Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2014-8150
Vulnerability from cvelistv5
Published
2015-01-15 15:00
Modified
2024-08-06 13:10
Severity ?
EPSS score ?
Summary
CRLF injection vulnerability in libcurl 6.0 through 7.x before 7.40.0, when using an HTTP proxy, allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via CRLF sequences in a URL.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T13:10:50.913Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "62361", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/62361" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10131" }, { "name": "FEDORA-2015-6853", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/157188.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://advisories.mageia.org/MGASA-2015-0020.html" }, { "name": "71964", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/71964" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html" }, { "name": "1032768", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1032768" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html" }, { "name": "FEDORA-2015-0418", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-January/147856.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://curl.haxx.se/docs/adv_20150108B.html" }, { "name": "APPLE-SA-2015-08-13-2", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html" }, { "name": "RHSA-2015:1254", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2015-1254.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10743" }, { "name": "openSUSE-SU-2015:0248", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-updates/2015-02/msg00040.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/kb/HT205031" }, { "name": "FEDORA-2015-0415", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-January/147876.html" }, { "name": "USN-2474-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "http://www.ubuntu.com/usn/USN-2474-1" }, { "name": "GLSA-201701-47", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201701-47" }, { "name": "FEDORA-2015-6864", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/156945.html" }, { "name": "MDVSA-2015:021", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:021" }, { "name": "62075", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/62075" }, { "name": "DSA-3122", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2015/dsa-3122" }, { "name": "61925", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/61925" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2015-01-08T00:00:00", "descriptions": [ { "lang": "en", "value": "CRLF injection vulnerability in libcurl 6.0 through 7.x before 7.40.0, when using an HTTP proxy, allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via CRLF sequences in a URL." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-01-04T19:57:01", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat" }, "references": [ { "name": "62361", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/62361" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10131" }, { "name": "FEDORA-2015-6853", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/157188.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://advisories.mageia.org/MGASA-2015-0020.html" }, { "name": "71964", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/71964" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html" }, { "name": "1032768", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1032768" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html" }, { "name": "FEDORA-2015-0418", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-January/147856.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://curl.haxx.se/docs/adv_20150108B.html" }, { "name": "APPLE-SA-2015-08-13-2", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html" }, { "name": "RHSA-2015:1254", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2015-1254.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10743" }, { "name": "openSUSE-SU-2015:0248", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-updates/2015-02/msg00040.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/kb/HT205031" }, { "name": "FEDORA-2015-0415", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-January/147876.html" }, { "name": "USN-2474-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "http://www.ubuntu.com/usn/USN-2474-1" }, { "name": "GLSA-201701-47", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201701-47" }, { "name": "FEDORA-2015-6864", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/156945.html" }, { "name": "MDVSA-2015:021", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:021" }, { "name": "62075", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/62075" }, { "name": "DSA-3122", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2015/dsa-3122" }, { "name": "61925", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/61925" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "secalert@redhat.com", "ID": "CVE-2014-8150", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "CRLF injection vulnerability in libcurl 6.0 through 7.x before 7.40.0, when using an HTTP proxy, allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via CRLF sequences in a URL." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "62361", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/62361" }, { "name": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10131", "refsource": "CONFIRM", "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10131" }, { "name": "FEDORA-2015-6853", "refsource": "FEDORA", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/157188.html" }, { "name": "http://advisories.mageia.org/MGASA-2015-0020.html", "refsource": "CONFIRM", "url": "http://advisories.mageia.org/MGASA-2015-0020.html" }, { "name": "71964", "refsource": "BID", "url": "http://www.securityfocus.com/bid/71964" }, { "name": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html", "refsource": "CONFIRM", "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html" }, { "name": "1032768", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1032768" }, { "name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html", "refsource": "CONFIRM", "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html" }, { "name": "FEDORA-2015-0418", "refsource": "FEDORA", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-January/147856.html" }, { "name": "http://curl.haxx.se/docs/adv_20150108B.html", "refsource": "CONFIRM", "url": "http://curl.haxx.se/docs/adv_20150108B.html" }, { "name": "APPLE-SA-2015-08-13-2", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html" }, { "name": "RHSA-2015:1254", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