Описание
Security update for curl
This update for curl fixes the following issues:
- CVE-2024-11053: Fixed password leak used for the first host to the followed-to host under certain circumstances (bsc#1234068)
Список пакетов
Container bci/bci-sle15-kernel-module-devel:15.7
libcurl4-8.6.0-150600.4.15.1
Container bci/bci-sle15-kernel-module-devel:latest
libcurl4-8.6.0-150600.4.15.1
Container bci/gcc:latest
curl-8.6.0-150600.4.15.1
libcurl4-8.6.0-150600.4.15.1
Container bci/golang:1.22-openssl
curl-8.6.0-150600.4.15.1
libcurl4-8.6.0-150600.4.15.1
Container bci/golang:1.23
curl-8.6.0-150600.4.15.1
libcurl4-8.6.0-150600.4.15.1
Container bci/golang:latest
curl-8.6.0-150600.4.15.1
libcurl4-8.6.0-150600.4.15.1
Container bci/kiwi:latest
curl-8.6.0-150600.4.15.1
libcurl4-8.6.0-150600.4.15.1
Container bci/node:22
curl-8.6.0-150600.4.15.1
libcurl4-8.6.0-150600.4.15.1
Container bci/nodejs:latest
curl-8.6.0-150600.4.15.1
libcurl4-8.6.0-150600.4.15.1
Container bci/openjdk:17
curl-8.6.0-150600.4.15.1
libcurl4-8.6.0-150600.4.15.1
Container bci/openjdk:latest
curl-8.6.0-150600.4.15.1
libcurl4-8.6.0-150600.4.15.1
Container bci/php-apache:latest
libcurl4-8.6.0-150600.4.15.1
Container bci/php-fpm:latest
libcurl4-8.6.0-150600.4.15.1
Container bci/php:latest
libcurl4-8.6.0-150600.4.15.1
Container bci/python:3
curl-8.6.0-150600.4.15.1
libcurl4-8.6.0-150600.4.15.1
Container bci/python:3.13
curl-8.6.0-150600.4.15.1
libcurl4-8.6.0-150600.4.15.1
Container bci/python:latest
curl-8.6.0-150600.4.15.1
libcurl4-8.6.0-150600.4.15.1
Container bci/ruby:3
curl-8.6.0-150600.4.15.1
libcurl4-8.6.0-150600.4.15.1
Container bci/ruby:latest
curl-8.6.0-150600.4.15.1
libcurl4-8.6.0-150600.4.15.1
Container bci/rust:1.84
libcurl4-8.6.0-150600.4.15.1
Container bci/rust:latest
libcurl4-8.6.0-150600.4.15.1
Container bci/spack:0.23
curl-8.6.0-150600.4.15.1
libcurl-devel-8.6.0-150600.4.15.1
libcurl4-8.6.0-150600.4.15.1
Container bci/spack:latest
curl-8.6.0-150600.4.15.1
libcurl-devel-8.6.0-150600.4.15.1
libcurl4-8.6.0-150600.4.15.1
Container containers/milvus:2.4
libcurl4-8.6.0-150600.4.15.1
Container containers/open-webui:0
libcurl4-8.6.0-150600.4.15.1
Container containers/python:3.11
curl-8.6.0-150600.4.15.1
libcurl4-8.6.0-150600.4.15.1
Container containers/python:3.9
curl-8.6.0-150600.4.15.1
libcurl4-8.6.0-150600.4.15.1
Container containers/pytorch:2-nvidia
libcurl4-8.6.0-150600.4.15.1
Container containers/pytorch:2.5.0
libcurl4-8.6.0-150600.4.15.1
Container suse/git:latest
libcurl4-8.6.0-150600.4.15.1
Container suse/hpc/warewulf4-x86_64/sle-hpc-node:latest
curl-8.6.0-150600.4.15.1
libcurl4-8.6.0-150600.4.15.1
