File _patchinfo of Package patchinfo.16141

<patchinfo incident="16141">
  <issue tracker="bnc" id="1179399">VUL-0: CVE-2020-8285: curl: libcurl: FTP wildcard stack overflow (2/3)</issue>
  <issue tracker="bnc" id="1177976">SFTP uploads via curl command result in empty uploaded files</issue>
  <issue tracker="bnc" id="1186114">VUL-0: EMBARGOED: CVE-2021-22898: curl: TELNET stack contents disclosure (1/2)</issue>
  <issue tracker="bnc" id="1183933">VUL-0: CVE-2021-22876: curl: Automatic referer leaks credentials</issue>
  <issue tracker="bnc" id="1175109">VUL-1: CVE-2020-8231: curl: libcurl - wrong connect-only connection</issue>
  <issue tracker="bnc" id="1179593">VUL-0: CVE-2020-8286: curl: Inferior OCSP verification (3/3)</issue>
  <issue tracker="bnc" id="1179398">VUL-0: CVE-2020-8284: curl: trusting FTP PASV responses (1/3)</issue>
  <issue tracker="cve" id="2020-8231"/>
  <issue tracker="cve" id="2020-8285"/>
  <issue tracker="cve" id="2020-8286"/>
  <issue tracker="cve" id="2020-8284"/>
  <issue tracker="cve" id="2021-22876"/>
  <issue tracker="cve" id="2021-22898"/>
  <packager>pmonrealgonzalez</packager>
  <rating>moderate</rating>
  <category>security</category>
  <summary>Security update for curl</summary>
  <description>This update for curl fixes the following issues:
- CVE-2021-22898: TELNET stack contents disclosure (bsc#1186114)
- CVE-2021-22876: The automatic referer leaks credentials (bsc#1183933)
- CVE-2020-8286: Inferior OCSP verification (bsc#1179593)
- CVE-2020-8285: FTP wildcard stack overflow (bsc#1179399)
- CVE-2020-8284: Trusting FTP PASV responses (bsc#1179398)
- CVE-2020-8231: libcurl will pick and use the wrong connection with multiple requests with libcurl's multi API and the 'CURLOPT_CONNECT_ONLY' option (bsc#1175109)
- Fix: SFTP uploads result in empty uploaded files (bsc#1177976)
</description>
</patchinfo>