SUSE-SU-2023:4659-1

Опубликовано: 06 дек. 2023

Источник: suse-cvrf

Описание

Security update for curl

This update for curl fixes the following issues:

CVE-2023-46218: Fixed cookie mixed case PSL bypass (bsc#1217573).
CVE-2023-46219: HSTS long file name clears contents (bsc#1217574).

Список пакетов

Container bci/bci-init:15.4

libcurl4-8.0.1-150400.5.36.1

Container bci/golang:1.20-openssl

libcurl4-8.0.1-150400.5.36.1

Container bci/golang:1.21

libcurl4-8.0.1-150400.5.36.1

Container bci/golang:latest

libcurl4-8.0.1-150400.5.36.1

Container bci/node:16

libcurl4-8.0.1-150400.5.36.1

Container bci/node:18

curl-8.0.1-150400.5.36.1

libcurl4-8.0.1-150400.5.36.1

Container bci/nodejs:latest

libcurl4-8.0.1-150400.5.36.1

Container bci/openjdk:11

curl-8.0.1-150400.5.36.1

libcurl4-8.0.1-150400.5.36.1

Container bci/openjdk:17

curl-8.0.1-150400.5.36.1

libcurl4-8.0.1-150400.5.36.1

Container bci/php-apache:latest

libcurl4-8.0.1-150400.5.36.1

Container bci/php-fpm:latest

libcurl4-8.0.1-150400.5.36.1

Container bci/php:latest

libcurl4-8.0.1-150400.5.36.1

Container bci/python:3

curl-8.0.1-150400.5.36.1

libcurl4-8.0.1-150400.5.36.1

Container bci/python:latest

curl-8.0.1-150400.5.36.1

libcurl4-8.0.1-150400.5.36.1

Container bci/ruby:latest

curl-8.0.1-150400.5.36.1

libcurl4-8.0.1-150400.5.36.1

Container bci/rust:1.77

libcurl4-8.0.1-150400.5.36.1

Container bci/rust:latest

libcurl4-8.0.1-150400.5.36.1

Container rancher/elemental-teal-rt/5.4:latest

libcurl4-8.0.1-150400.5.36.1

Container rancher/elemental-teal/5.4:latest

libcurl4-8.0.1-150400.5.36.1

Container rancher/seedimage-builder:latest

curl-8.0.1-150400.5.36.1

libcurl4-8.0.1-150400.5.36.1

Container suse/git:latest

libcurl4-8.0.1-150400.5.36.1

Container suse/hpc/warewulf4-x86_64/sle-hpc-node:latest

curl-8.0.1-150400.5.36.1

libcurl4-8.0.1-150400.5.36.1

Container suse/ltss/sle15.4/bci-base:latest

curl-8.0.1-150400.5.36.1

libcurl4-8.0.1-150400.5.36.1

Container suse/ltss/sle15.5/sle15:latest

curl-8.0.1-150400.5.36.1

libcurl4-8.0.1-150400.5.36.1

Container suse/manager/4.3/proxy-httpd:latest

curl-8.0.1-150400.5.36.1

libcurl4-8.0.1-150400.5.36.1

Container suse/manager/4.3/proxy-salt-broker:latest

curl-8.0.1-150400.5.36.1

libcurl4-8.0.1-150400.5.36.1

Container suse/pcp:5

libcurl4-8.0.1-150400.5.36.1

Container suse/postgres:14

libcurl4-8.0.1-150400.5.36.1