2015-1254.html" }, { "name": "http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html", "refsource": "CONFIRM", "url": "http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html" }, { "name": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10743", "refsource": "CONFIRM", "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10743" }, { "name": "openSUSE-SU-2015:0248", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-updates/2015-02/msg00040.html" }, { "name": "https://support.apple.com/kb/HT205031", "refsource": "CONFIRM", "url": "https://support.apple.com/kb/HT205031" }, { "name": "FEDORA-2015-0415", "refsource": "FEDORA", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-January/147876.html" }, { "name": "USN-2474-1", "refsource": "UBUNTU", "url": "http://www.ubuntu.com/usn/USN-2474-1" }, { "name": "GLSA-201701-47", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201701-47" }, { "name": "FEDORA-2015-6864", "refsource": "FEDORA", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/156945.html" }, { "name": "MDVSA-2015:021", "refsource": "MANDRIVA", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:021" }, { "name": "62075", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/62075" }, { "name": "DSA-3122", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2015/dsa-3122" }, { "name": "61925", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/61925" } ] } } } }, "cveMetadata": { "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2014-8150", "datePublished": "2015-01-15T15:00:00", "dateReserved": "2014-10-10T00:00:00", "dateUpdated": "2024-08-06T13:10:50.913Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1", "meta": { "nvd": "{\"cve\":{\"id\":\"CVE-2014-8150\",\"sourceIdentifier\":\"secalert@redhat.com\",\"published\":\"2015-01-15T15:59:06.047\",\"lastModified\":\"2024-11-21T02:18:39.917\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"CRLF injection vulnerability in libcurl 6.0 through 7.x before 7.40.0, when using an HTTP proxy, allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via CRLF sequences in a URL.\"},{\"lang\":\"es\",\"value\":\"Vulnerabilidad de inyecci\u00f3n CRLF en libcurl 6.0 hasta 7.x anterior a 7.40.0, cuando utiliza un proxy HTTP, permite a atacantes remotos inyectar cabeceras HTTP arbitrarias y realizar ataques de divisi\u00f3n de respuestas HTTP a trav\u00e9s de secuencias de CRLF en una URL.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:N/I:P/A:N\",\"baseScore\":4.3,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.6,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":true}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-Other\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"16F59A04-14CF-49E2-9973-645477EA09DA\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9A8977E9-178B-4420-AB2E-BD78CEFF5AC2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:6.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C81D84BB-063A-4481-BAE0-916ED0D45A55\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:6.1:beta:*:*:*:*:*:*\",\"matchCriteriaId\":\"11807523-326F-4CEE-B5B0-8452A8F547F0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:6.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1BB7192D-C347-495D-A0E2-FC89F21BEF9C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:6.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D8D9E872-78E5-4078-B44C-1F1DDBEA9FBB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:6.3.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A8382D7A-21B0-4F91-8B01-F7155A61A432\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:6.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"85E53AA4-44DB-4A7F-AE86-E0556357C14F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:6.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"68E6FA39-BB3E-42EB-B6D6-F8EEBC80BEAB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:6.5.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5A7CEE1D-1F74-4CAF-9C2E-173D74EE4427\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:6.5.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BF24F8C7-6A85-49EA-9BA8-A775B048D98A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9D2115A8-11C4-4B59-85CA-B1F105EBD43F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CE786C2D-686F-4DD5-838A-C2B6DD76368C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C27E5503-BBE7-440B-B08F-352BC0D61D61\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.2.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E4917E4B-9E96-4EE4-8167-16C4B8111ACE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D328A0E8-D462-403C-8D70-6438D823694C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"907EFA38-22D0-4BB4-B792-8BD16B0099A7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.4.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7E865E7A-51F1-46B1-9F63-28927570668E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.4.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9FC9C909-A96E-43E5-957B-8A3A946B7C4E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6E1DCBB5-11B7-4EE2-AC6D-DC822D094102\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.5.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E579082A-DB23-44B7-80B2-92FB29321335\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.5.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"79EECAA6-3074-4771-9C77-F07A40D804F2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"03814F3E-08E6-42B6-BA88-A11C8781CC0B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.6.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"24459498-0A74-4402-A670-30F60FDFB885\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FB30E8CE-57AD-4225-8BC1-0C496A8A3D8B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.7.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F884BEE7-8AD7-4C39-B955-85578ADA7E5D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.7.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9C70D1DF-E117-409F-A4DE-8602AFCF9F50\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.7.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E546224C-AA58-4025-B921-8D5ED1365FD2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8360A6AE-9735-4019-9A24-A5045D528455\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.8.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"21EDD6A3-9D85-4E54-96BB-3A8055EB286C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BE48C5C5-DF42-495D-A5A7-D189AE873CF6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.9.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CF611F14-AC9A-4D7E-BF95-2D00D880C40B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.9.