Container suse/manager/5.0/x86_64/proxy-httpd:latest
curl-8.6.0-150600.4.15.1
libcurl4-8.6.0-150600.4.15.1
Container suse/manager/5.0/x86_64/proxy-salt-broker:latest
curl-8.6.0-150600.4.15.1
libcurl4-8.6.0-150600.4.15.1
Container suse/manager/5.0/x86_64/server-hub-xmlrpc-api:latest
libcurl4-8.6.0-150600.4.15.1
Container suse/manager/5.0/x86_64/server:latest
curl-8.6.0-150600.4.15.1
libcurl4-8.6.0-150600.4.15.1
Container suse/sle15:15.6
curl-8.6.0-150600.4.15.1
libcurl4-8.6.0-150600.4.15.1
Container suse/sle15:15.7
curl-8.6.0-150600.4.15.1
libcurl4-8.6.0-150600.4.15.1
Container suse/sles/15.7/cdi-cloner:1.58.0
curl-8.6.0-150600.4.15.1
libcurl4-8.6.0-150600.4.15.1
Container suse/sles/15.7/cdi-importer:1.58.0
curl-8.6.0-150600.4.15.1
libcurl4-8.6.0-150600.4.15.1
Container suse/sles/15.7/cdi-uploadserver:1.58.0
curl-8.6.0-150600.4.15.1
libcurl4-8.6.0-150600.4.15.1
Container suse/sles/15.7/libguestfs-tools:1.4.0
curl-8.6.0-150600.4.15.1
libcurl4-8.6.0-150600.4.15.1
Container suse/sles/15.7/virt-handler:1.4.0
curl-8.6.0-150600.4.15.1
libcurl4-8.6.0-150600.4.15.1
Container suse/sles/15.7/virt-launcher:1.4.0
curl-8.6.0-150600.4.15.1
libcurl4-8.6.0-150600.4.15.1
Container trento/trento-wanda:latest
libcurl4-8.6.0-150600.4.15.1
Container trento/trento-web:latest
libcurl4-8.6.0-150600.4.15.1
Image SLES15-SP6
curl-8.6.0-150600.4.15.1
libcurl4-8.6.0-150600.4.15.1
Image SLES15-SP6-Azure-Basic
curl-8.6.0-150600.4.15.1
libcurl4-8.6.0-150600.4.15.1
Image SLES15-SP6-Azure-Standard
curl-8.6.0-150600.4.15.1
libcurl4-8.6.0-150600.4.15.1
Image SLES15-SP6-BYOS
curl-8.6.0-150600.4.15.1
libcurl4-8.6.0-150600.4.15.1
Image SLES15-SP6-BYOS-Azure
curl-8.6.0-150600.4.15.1
libcurl4-8.6.0-150600.4.15.1
Image SLES15-SP6-BYOS-EC2
curl-8.6.0-150600.4.15.1
libcurl4-8.6.0-150600.4.15.1
Image SLES15-SP6-BYOS-GCE
curl-8.6.0-150600.4.15.1
libcurl4-8.6.0-150600.4.15.1
Image SLES15-SP6-CHOST-BYOS
libcurl4-8.6.0-150600.4.15.1
Image SLES15-SP6-CHOST-BYOS-Aliyun
libcurl4-8.6.0-150600.4.15.1
Image SLES15-SP6-CHOST-BYOS-Azure
libcurl4-8.6.0-150600.4.15.1
Image SLES15-SP6-CHOST-BYOS-EC2
libcurl4-8.6.0-150600.4.15.1
Image SLES15-SP6-CHOST-BYOS-GCE
libcurl4-8.6.0-150600.4.15.1
Image SLES15-SP6-CHOST-BYOS-GDC
libcurl4-8.6.0-150600.4.15.1
Image SLES15-SP6-CHOST-BYOS-SAP-CCloud
libcurl4-8.6.0-150600.4.15.1
Image SLES15-SP6-EC2
curl-8.6.0-150600.4.15.1
libcurl4-8.6.0-150600.4.15.1
Image SLES15-SP6-EC2-ECS-HVM
curl-8.6.0-150600.4.15.1
libcurl4-8.6.0-150600.4.15.1
Image SLES15-SP6-GCE
curl-8.6.0-150600.4.15.1
libcurl4-8.6.0-150600.4.15.1
Image SLES15-SP6-HPC
curl-8.6.0-150600.4.15.1