Container suse/sle-micro-rancher/5.3:latest

curl-8.0.1-150400.5.36.1

libcurl4-8.0.1-150400.5.36.1

Container suse/sle-micro-rancher/5.4:latest

curl-8.0.1-150400.5.36.1

libcurl4-8.0.1-150400.5.36.1

Container suse/sle-micro/5.3/toolbox:latest

curl-8.0.1-150400.5.36.1

libcurl4-8.0.1-150400.5.36.1

Container suse/sle-micro/5.4/toolbox:latest

curl-8.0.1-150400.5.36.1

libcurl4-8.0.1-150400.5.36.1

Container suse/sle-micro/5.5/toolbox:latest

curl-8.0.1-150400.5.36.1

libcurl4-8.0.1-150400.5.36.1

Container suse/sle-micro/5.5:latest

libcurl4-8.0.1-150400.5.36.1

Container suse/sle-micro/base-5.5:latest

curl-8.0.1-150400.5.36.1

libcurl4-8.0.1-150400.5.36.1

Container suse/sle-micro/kvm-5.5:latest

libcurl4-8.0.1-150400.5.36.1

Container suse/sle-micro/rt-5.5:latest

libcurl4-8.0.1-150400.5.36.1

Container suse/sle15:15.4

curl-8.0.1-150400.5.36.1

libcurl4-8.0.1-150400.5.36.1

Container suse/sle15:15.5

curl-8.0.1-150400.5.36.1

libcurl4-8.0.1-150400.5.36.1

Image SLES15-SP4-BYOS

curl-8.0.1-150400.5.36.1

libcurl4-8.0.1-150400.5.36.1

Image SLES15-SP4-BYOS-Azure

curl-8.0.1-150400.5.36.1

libcurl4-8.0.1-150400.5.36.1

Image SLES15-SP4-BYOS-EC2

curl-8.0.1-150400.5.36.1

libcurl4-8.0.1-150400.5.36.1

Image SLES15-SP4-BYOS-GCE

curl-8.0.1-150400.5.36.1

libcurl4-8.0.1-150400.5.36.1

Image SLES15-SP4-CHOST-BYOS

curl-8.0.1-150400.5.36.1

libcurl4-8.0.1-150400.5.36.1

Image SLES15-SP4-CHOST-BYOS-Aliyun

curl-8.0.1-150400.5.36.1

libcurl4-8.0.1-150400.5.36.1

Image SLES15-SP4-CHOST-BYOS-Azure

curl-8.0.1-150400.5.36.1

libcurl4-8.0.1-150400.5.36.1

Image SLES15-SP4-CHOST-BYOS-EC2

curl-8.0.1-150400.5.36.1

libcurl4-8.0.1-150400.5.36.1

Image SLES15-SP4-CHOST-BYOS-GCE

curl-8.0.1-150400.5.36.1

libcurl4-8.0.1-150400.5.36.1

Image SLES15-SP4-CHOST-BYOS-SAP-CCloud

curl-8.0.1-150400.5.36.1

libcurl4-8.0.1-150400.5.36.1

Image SLES15-SP4-HPC-BYOS

curl-8.0.1-150400.5.36.1

libcurl4-8.0.1-150400.5.36.1

Image SLES15-SP4-HPC-BYOS-Azure

curl-8.0.1-150400.5.36.1

libcurl4-8.0.1-150400.5.36.1

Image SLES15-SP4-HPC-BYOS-EC2

curl-8.0.1-150400.5.36.1

libcurl4-8.0.1-150400.5.36.1

Image SLES15-SP4-HPC-BYOS-GCE

curl-8.0.1-150400.5.36.1

libcurl4-8.0.1-150400.5.36.1

Image SLES15-SP4-HPC-EC2

curl-8.0.1-150400.5.36.1

libcurl4-8.0.1-150400.5.36.1

Image SLES15-SP4-HPC-GCE

curl-8.0.1-150400.5.36.1

libcurl4-8.0.1-150400.5.36.1

Image SLES15-SP4-Hardened-BYOS

curl-8.0.1-150400.5.36.1

