Overview

File _patchinfo of Package patchinfo.16142

<patchinfo incident="16142">
  <issue tracker="bnc" id="1175109">VUL-0: EMBARGOED: CVE-2020-8231: curl: libcurl - wrong connect-only connection</issue>
  <issue tracker="bnc" id="1179398">VUL-0: EMBARGOED: CVE-2020-8284: curl: trusting FTP PASV responses (1/3)</issue>
  <issue tracker="cve" id="2020-8231"/>
  <issue tracker="cve" id="2020-8284"/>
  <packager>pmonrealgonzalez</packager>
  <rating>moderate</rating>
  <category>security</category>
  <summary>Security update for curl</summary>
  <description>This update for curl fixes the following issues:

- CVE-2020-8284: Fixed an issue where a malicius FTP server could make curl connect to a different IP (bsc#1179398).
- CVE-2020-8231: Fixed an issue with trusting FTP PASV responses (bsc#1175109).
</description>
</patchinfo>
openSUSE Build Service is sponsored by
Places