SUSE-SU-2026:0119-1

Опубликовано: 13 янв. 2026

Источник: suse-cvrf

Описание

Security update for curl

This update for curl fixes the following issues:

CVE-2025-14017: Fixed broken TLS options for threaded LDAPS (bsc#1256105)

Список пакетов

Container suse/ltss/sle12.5/sles12sp5:latest

libcurl4-8.0.1-11.114.1

SUSE Linux Enterprise Server LTSS Extended Security 12 SP5

curl-8.0.1-11.114.1

libcurl-devel-8.0.1-11.114.1

libcurl4-8.0.1-11.114.1

libcurl4-32bit-8.0.1-11.114.1

Ссылки

https://www.suse.com/support/update/announcement/2026/suse-su-20260119-1/
Link for SUSE-SU-2026:0119-1
https://lists.suse.com/pipermail/sle-security-updates/2026-January/023738.html
E-Mail link for SUSE-SU-2026:0119-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1256105
SUSE Bug 1256105
https://www.suse.com/security/cve/CVE-2025-14017/
SUSE CVE CVE-2025-14017 page

Описание

When doing multi-threaded LDAPS transfers (LDAP over TLS) with libcurl, changing TLS options in one thread would inadvertently change them globally and therefore possibly also affect other concurrently setup transfers. Disabling certificate verification for a specific transfer could unintentionally disable the feature for other threads as well.

Затронутые продукты

Container suse/ltss/sle12.5/sles12sp5:latest:libcurl4-8.0.1-11.114.1

SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:curl-8.0.1-11.114.1

SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libcurl-devel-8.0.1-11.114.1

SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libcurl4-32bit-8.0.1-11.114.1

Ссылки

https://www.suse.com/security/cve/CVE-2025-14017.html
CVE-2025-14017
https://bugzilla.suse.com/1256105
SUSE Bug 1256105

SUSE-SU-2026:0119-1

Описание

Список пакетов

Container suse/ltss/sle12.5/sles12sp5:latest

SUSE Linux Enterprise Server LTSS Extended Security 12 SP5

Ссылки

Уязвимость: CVE-2025-14017

Описание

Затронутые продукты

Ссылки