libcurl4-8.0.1-150400.5.36.1

Image SLES15-SP4-Hardened-BYOS-Azure

curl-8.0.1-150400.5.36.1

libcurl4-8.0.1-150400.5.36.1

Image SLES15-SP4-Hardened-BYOS-EC2

curl-8.0.1-150400.5.36.1

libcurl4-8.0.1-150400.5.36.1

Image SLES15-SP4-Hardened-BYOS-GCE

curl-8.0.1-150400.5.36.1

libcurl4-8.0.1-150400.5.36.1

Image SLES15-SP4-Manager-Proxy-4-3-BYOS

curl-8.0.1-150400.5.36.1

libcurl4-8.0.1-150400.5.36.1

Image SLES15-SP4-Manager-Proxy-4-3-BYOS-Azure

curl-8.0.1-150400.5.36.1

libcurl4-8.0.1-150400.5.36.1

Image SLES15-SP4-Manager-Proxy-4-3-BYOS-EC2

curl-8.0.1-150400.5.36.1

libcurl4-8.0.1-150400.5.36.1

Image SLES15-SP4-Manager-Proxy-4-3-BYOS-GCE

curl-8.0.1-150400.5.36.1

libcurl4-8.0.1-150400.5.36.1

Image SLES15-SP4-Manager-Server-4-3

curl-8.0.1-150400.5.36.1

libcurl4-8.0.1-150400.5.36.1

Image SLES15-SP4-Manager-Server-4-3-Azure-llc

curl-8.0.1-150400.5.36.1

libcurl4-8.0.1-150400.5.36.1

Image SLES15-SP4-Manager-Server-4-3-Azure-ltd

curl-8.0.1-150400.5.36.1

libcurl4-8.0.1-150400.5.36.1

Image SLES15-SP4-Manager-Server-4-3-BYOS

curl-8.0.1-150400.5.36.1

libcurl4-8.0.1-150400.5.36.1

Image SLES15-SP4-Manager-Server-4-3-BYOS-Azure

curl-8.0.1-150400.5.36.1

libcurl4-8.0.1-150400.5.36.1

Image SLES15-SP4-Manager-Server-4-3-BYOS-EC2

curl-8.0.1-150400.5.36.1

libcurl4-8.0.1-150400.5.36.1

Image SLES15-SP4-Manager-Server-4-3-BYOS-GCE

curl-8.0.1-150400.5.36.1

libcurl4-8.0.1-150400.5.36.1

Image SLES15-SP4-Manager-Server-4-3-EC2-llc

curl-8.0.1-150400.5.36.1

libcurl4-8.0.1-150400.5.36.1

Image SLES15-SP4-Manager-Server-4-3-EC2-ltd

curl-8.0.1-150400.5.36.1

libcurl4-8.0.1-150400.5.36.1

Image SLES15-SP4-Micro-5-3

curl-8.0.1-150400.5.36.1

libcurl4-8.0.1-150400.5.36.1

Image SLES15-SP4-Micro-5-3-BYOS

curl-8.0.1-150400.5.36.1

libcurl4-8.0.1-150400.5.36.1

Image SLES15-SP4-Micro-5-3-BYOS-Azure

curl-8.0.1-150400.5.36.1

libcurl4-8.0.1-150400.5.36.1

Image SLES15-SP4-Micro-5-3-BYOS-EC2

curl-8.0.1-150400.5.36.1

libcurl4-8.0.1-150400.5.36.1

Image SLES15-SP4-Micro-5-3-BYOS-GCE

curl-8.0.1-150400.5.36.1

libcurl4-8.0.1-150400.5.36.1

Image SLES15-SP4-Micro-5-3-EC2

curl-8.0.1-150400.5.36.1

libcurl4-8.0.1-150400.5.36.1

Image SLES15-SP4-Micro-5-4

curl-8.0.1-150400.5.36.1

libcurl4-8.0.1-150400.5.36.1

Image SLES15-SP4-Micro-5-4-BYOS

curl-8.0.1-150400.5.36.1

libcurl4-8.0.1-150400.5.36.1

Image SLES15-SP4-Micro-5-4-BYOS-Azure

curl-8.0.1-150400.5.36.1