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C378EDAB-0D0C-4A63-B230-0DC8EB74C5A4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.9.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A6D6717E-CB09-493D-AD86-7D5C7782CE12\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.9.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6AF87C3C-1AF9-4015-A794-C160AD3128D6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.9.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4CDAFF2D-1F8C-45CD-BADC-8CBCEC27A8CB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.9.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F7EDAFA2-030E-438B-B83A-CF78A409D382\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.9.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6CE2A761-2015-4E52-B284-02DC7ED03636\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.9.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"83BF3E1B-2F71-4142-A2A5-EA859D806094\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"72EBCE6C-E0B9-4119-AD71-BF5CD3730D4F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.10.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5DBB2456-4B56-48CC-8A5C-55D5F9CC770B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.10.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EE20AFEE-7287-4BCE-AE29-32E967FF8F9A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.10.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1060ADF7-99EF-46B1-A999-106E86DC0562\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.10.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D66CFF54-F18B-4B82-A39D-99F1D53B6357\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.10.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9D7E1B7D-45B3-4803-B490-FDE40F018738\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.10.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2E1F9453-1FB6-4CA7-9285-A243E56667B5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.10.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F79828BB-2412-46AD-BE3C-A51B48E191AF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.10.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"72D0F13F-D56F-4C1C-A3CF-2E4E704817CC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.11.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"90A4F2E2-1B43-470E-8935-CB32F12A0124\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.11.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"797DF5C7-509E-48FD-BD04-C66E01748728\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.11.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"47BD868A-CE3B-4E39-A588-C4EDA3265A71\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.12.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4A2EE400-1C36-40F4-A9D1-9AB432F168BE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.12.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"06E3CB14-FB16-4F4E-9AD9-A02DC727FF6D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.12.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"08DCC42C-C881-4AEA-9348-E8317C54D62B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.12.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2BC4EF5A-C8CB-4F33-B4D1-E4192B179D26\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.13.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"81CEF54A-9668-4031-926F-9B978DD5CDF7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.13.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"45068C90-8915-4D19-B36B-993980E28D08\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.13.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"24543011-2458-47B5-984A-901E70084902\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.14.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FB482A9C-D577-4AEE-A08F-CAFA6586B51E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.14.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"65AF9B86-A555-4D5E-B24E-9EBF78BCD8CC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.15.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"60BBDF07-DB97-433E-B542-EFEBE45550DB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.15.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CA8BE3F8-82ED-4DD7-991E-979E950C98B1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.15.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"738AA231-4694-46E8-B559-1594263A9987\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.15.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E9E1F171-B887-499A-BF4F-538EBF347811\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.15.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"07AA276A-0EBA-4DC9-951C-8F8159FAC7A8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.15.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8DEEF534-9AD2-4439-9D69-E91D062C4647\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.16.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"63643BE1-C978-4CD2-8ED1-2B979DB0676E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.16.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F6FA04A0-9258-4654-ABCF-F41340B1FA35\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.16.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DE829230-AFDB-4131-9C6A-D9D7A66C5B57\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.16.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B7E8BA30-8087-48D4-AE1B-48326FF826B8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.16.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"47970EFF-2F51-4875-A6BD-E30614E13278\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.17.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"52C9B668-3204-41C5-A82E-262BDFA541DD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.17.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"08C8EE1E-E186-42D6-8B12-05865C73F261\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.18.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EEA3D88B-41B9-4D79-B47D-B3D6058C0C27\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.18.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C2C80901-D48E-4C2A-9BED-A40007A11C97\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.18.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"331A51E4-AA73-486F-9618-5A83965F2436\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.19.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EB32DF2C-9208-4853-ADEB-B00D764D7467\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.19.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E05636DC-7E38-4605-AAB8-81C0AE37520A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.19.