Manager-Server-5-0-EC2-llc

curl-8.0.1-150400.5.23.1

libcurl4-8.0.1-150400.5.23.1

Image SLES15-SP5-Manager-Server-5-0-EC2-ltd

curl-8.0.1-150400.5.23.1

libcurl4-8.0.1-150400.5.23.1

Image SLES15-SP5-Micro-5-5

curl-8.0.1-150400.5.23.1

libcurl4-8.0.1-150400.5.23.1

Image SLES15-SP5-Micro-5-5-Azure

curl-8.0.1-150400.5.23.1

libcurl4-8.0.1-150400.5.23.1

Image SLES15-SP5-Micro-5-5-BYOS

curl-8.0.1-150400.5.23.1

libcurl4-8.0.1-150400.5.23.1

Image SLES15-SP5-Micro-5-5-BYOS-Azure

curl-8.0.1-150400.5.23.1

libcurl4-8.0.1-150400.5.23.1

Image SLES15-SP5-Micro-5-5-BYOS-EC2

curl-8.0.1-150400.5.23.1

libcurl4-8.0.1-150400.5.23.1

Image SLES15-SP5-Micro-5-5-BYOS-GCE

curl-8.0.1-150400.5.23.1

libcurl4-8.0.1-150400.5.23.1

Image SLES15-SP5-Micro-5-5-EC2

curl-8.0.1-150400.5.23.1

libcurl4-8.0.1-150400.5.23.1

Image SLES15-SP5-Micro-5-5-GCE

curl-8.0.1-150400.5.23.1

libcurl4-8.0.1-150400.5.23.1

Image SLES15-SP5-SAP-Azure

curl-8.0.1-150400.5.23.1

libcurl-devel-8.0.1-150400.5.23.1

libcurl4-8.0.1-150400.5.23.1

libcurl4-32bit-8.0.1-150400.5.23.1

Image SLES15-SP5-SAP-Azure-3P

curl-8.0.1-150400.5.23.1

libcurl4-8.0.1-150400.5.23.1

Image SLES15-SP5-SAP-Azure-LI-BYOS

curl-8.0.1-150400.5.23.1

libcurl4-8.0.1-150400.5.23.1

Image SLES15-SP5-SAP-Azure-LI-BYOS-Production

curl-8.0.1-150400.5.23.1

libcurl4-8.0.1-150400.5.23.1

Image SLES15-SP5-SAP-Azure-VLI-BYOS

curl-8.0.1-150400.5.23.1

libcurl4-8.0.1-150400.5.23.1

Image SLES15-SP5-SAP-Azure-VLI-BYOS-Production

curl-8.0.1-150400.5.23.1

libcurl4-8.0.1-150400.5.23.1

Image SLES15-SP5-SAP-BYOS-Azure

curl-8.0.1-150400.5.23.1

libcurl4-8.0.1-150400.5.23.1

Image SLES15-SP5-SAP-BYOS-EC2

curl-8.0.1-150400.5.23.1

libcurl4-8.0.1-150400.5.23.1

Image SLES15-SP5-SAP-BYOS-GCE

curl-8.0.1-150400.5.23.1

libcurl4-8.0.1-150400.5.23.1

Image SLES15-SP5-SAP-EC2

curl-8.0.1-150400.5.23.1

libcurl-devel-8.0.1-150400.5.23.1

libcurl4-8.0.1-150400.5.23.1

libcurl4-32bit-8.0.1-150400.5.23.1

Image SLES15-SP5-SAP-GCE

curl-8.0.1-150400.5.23.1

libcurl-devel-8.0.1-150400.5.23.1

libcurl4-8.0.1-150400.5.23.1

libcurl4-32bit-8.0.1-150400.5.23.1

Image SLES15-SP5-SAP-Hardened-Azure

curl-8.0.1-150400.5.23.1

libcurl4-8.0.1-150400.5.23.1

Image SLES15-SP5-SAP-Hardened-BYOS-Azure

curl-8.0.1-150400.5.23.1

libcurl4-8.0.1-150400.5.23.1

Image SLES15-SP5-SAP-Hardened-BYOS-EC2

curl-8.0.1-150400.5.23.1

libcurl4-8.0.1-150400.5.23.1

Image SLES15-SP5-SAP-Hardened-BYOS-GCE

curl-8.0.1-150400.5.23.1

libcurl4-8.0.1-150400.5.23.1

Image SLES15-SP5-SAP-Hardened-EC2

curl-8.0.1-150400.5.23.1

libcurl4-8.0.1-150400.5.23.1

Image SLES15-SP5-SAP-Hardened-GCE

curl-8.0.1-150400.5.23.1

libcurl4-8.0.1-150400.5.23.1

Image SLES15-SP5-SAPCAL-Azure

curl-8.0.1-150400.5.23.1

libcurl-devel-8.0.1-150400.5.23.1

libcurl4-8.0.1-150400.5.23.1

libcurl4-32bit-8.0.1-150400.5.23.1

Image SLES15-SP5-SAPCAL-EC2

curl-8.0.1-150400.5.23.1

libcurl-devel-8.0.1-150400.5.23.1

libcurl4-8.0.1-150400.5.23.1

libcurl4-32bit-8.0.1-150400.5.23.1

Image SLES15-SP5-SAPCAL-GCE

curl-8.0.1-150400.5.23.1

libcurl-devel-8.0.1-150400.5.23.1

libcurl4-8.0.1-150400.5.23.1

libcurl4-32bit-8.0.1-150400.5.23.1

openSUSE Leap 15.5

curl-8.0.1-150400.5.23.1

libcurl-devel-8.0.1-150400.5.23.1

libcurl-devel-32bit-8.0.1-150400.5.23.1

libcurl4-8.0.1-150400.5.23.1

libcurl4-32bit-8.0.1-150400.5.23.1

Ссылки

https://www.suse.com/support/update/announcement/2023/suse-su-20232224-2/
Link for SUSE-SU-2023:2224-2
https://lists.suse.com/pipermail/sle-security-updates/2023-June/015260.html
E-Mail link for SUSE-SU-2023:2224-2
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1211230
SUSE Bug 1211230
https://bugzilla.suse.com/1211231
SUSE Bug 1211231
https://bugzilla.suse.com/1211232
SUSE Bug 1211232
https://bugzilla.suse.com/1211233
SUSE Bug 1211233
https://www.suse.com/security/cve/CVE-2023-28319/
SUSE CVE CVE-2023-28319 page
https://www.suse.com/security/cve/CVE-2023-28320/
SUSE CVE CVE-2023-28320 page
https://www.suse.com/security/cve/CVE-2023-28321/
SUSE CVE CVE-2023-28321 page
https://www.suse.com/security/cve/CVE-2023-28322/