libcurl4-8.0.1-150400.5.36.1

Image SLES15-SP4-Micro-5-4-BYOS-EC2

curl-8.0.1-150400.5.36.1

libcurl4-8.0.1-150400.5.36.1

Image SLES15-SP4-Micro-5-4-BYOS-GCE

curl-8.0.1-150400.5.36.1

libcurl4-8.0.1-150400.5.36.1

Image SLES15-SP4-Micro-5-4-EC2

curl-8.0.1-150400.5.36.1

libcurl4-8.0.1-150400.5.36.1

Image SLES15-SP4-Micro-5-4-GCE

curl-8.0.1-150400.5.36.1

libcurl4-8.0.1-150400.5.36.1

Image SLES15-SP4-SAP

curl-8.0.1-150400.5.36.1

libcurl-devel-8.0.1-150400.5.36.1

libcurl4-8.0.1-150400.5.36.1

libcurl4-32bit-8.0.1-150400.5.36.1

Image SLES15-SP4-SAP-Azure

curl-8.0.1-150400.5.36.1

libcurl-devel-8.0.1-150400.5.36.1

libcurl4-8.0.1-150400.5.36.1

libcurl4-32bit-8.0.1-150400.5.36.1

Image SLES15-SP4-SAP-Azure-LI-BYOS

curl-8.0.1-150400.5.36.1

libcurl4-8.0.1-150400.5.36.1

Image SLES15-SP4-SAP-Azure-LI-BYOS-Production

curl-8.0.1-150400.5.36.1

libcurl4-8.0.1-150400.5.36.1

Image SLES15-SP4-SAP-Azure-VLI-BYOS

curl-8.0.1-150400.5.36.1

libcurl4-8.0.1-150400.5.36.1

Image SLES15-SP4-SAP-Azure-VLI-BYOS-Production

curl-8.0.1-150400.5.36.1

libcurl4-8.0.1-150400.5.36.1

Image SLES15-SP4-SAP-BYOS

curl-8.0.1-150400.5.36.1

libcurl4-8.0.1-150400.5.36.1

Image SLES15-SP4-SAP-BYOS-Azure

curl-8.0.1-150400.5.36.1

libcurl4-8.0.1-150400.5.36.1

Image SLES15-SP4-SAP-BYOS-EC2

curl-8.0.1-150400.5.36.1

libcurl4-8.0.1-150400.5.36.1

Image SLES15-SP4-SAP-BYOS-GCE

curl-8.0.1-150400.5.36.1

libcurl4-8.0.1-150400.5.36.1

Image SLES15-SP4-SAP-EC2

curl-8.0.1-150400.5.36.1

libcurl-devel-8.0.1-150400.5.36.1

libcurl4-8.0.1-150400.5.36.1

libcurl4-32bit-8.0.1-150400.5.36.1

Image SLES15-SP4-SAP-GCE

curl-8.0.1-150400.5.36.1

libcurl-devel-8.0.1-150400.5.36.1

libcurl4-8.0.1-150400.5.36.1

libcurl4-32bit-8.0.1-150400.5.36.1

Image SLES15-SP4-SAP-Hardened

curl-8.0.1-150400.5.36.1

libcurl4-8.0.1-150400.5.36.1

Image SLES15-SP4-SAP-Hardened-Azure

curl-8.0.1-150400.5.36.1

libcurl4-8.0.1-150400.5.36.1

Image SLES15-SP4-SAP-Hardened-BYOS

curl-8.0.1-150400.5.36.1

libcurl4-8.0.1-150400.5.36.1

Image SLES15-SP4-SAP-Hardened-BYOS-Azure

curl-8.0.1-150400.5.36.1

libcurl4-8.0.1-150400.5.36.1

Image SLES15-SP4-SAP-Hardened-BYOS-EC2

curl-8.0.1-150400.5.36.1

libcurl4-8.0.1-150400.5.36.1

Image SLES15-SP4-SAP-Hardened-BYOS-GCE

curl-8.0.1-150400.5.36.1

libcurl4-8.0.1-150400.5.36.1

Image SLES15-SP4-SAP-Hardened-GCE

curl-8.0.1-150400.5.36.1

libcurl4-8.0.1-150400.5.36.1

