File _patchinfo of Package patchinfo.21192

<patchinfo incident="21192">
  <issue tracker="bnc" id="1190374">VUL-0: EMBARGOED: CVE-2021-22947: curl: STARTTLS protocol injection via MITM</issue>
  <issue tracker="bnc" id="1190373">VUL-0: EMBARGOED: CVE-2021-22946: curl: Protocol downgrade required TLS bypassed</issue>
  <issue tracker="cve" id="2021-22947"/>
  <issue tracker="cve" id="2021-22946"/>
  <packager>pmonrealgonzalez</packager>
  <rating>moderate</rating>
  <category>security</category>
  <summary>Security update for curl</summary>
  <description>This update for curl fixes the following issues:

- CVE-2021-22947: Fixed STARTTLS protocol injection via MITM (bsc#1190374).
- CVE-2021-22946: Fixed protocol downgrade required TLS bypassed (bsc#1190373).
</description>
</patchinfo>
openSUSE Build Service is sponsored by