Описание
Security update for curl
This update for curl fixes the following issues:
- CVE-2025-14524: Fixed bearer token leak on cross-protocol redirect (bsc#1255731)
- CVE-2025-15079: Fixed unknown host connection acceptance when set in the global knownhostsfile (bsc#1255733)
- CVE-2025-14819: Fixed issue where alteration of CURLSSLOPT_NO_PARTIALCHAIN could accidentally lead to CA cache reuse for which partial chain was reversed (bsc#1255732)
Список пакетов
Container suse/ltss/sle12.5/sles12sp5:latest
SUSE Linux Enterprise Server LTSS Extended Security 12 SP5
Ссылки
- Link for SUSE-SU-2026:0066-1
- E-Mail link for SUSE-SU-2026:0066-1
- SUSE Security Ratings
- SUSE Bug 1255731
- SUSE Bug 1255732
- SUSE Bug 1255733
- SUSE CVE CVE-2025-14524 page
- SUSE CVE CVE-2025-14819 page
- SUSE CVE CVE-2025-15079 page
Описание
When an OAuth2 bearer token is used for an HTTP(S) transfer, and that transfer performs a cross-protocol redirect to a second URL that uses an IMAP, LDAP, POP3 or SMTP scheme, curl might wrongly pass on the bearer token to the new target host.
Затронутые продукты
Ссылки
- CVE-2025-14524
- SUSE Bug 1255731
Описание
When doing TLS related transfers with reused easy or multi handles and altering the `CURLSSLOPT_NO_PARTIALCHAIN` option, libcurl could accidentally reuse a CA store cached in memory for which the partial chain option was reversed. Contrary to the user's wishes and expectations. This could make libcurl find and accept a trust chain that it otherwise would not.
Затронутые продукты
Ссылки
- CVE-2025-14819
- SUSE Bug 1255732
Описание
When doing SSH-based transfers using either SCP or SFTP, and setting the known_hosts file, libcurl could still mistakenly accept connecting to hosts *not present* in the specified file if they were added as recognized in the libssh *global* known_hosts file.
Затронутые продукты
Ссылки
- CVE-2025-15079
- SUSE Bug 1255733