libcurl4-8.6.0-150600.4.15.1
Image SLES15-SP6-HPC-Azure
curl-8.6.0-150600.4.15.1
libcurl4-8.6.0-150600.4.15.1
Image SLES15-SP6-HPC-BYOS
curl-8.6.0-150600.4.15.1
libcurl4-8.6.0-150600.4.15.1
Image SLES15-SP6-HPC-BYOS-Azure
curl-8.6.0-150600.4.15.1
libcurl4-8.6.0-150600.4.15.1
Image SLES15-SP6-HPC-BYOS-EC2
curl-8.6.0-150600.4.15.1
libcurl4-8.6.0-150600.4.15.1
Image SLES15-SP6-HPC-BYOS-GCE
curl-8.6.0-150600.4.15.1
libcurl4-8.6.0-150600.4.15.1
Image SLES15-SP6-HPC-EC2
curl-8.6.0-150600.4.15.1
libcurl4-8.6.0-150600.4.15.1
Image SLES15-SP6-HPC-GCE
curl-8.6.0-150600.4.15.1
libcurl4-8.6.0-150600.4.15.1
Image SLES15-SP6-Hardened-BYOS
curl-8.6.0-150600.4.15.1
libcurl4-8.6.0-150600.4.15.1
Image SLES15-SP6-Hardened-BYOS-Azure
curl-8.6.0-150600.4.15.1
libcurl4-8.6.0-150600.4.15.1
Image SLES15-SP6-Hardened-BYOS-EC2
curl-8.6.0-150600.4.15.1
libcurl4-8.6.0-150600.4.15.1
Image SLES15-SP6-Hardened-BYOS-GCE
curl-8.6.0-150600.4.15.1
libcurl4-8.6.0-150600.4.15.1
Image SLES15-SP6-SAP
curl-8.6.0-150600.4.15.1
libcurl-devel-8.6.0-150600.4.15.1
libcurl4-8.6.0-150600.4.15.1
libcurl4-32bit-8.6.0-150600.4.15.1
Image SLES15-SP6-SAP-Azure
curl-8.6.0-150600.4.15.1
libcurl-devel-8.6.0-150600.4.15.1
libcurl4-8.6.0-150600.4.15.1
libcurl4-32bit-8.6.0-150600.4.15.1
Image SLES15-SP6-SAP-Azure-LI-BYOS
curl-8.6.0-150600.4.15.1
libcurl4-8.6.0-150600.4.15.1
Image SLES15-SP6-SAP-Azure-LI-BYOS-Production
curl-8.6.0-150600.4.15.1
libcurl4-8.6.0-150600.4.15.1
Image SLES15-SP6-SAP-Azure-VLI-BYOS
curl-8.6.0-150600.4.15.1
libcurl4-8.6.0-150600.4.15.1
Image SLES15-SP6-SAP-Azure-VLI-BYOS-Production
curl-8.6.0-150600.4.15.1
libcurl4-8.6.0-150600.4.15.1
Image SLES15-SP6-SAP-BYOS
curl-8.6.0-150600.4.15.1
libcurl4-8.6.0-150600.4.15.1
Image SLES15-SP6-SAP-BYOS-Azure
curl-8.6.0-150600.4.15.1
libcurl4-8.6.0-150600.4.15.1
Image SLES15-SP6-SAP-BYOS-EC2
curl-8.6.0-150600.4.15.1
libcurl4-8.6.0-150600.4.15.1
Image SLES15-SP6-SAP-BYOS-GCE
curl-8.6.0-150600.4.15.1
libcurl4-8.6.0-150600.4.15.1
Image SLES15-SP6-SAP-EC2
curl-8.6.0-150600.4.15.1
libcurl-devel-8.6.0-150600.4.15.1
libcurl4-8.6.0-150600.4.15.1
libcurl4-32bit-8.6.0-150600.4.15.1
Image SLES15-SP6-SAP-GCE
curl-8.6.0-150600.4.15.1
libcurl-devel-8.6.0-150600.4.15.1
libcurl4-8.6.0-150600.4.15.1
libcurl4-32bit-8.6.0-150600.4.15.1
Image SLES15-SP6-SAP-Hardened
curl-8.6.0-150600.4.15.1
libcurl4-8.6.0-150600.4.15.1
Image SLES15-SP6-SAP-Hardened-Azure
curl-8.6.0-150600.4.15.1
libcurl4-8.6.0-150600.4.15.1
Image SLES15-SP6-SAP-Hardened-BYOS
curl-8.6.0-150600.4.15.1
libcurl4-8.6.0-150600.4.15.1
Image SLES15-SP6-SAP-Hardened-BYOS-Azure
curl-8.6.0-150600.4.15.1
libcurl4-8.6.0-150600.4.15.1
