Security update for curl
This update for curl fixes the following issues:
- CVE-2021-22925: TELNET stack contents disclosure again. (bsc#1188220)
- CVE-2021-22924: Bad connection reuse due to flawed path name checks. (bsc#1188219)
- CVE-2021-22923: Insufficiently Protected Credentials. (bsc#1188218)
- CVE-2021-22922: Wrong content via metalink not discarded. (bsc#1188217)
This update was imported from the SUSE:SLE-15-SP2:Update update project.
-
Submitted by
Pedro Monreal Gonzalez (pmonrealgonzalez)
Fixed bugs
bnc#1188219
VUL-0: EMBARGOED: CVE-2021-22924: curl: Bad connection reuse due to flawed path name checks
bnc#1188217
VUL-0: EMBARGOED: CVE-2021-22922: curl: Wrong content via metalink not discarded
bnc#1188218
VUL-0: EMBARGOED: CVE-2021-22923: curl: Metalink download sends credentials
bnc#1188220
VUL-0: EMBARGOED: CVE-2021-22925: curl: TELNET stack contents disclosure again