Image SLES15-SP4-SAPCAL

curl-8.0.1-150400.5.36.1

libcurl-devel-8.0.1-150400.5.36.1

libcurl4-8.0.1-150400.5.36.1

libcurl4-32bit-8.0.1-150400.5.36.1

Image SLES15-SP4-SAPCAL-Azure

curl-8.0.1-150400.5.36.1

libcurl-devel-8.0.1-150400.5.36.1

libcurl4-8.0.1-150400.5.36.1

libcurl4-32bit-8.0.1-150400.5.36.1

Image SLES15-SP4-SAPCAL-EC2

curl-8.0.1-150400.5.36.1

libcurl-devel-8.0.1-150400.5.36.1

libcurl4-8.0.1-150400.5.36.1

libcurl4-32bit-8.0.1-150400.5.36.1

Image SLES15-SP4-SAPCAL-GCE

curl-8.0.1-150400.5.36.1

libcurl-devel-8.0.1-150400.5.36.1

libcurl4-8.0.1-150400.5.36.1

libcurl4-32bit-8.0.1-150400.5.36.1

Image SLES15-SP4-SUSE-Rancher-Setup-BYOS

curl-8.0.1-150400.5.36.1

libcurl4-8.0.1-150400.5.36.1

Image SLES15-SP4-SUSE-Rancher-Setup-BYOS-EC2

curl-8.0.1-150400.5.36.1

libcurl4-8.0.1-150400.5.36.1

Image SLES15-SP5-Azure-3P

curl-8.0.1-150400.5.36.1

libcurl4-8.0.1-150400.5.36.1

Image SLES15-SP5-Azure-Basic

curl-8.0.1-150400.5.36.1

libcurl4-8.0.1-150400.5.36.1

Image SLES15-SP5-Azure-Standard

curl-8.0.1-150400.5.36.1

libcurl4-8.0.1-150400.5.36.1

Image SLES15-SP5-BYOS-Azure

curl-8.0.1-150400.5.36.1

libcurl4-8.0.1-150400.5.36.1

Image SLES15-SP5-BYOS-EC2

curl-8.0.1-150400.5.36.1

libcurl4-8.0.1-150400.5.36.1

Image SLES15-SP5-BYOS-GCE

curl-8.0.1-150400.5.36.1

libcurl4-8.0.1-150400.5.36.1

Image SLES15-SP5-CHOST-BYOS-Aliyun

curl-8.0.1-150400.5.36.1

libcurl4-8.0.1-150400.5.36.1

Image SLES15-SP5-CHOST-BYOS-Azure

curl-8.0.1-150400.5.36.1

libcurl4-8.0.1-150400.5.36.1

Image SLES15-SP5-CHOST-BYOS-EC2

curl-8.0.1-150400.5.36.1

libcurl4-8.0.1-150400.5.36.1

Image SLES15-SP5-CHOST-BYOS-GCE

curl-8.0.1-150400.5.36.1

libcurl4-8.0.1-150400.5.36.1

Image SLES15-SP5-CHOST-BYOS-GDC

curl-8.0.1-150400.5.36.1

libcurl4-8.0.1-150400.5.36.1

Image SLES15-SP5-CHOST-BYOS-SAP-CCloud

curl-8.0.1-150400.5.36.1

libcurl4-8.0.1-150400.5.36.1

Image SLES15-SP5-EC2

curl-8.0.1-150400.5.36.1

libcurl4-8.0.1-150400.5.36.1

Image SLES15-SP5-GCE

curl-8.0.1-150400.5.36.1

libcurl4-8.0.1-150400.5.36.1

Image SLES15-SP5-HPC-Azure

curl-8.0.1-150400.5.36.1

libcurl4-8.0.1-150400.5.36.1

Image SLES15-SP5-HPC-BYOS-Azure

curl-8.0.1-150400.5.36.1

libcurl4-8.0.1-150400.5.36.1

Image SLES15-SP5-HPC-BYOS-EC2

curl-8.0.1-150400.5.36.1

libcurl4-8.0.1-150400.5.36.1

Image SLES15-SP5-HPC-BYOS-GCE

curl-8.0.1-150400.5.36.1

libcurl4-8.0.1-150400.5.36.1