Image SLES15-SP6-SAP-Hardened-BYOS-EC2
curl-8.6.0-150600.4.15.1
libcurl4-8.6.0-150600.4.15.1
Image SLES15-SP6-SAP-Hardened-BYOS-GCE
curl-8.6.0-150600.4.15.1
libcurl4-8.6.0-150600.4.15.1
Image SLES15-SP6-SAP-Hardened-EC2
curl-8.6.0-150600.4.15.1
libcurl4-8.6.0-150600.4.15.1
Image SLES15-SP6-SAP-Hardened-GCE
curl-8.6.0-150600.4.15.1
libcurl4-8.6.0-150600.4.15.1
Image SLES15-SP6-SAPCAL
curl-8.6.0-150600.4.15.1
libcurl-devel-8.6.0-150600.4.15.1
libcurl4-8.6.0-150600.4.15.1
libcurl4-32bit-8.6.0-150600.4.15.1
Image SLES15-SP6-SAPCAL-Azure
curl-8.6.0-150600.4.15.1
libcurl-devel-8.6.0-150600.4.15.1
libcurl4-8.6.0-150600.4.15.1
libcurl4-32bit-8.6.0-150600.4.15.1
Image SLES15-SP6-SAPCAL-EC2
curl-8.6.0-150600.4.15.1
libcurl-devel-8.6.0-150600.4.15.1
libcurl4-8.6.0-150600.4.15.1
libcurl4-32bit-8.6.0-150600.4.15.1
Image SLES15-SP6-SAPCAL-GCE
curl-8.6.0-150600.4.15.1
libcurl-devel-8.6.0-150600.4.15.1
libcurl4-8.6.0-150600.4.15.1
libcurl4-32bit-8.6.0-150600.4.15.1
Image ai_15_6
libcurl4-8.6.0-150600.4.15.1
Image proxy-httpd-image
curl-8.6.0-150600.4.15.1
libcurl4-8.6.0-150600.4.15.1
Image proxy-salt-broker-image
curl-8.6.0-150600.4.15.1
libcurl4-8.6.0-150600.4.15.1
Image python_15_6
curl-8.6.0-150600.4.15.1
libcurl4-8.6.0-150600.4.15.1
Image server-hub-xmlrpc-api-image
libcurl4-8.6.0-150600.4.15.1
Image server-image
curl-8.6.0-150600.4.15.1
libcurl4-8.6.0-150600.4.15.1
SUSE Linux Enterprise Module for Basesystem 15 SP6
curl-8.6.0-150600.4.15.1
libcurl-devel-8.6.0-150600.4.15.1
libcurl4-8.6.0-150600.4.15.1
libcurl4-32bit-8.6.0-150600.4.15.1
openSUSE Leap 15.6
curl-8.6.0-150600.4.15.1
libcurl-devel-8.6.0-150600.4.15.1
libcurl-devel-32bit-8.6.0-150600.4.15.1
libcurl4-8.6.0-150600.4.15.1
libcurl4-32bit-8.6.0-150600.4.15.1
Ссылки
- Link for SUSE-SU-2024:4288-1
- E-Mail link for SUSE-SU-2024:4288-1
- SUSE Security Ratings
- SUSE Bug 1234068
- SUSE CVE CVE-2024-11053 page
Описание
When asked to both use a `.netrc` file for credentials and to follow HTTP redirects, curl could leak the password used for the first host to the followed-to host under certain circumstances. This flaw only manifests itself if the netrc file has an entry that matches the redirect target hostname but the entry either omits just the password or omits both login and password.
Затронутые продукты
Container bci/bci-sle15-kernel-module-devel:15.7:libcurl4-8.6.0-150600.4.15.1
Container bci/bci-sle15-kernel-module-devel:latest:libcurl4-8.6.0-150600.4.15.1
Container bci/gcc:latest:curl-8.6.0-150600.4.15.1
Container bci/gcc:latest:libcurl4-8.6.0-150600.4.15.1
Ссылки
- CVE-2024-11053
- SUSE Bug 1234068