Overview

File _patchinfo of Package patchinfo.16138

<patchinfo incident="16138">
  <issue tracker="bnc" id="1175109">VUL-0: EMBARGOED: CVE-2020-8231: curl: libcurl - wrong connect-only connection</issue>
  <issue tracker="cve" id="2020-8231"/>
  <packager>pmonrealgonzalez</packager>
  <rating>moderate</rating>
  <category>security</category>
  <summary>Security update for curl</summary>
  <description>This update for curl fixes the following issues:

- An application that performs multiple requests with libcurl's
  multi API and sets the 'CURLOPT_CONNECT_ONLY' option, might in
  rare circumstances experience that when subsequently using the
  setup connect-only transfer, libcurl will pick and use the wrong
  connection and instead pick another one the application has
  created since then. [bsc#1175109, CVE-2020-8231]
</description>
</patchinfo>
openSUSE Build Service is sponsored by
Places