Image SLES15-SP5-Hardened-BYOS-Azure

curl-8.0.1-150400.5.36.1

libcurl4-8.0.1-150400.5.36.1

Image SLES15-SP5-Hardened-BYOS-EC2

curl-8.0.1-150400.5.36.1

libcurl4-8.0.1-150400.5.36.1

Image SLES15-SP5-Hardened-BYOS-GCE

curl-8.0.1-150400.5.36.1

libcurl4-8.0.1-150400.5.36.1

Image SLES15-SP5-Manager-Proxy-5-0-BYOS

curl-8.0.1-150400.5.36.1

libcurl4-8.0.1-150400.5.36.1

Image SLES15-SP5-Manager-Proxy-5-0-BYOS-Azure

curl-8.0.1-150400.5.36.1

libcurl4-8.0.1-150400.5.36.1

Image SLES15-SP5-Manager-Proxy-5-0-BYOS-EC2

curl-8.0.1-150400.5.36.1

libcurl4-8.0.1-150400.5.36.1

Image SLES15-SP5-Manager-Proxy-5-0-BYOS-GCE

curl-8.0.1-150400.5.36.1

libcurl4-8.0.1-150400.5.36.1

Image SLES15-SP5-Manager-Server-5-0

curl-8.0.1-150400.5.36.1

libcurl4-8.0.1-150400.5.36.1

Image SLES15-SP5-Manager-Server-5-0-Azure-llc

curl-8.0.1-150400.5.36.1

libcurl4-8.0.1-150400.5.36.1

Image SLES15-SP5-Manager-Server-5-0-Azure-ltd

curl-8.0.1-150400.5.36.1

libcurl4-8.0.1-150400.5.36.1

Image SLES15-SP5-Manager-Server-5-0-BYOS

curl-8.0.1-150400.5.36.1

libcurl4-8.0.1-150400.5.36.1

Image SLES15-SP5-Manager-Server-5-0-BYOS-Azure

curl-8.0.1-150400.5.36.1

libcurl4-8.0.1-150400.5.36.1

Image SLES15-SP5-Manager-Server-5-0-BYOS-EC2

curl-8.0.1-150400.5.36.1

libcurl4-8.0.1-150400.5.36.1

Image SLES15-SP5-Manager-Server-5-0-BYOS-GCE

curl-8.0.1-150400.5.36.1

libcurl4-8.0.1-150400.5.36.1

Image SLES15-SP5-Manager-Server-5-0-EC2-llc

curl-8.0.1-150400.5.36.1

libcurl4-8.0.1-150400.5.36.1

Image SLES15-SP5-Manager-Server-5-0-EC2-ltd

curl-8.0.1-150400.5.36.1

libcurl4-8.0.1-150400.5.36.1

Image SLES15-SP5-Micro-5-5

curl-8.0.1-150400.5.36.1

libcurl4-8.0.1-150400.5.36.1

Image SLES15-SP5-Micro-5-5-Azure

curl-8.0.1-150400.5.36.1

libcurl4-8.0.1-150400.5.36.1

Image SLES15-SP5-Micro-5-5-BYOS

curl-8.0.1-150400.5.36.1

libcurl4-8.0.1-150400.5.36.1

Image SLES15-SP5-Micro-5-5-BYOS-Azure

curl-8.0.1-150400.5.36.1

libcurl4-8.0.1-150400.5.36.1

Image SLES15-SP5-Micro-5-5-BYOS-EC2

curl-8.0.1-150400.5.36.1

libcurl4-8.0.1-150400.5.36.1

Image SLES15-SP5-Micro-5-5-BYOS-GCE

curl-8.0.1-150400.5.36.1

libcurl4-8.0.1-150400.5.36.1

Image SLES15-SP5-Micro-5-5-EC2

curl-8.0.1-150400.5.36.1

libcurl4-8.0.1-150400.5.36.1

Image SLES15-SP5-Micro-5-5-GCE

curl-8.0.1-150400.5.36.1

libcurl4-8.0.1-150400.5.36.1

Image SLES15-SP5-SAP-Azure-3P

curl-8.0.1-150400.5.36.1

libcurl4-8.0.1-150400.5.36.1

