Overview

File _patchinfo of Package patchinfo.15495

<patchinfo incident="15495">
  <issue tracker="bnc" id="1173026">VUL-0: EMBARGOED: CVE-2020-8169: curl: Partial password leak over DNS on HTTP redirect</issue>
  <issue tracker="bnc" id="1173027">VUL-0: EMBARGOED: CVE-2020-8177: curl: overwrites local files when using -J (--remote-header-name)</issue>
  <issue tracker="cve" id="2020-8177"/>
  <issue tracker="cve" id="2020-8169"/>
  <packager>pmonrealgonzalez</packager>
  <rating>important</rating>
  <category>security</category>
  <summary>Security update for curl</summary>
  <description>This update for curl fixes the following issues:

- CVE-2020-8177: Fixed an issue where curl could have been tricked by a malicious 
  server to overwrite a local file when using the -J option (bsc#1173027).	  
- CVE-2020-8169: Fixed an issue where could have led to partial password leak   
  over DNS on HTTP redirect (bsc#1173026).
</description>
</patchinfo>
openSUSE Build Service is sponsored by
Places