File _patchinfo of Package patchinfo.16138
<patchinfo incident="16138">
<issue tracker="bnc" id="1175109">VUL-0: EMBARGOED: CVE-2020-8231: curl: libcurl - wrong connect-only connection</issue>
<issue tracker="cve" id="2020-8231"/>
<packager>pmonrealgonzalez</packager>
<rating>moderate</rating>
<category>security</category>
<summary>Security update for curl</summary>
<description>This update for curl fixes the following issues:
- An application that performs multiple requests with libcurl's
multi API and sets the 'CURLOPT_CONNECT_ONLY' option, might in
rare circumstances experience that when subsequently using the
setup connect-only transfer, libcurl will pick and use the wrong
connection and instead pick another one the application has
created since then. [bsc#1175109, CVE-2020-8231]
</description>
</patchinfo>