File _patchinfo of Package patchinfo.20436
<patchinfo incident="20436">
<issue tracker="bnc" id="1188219">VUL-0: EMBARGOED: CVE-2021-22924: curl: Bad connection reuse due to flawed path name checks</issue>
<issue tracker="bnc" id="1188217">VUL-0: EMBARGOED: CVE-2021-22922: curl: Wrong content via metalink not discarded</issue>
<issue tracker="bnc" id="1188218">VUL-0: EMBARGOED: CVE-2021-22923: curl: Metalink download sends credentials</issue>
<issue tracker="bnc" id="1188220">VUL-0: EMBARGOED: CVE-2021-22925: curl: TELNET stack contents disclosure again</issue>
<issue tracker="cve" id="2021-22924"/>
<issue tracker="cve" id="2021-22923"/>
<issue tracker="cve" id="2021-22925"/>
<issue tracker="cve" id="2021-22922"/>
<packager>pmonrealgonzalez</packager>
<rating>moderate</rating>
<category>security</category>
<summary>Security update for curl</summary>
<description>This update for curl fixes the following issues:
- CVE-2021-22925: TELNET stack contents disclosure again. (bsc#1188220)
- CVE-2021-22924: Bad connection reuse due to flawed path name checks. (bsc#1188219)
- CVE-2021-22923: Insufficiently Protected Credentials. (bsc#1188218)
- CVE-2021-22922: Wrong content via metalink not discarded. (bsc#1188217)
</description>
</patchinfo>