Image SLES15-SP5-SAP-Azure-LI-BYOS

curl-8.0.1-150400.5.36.1

libcurl4-8.0.1-150400.5.36.1

Image SLES15-SP5-SAP-Azure-LI-BYOS-Production

curl-8.0.1-150400.5.36.1

libcurl4-8.0.1-150400.5.36.1

Image SLES15-SP5-SAP-Azure-VLI-BYOS

curl-8.0.1-150400.5.36.1

libcurl4-8.0.1-150400.5.36.1

Image SLES15-SP5-SAP-Azure-VLI-BYOS-Production

curl-8.0.1-150400.5.36.1

libcurl4-8.0.1-150400.5.36.1

Image SLES15-SP5-SAP-BYOS-Azure

curl-8.0.1-150400.5.36.1

libcurl4-8.0.1-150400.5.36.1

Image SLES15-SP5-SAP-BYOS-EC2

curl-8.0.1-150400.5.36.1

libcurl4-8.0.1-150400.5.36.1

Image SLES15-SP5-SAP-BYOS-GCE

curl-8.0.1-150400.5.36.1

libcurl4-8.0.1-150400.5.36.1

Image SLES15-SP5-SAP-Hardened-Azure

curl-8.0.1-150400.5.36.1

libcurl4-8.0.1-150400.5.36.1

Image SLES15-SP5-SAP-Hardened-BYOS-Azure

curl-8.0.1-150400.5.36.1

libcurl4-8.0.1-150400.5.36.1

Image SLES15-SP5-SAP-Hardened-BYOS-EC2

curl-8.0.1-150400.5.36.1

libcurl4-8.0.1-150400.5.36.1

Image SLES15-SP5-SAP-Hardened-BYOS-GCE

curl-8.0.1-150400.5.36.1

libcurl4-8.0.1-150400.5.36.1

Image SLES15-SP5-SAP-Hardened-GCE

curl-8.0.1-150400.5.36.1

libcurl4-8.0.1-150400.5.36.1

Image SLES15-SP5-SAPCAL-Azure

curl-8.0.1-150400.5.36.1

libcurl-devel-8.0.1-150400.5.36.1

libcurl4-8.0.1-150400.5.36.1

libcurl4-32bit-8.0.1-150400.5.36.1

Image SLES15-SP5-SAPCAL-EC2

curl-8.0.1-150400.5.36.1

libcurl-devel-8.0.1-150400.5.36.1

libcurl4-8.0.1-150400.5.36.1

libcurl4-32bit-8.0.1-150400.5.36.1

Image SLES15-SP5-SAPCAL-GCE

curl-8.0.1-150400.5.36.1

libcurl-devel-8.0.1-150400.5.36.1

libcurl4-8.0.1-150400.5.36.1

libcurl4-32bit-8.0.1-150400.5.36.1

SUSE Linux Enterprise Micro 5.3

curl-8.0.1-150400.5.36.1

libcurl4-8.0.1-150400.5.36.1

SUSE Linux Enterprise Micro 5.4

curl-8.0.1-150400.5.36.1

libcurl4-8.0.1-150400.5.36.1

SUSE Linux Enterprise Micro 5.5

curl-8.0.1-150400.5.36.1

libcurl4-8.0.1-150400.5.36.1

SUSE Linux Enterprise Module for Basesystem 15 SP4

curl-8.0.1-150400.5.36.1

libcurl-devel-8.0.1-150400.5.36.1

libcurl4-8.0.1-150400.5.36.1

libcurl4-32bit-8.0.1-150400.5.36.1

SUSE Linux Enterprise Module for Basesystem 15 SP5

curl-8.0.1-150400.5.36.1

libcurl-devel-8.0.1-150400.5.36.1

libcurl4-8.0.1-150400.5.36.1

libcurl4-32bit-8.0.1-150400.5.36.1

openSUSE Leap 15.4

curl-8.0.1-150400.5.36.1

libcurl-devel-8.0.1-150400.5.36.1

libcurl-devel-32bit-8.0.1-150400.5.36.1

libcurl4-8.0.1-150400.5.36.1

libcurl4-32bit-8.0.1-150400.5.36.1