SUSE CVE CVE-2023-28322 page

Описание

A use after free vulnerability exists in curl <v8.1.0 in the way libcurl offers a feature to verify an SSH server's public key using a SHA 256 hash. When this check fails, libcurl would free the memory for the fingerprint before it returns an error message containing the (now freed) hash. This flaw risks inserting sensitive heap-based data into the error message that might be shown to users or otherwise get leaked and revealed.

Затронутые продукты

Container bci/bci-init:15.4:libcurl4-8.0.1-150400.5.23.1

Container bci/dotnet-aspnet:6.0:libcurl4-8.0.1-150400.5.23.1

Container bci/dotnet-aspnet:latest:libcurl4-8.0.1-150400.5.23.1

Container bci/dotnet-runtime:6.0:libcurl4-8.0.1-150400.5.23.1

Ссылки

https://www.suse.com/security/cve/CVE-2023-28319.html
CVE-2023-28319
https://bugzilla.suse.com/1211230
SUSE Bug 1211230

Описание

A denial of service vulnerability exists in curl <v8.1.0 in the way libcurl provides several different backends for resolving host names, selected at build time. If it is built to use the synchronous resolver, it allows name resolves to time-out slow operations using `alarm()` and `siglongjmp()`. When doing this, libcurl used a global buffer that was not mutex protected and a multi-threaded application might therefore crash or otherwise misbehave.

Затронутые продукты

Container bci/bci-init:15.4:libcurl4-8.0.1-150400.5.23.1

Container bci/dotnet-aspnet:6.0:libcurl4-8.0.1-150400.5.23.1

Container bci/dotnet-aspnet:latest:libcurl4-8.0.1-150400.5.23.1

Container bci/dotnet-runtime:6.0:libcurl4-8.0.1-150400.5.23.1

Ссылки

https://www.suse.com/security/cve/CVE-2023-28320.html
CVE-2023-28320
https://bugzilla.suse.com/1211231
SUSE Bug 1211231
https://bugzilla.suse.com/1218210
SUSE Bug 1218210

Описание

An improper certificate validation vulnerability exists in curl <v8.1.0 in the way it supports matching of wildcard patterns when listed as "Subject Alternative Name" in TLS server certificates. curl can be built to use its own name matching function for TLS rather than one provided by a TLS library. This private wildcard matching function would match IDN (International Domain Name) hosts incorrectly and could as a result accept patterns that otherwise should mismatch. IDN hostnames are converted to puny code before used for certificate checks. Puny coded names always start with `xn--` and should not be allowed to pattern match, but the wildcard check in curl could still check for `x*`, which would match even though the IDN name most likely contained nothing even resembling an `x`.

Затронутые продукты

Container bci/bci-init:15.4:libcurl4-8.0.1-150400.5.23.1

Container bci/dotnet-aspnet:6.0:libcurl4-8.0.1-150400.5.23.1

Container bci/dotnet-aspnet:latest:libcurl4-8.0.1-150400.5.23.1

Container bci/dotnet-runtime:6.0:libcurl4-8.0.1-150400.5.23.1

Ссылки

https://www.suse.com/security/cve/CVE-2023-28321.html
CVE-2023-28321
https://bugzilla.suse.com/1211232
SUSE Bug 1211232
https://bugzilla.suse.com/1218210
SUSE Bug 1218210

Описание

An information disclosure vulnerability exists in curl <v8.1.0 when doing HTTP(S) transfers, libcurl might erroneously use the read callback (`CURLOPT_READFUNCTION`) to ask for data to send, even when the `CURLOPT_POSTFIELDS` option has been set, if the same handle previously wasused to issue a `PUT` request which used that callback. This flaw may surprise the application and cause it to misbehave and either send off the wrong data or use memory after free or similar in the second transfer. The problem exists in the logic for a reused handle when it is (expected to be) changed from a PUT to a POST.

Затронутые продукты

Container bci/bci-init:15.4:libcurl4-8.0.1-150400.5.23.1

Container bci/dotnet-aspnet:6.0:libcurl4-8.0.1-150400.5.23.1

Container bci/dotnet-aspnet:latest:libcurl4-8.0.1-150400.5.23.1

Container bci/dotnet-runtime:6.0:libcurl4-8.0.1-150400.5.23.1

Ссылки

https://www.suse.com/security/cve/CVE-2023-28322.html
CVE-2023-28322
https://bugzilla.suse.com/1211233
SUSE Bug 1211233