Overview

File _patchinfo of Package patchinfo.17557

<patchinfo incident="17557">
  <issue tracker="bnc" id="1179399">VUL-0: EMBARGOED: CVE-2020-8285: curl: libcurl: FTP wildcard stack overflow (2/3)</issue>
  <issue tracker="bnc" id="1179593">VUL-0: EMBARGOED: CVE-2020-8286: curl: Inferior OCSP verification (3/3)</issue>
  <issue tracker="bnc" id="1179398">VUL-0: EMBARGOED: CVE-2020-8284: curl: trusting FTP PASV responses (1/3)</issue>
  <issue tracker="cve" id="2020-8286"/>
  <issue tracker="cve" id="2020-8285"/>
  <issue tracker="cve" id="2020-8284"/>
  <packager>pmonrealgonzalez</packager>
  <rating>moderate</rating>
  <category>security</category>
  <summary>Security update for curl</summary>
  <description>This update for curl fixes the following issues:

- CVE-2020-8286: Fixed improper OSCP verification in the client side (bsc#1179593). 
- CVE-2020-8285: Fixed a stack overflow due to FTP wildcard (bsc#1179399).
- CVE-2020-8284: Fixed an issue where a malicius FTP server could make curl connect to a different IP (bsc#1179398).	  
</description>
</patchinfo>
openSUSE Build Service is sponsored by
Places