openSUSE Leap 15.5

curl-8.0.1-150400.5.36.1

libcurl-devel-8.0.1-150400.5.36.1

libcurl-devel-32bit-8.0.1-150400.5.36.1

libcurl4-8.0.1-150400.5.36.1

libcurl4-32bit-8.0.1-150400.5.36.1

openSUSE Leap Micro 5.3

curl-8.0.1-150400.5.36.1

libcurl4-8.0.1-150400.5.36.1

openSUSE Leap Micro 5.4

curl-8.0.1-150400.5.36.1

libcurl4-8.0.1-150400.5.36.1

Ссылки

https://www.suse.com/support/update/announcement/2023/suse-su-20234659-1/
Link for SUSE-SU-2023:4659-1
https://lists.suse.com/pipermail/sle-updates/2023-December/033029.html
E-Mail link for SUSE-SU-2023:4659-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1217573
SUSE Bug 1217573
https://bugzilla.suse.com/1217574
SUSE Bug 1217574
https://www.suse.com/security/cve/CVE-2023-46218/
SUSE CVE CVE-2023-46218 page
https://www.suse.com/security/cve/CVE-2023-46219/
SUSE CVE CVE-2023-46219 page

Описание

This flaw allows a malicious HTTP server to set "super cookies" in curl that are then passed back to more origins than what is otherwise allowed or possible. This allows a site to set cookies that then would get sent to different and unrelated sites and domains. It could do this by exploiting a mixed case flaw in curl's function that verifies a given cookie domain against the Public Suffix List (PSL). For example a cookie could be set with `domain=co.UK` when the URL used a lower case hostname `curl.co.uk`, even though `co.uk` is listed as a PSL domain.

Затронутые продукты

Container bci/bci-init:15.4:libcurl4-8.0.1-150400.5.36.1

Container bci/golang:1.20-openssl:libcurl4-8.0.1-150400.5.36.1

Container bci/golang:1.21:libcurl4-8.0.1-150400.5.36.1

Container bci/golang:latest:libcurl4-8.0.1-150400.5.36.1

Ссылки

https://www.suse.com/security/cve/CVE-2023-46218.html
CVE-2023-46218
https://bugzilla.suse.com/1217573
SUSE Bug 1217573

Описание

When saving HSTS data to an excessively long file name, curl could end up removing all contents, making subsequent requests using that file unaware of the HSTS status they should otherwise use.

Затронутые продукты

Container bci/bci-init:15.4:libcurl4-8.0.1-150400.5.36.1

Container bci/golang:1.20-openssl:libcurl4-8.0.1-150400.5.36.1

Container bci/golang:1.21:libcurl4-8.0.1-150400.5.36.1

Container bci/golang:latest:libcurl4-8.0.1-150400.5.36.1

Ссылки

https://www.suse.com/security/cve/CVE-2023-46219.html
CVE-2023-46219
https://bugzilla.suse.com/1217574
SUSE Bug 1217574