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"624DF2F1-53FD-48D3-B93D-44E99C9C0C5D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.19.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F2171C7C-311A-4405-B95F-3A54966FA844\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.19.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5DE20A41-8B53-46FC-9002-69CC7495171F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.19.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"87ED9DA0-E880-4CBB-B1AC-5AEE8A004718\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.19.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5293C7F0-BF9F-4768-889A-876CE78903CC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.19.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F3EB41B3-65F3-4B0E-8CCC-325B14AF605B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.20.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"857B244C-2AFB-40C7-A893-7C6DE9871BCE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.20.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B732CE55-820A-40E0-A885-71BBB6CF8C15\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.21.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0455A5F2-1515-4CD8-BA2F-74D28E91A661\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.21.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"29034B3A-BE9D-4D68-8C56-4465C03C3693\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.21.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6249538E-FBCB-4130-91FB-DA78D7BA45DE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.21.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5E11B8A5-50A2-468F-BFB3-86DD9D28AC73\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.21.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9EAE25A0-3828-46F1-AB30-88732CBC9F38\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.21.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1533A85C-2160-445D-8787-E624AEDC5A0C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.21.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D87B9393-7EA4-43DA-900C-7E840AE2D4C2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.21.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7D1249E9-304F-4952-8DAB-8B79CE5E7D54\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.22.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"83FAF953-6A65-4FAB-BDB5-03B468CD1C9A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.23.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"29F8FF1F-A639-4161-9366-62528AAF4C07\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.23.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"812AB429-379A-4EDE-9664-5BC2989053F6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.24.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"13DD791F-C4BD-4456-955A-92E84082AA09\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.25.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4A17E442-45AA-4780-98B4-9BF764DCC1C5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.26.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F6AF544C-5F16-4434-B9FB-93B1B7318950\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.27.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CBFD9ED9-2412-44AE-9C55-0ED03A121B23\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.28.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"67CCE31B-ABDA-4F32-BAF1-B1AD0664B3E2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.28.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9E66A332-ECD1-4452-B444-FB629022FDF0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.29.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CDD3D599-35E9-4590-B5E0-3AF04D344695\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.30.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A3B6BFFB-7967-482C-9B49-4BD25C815299\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.31.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1791BF6D-2C96-4A6E-90D4-2906A73601F6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.32.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"260DD751-4145-4B75-B892-5FC932C6A305\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.33.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EFF4AD0D-2EC5-4CE8-B6B3-2EC8ED2FF118\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.34.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3EB1CB85-0A9B-4816-B471-278774EE6D4C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.35.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3831AB03-4E7E-476D-9623-58AADC188DFE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.36.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"ABACE305-2F0C-4B59-BC5C-6DF162B450E4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.37.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6FAC1B55-F492-484E-B837-E7745682DE0A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.37.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E0D57914-B40A-462B-9C78-6433BE2B2DB4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.38.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A9A12DF7-62C5-46AD-9236-E2821C64156E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.39:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4C43697D-390A-4AC0-A5D8-62B6D22245BF\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:lts:*:*:*\",\"matchCriteriaId\":\"5D37DF0F-F863-45AC-853A-3E04F9FEC7CA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*\",\"matchCriteriaId\":\"B6B7CAD7-9D4E-4FDB-88E3-1E583210A01F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*\",\"matchCriteriaId\":\"B5A6F2F3-4894-4392-8296-3B8DD2679084\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"49A63F39-30BE-443F-AF10-6245587D3359\"}]}]}],\"references\":[{\"url\":\"http://advisories.mageia.org/MGASA-2015-0020.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://curl.haxx.se/docs/adv_20150108B.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10743\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://lists.fedoraproject.org/pipermail/package-announce/2015-January/147856.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://lists.fedoraproject.org/pipermail/package-announce/2015-January/147876.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://lists.fedoraproject.org/pipermail/package-announce/2015-May/156945.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://lists.fedoraproject.org/pipermail/package-announce/2015-May/157188.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://lists.opensuse.org/opensuse-updates/2015-02/msg00040.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2015-1254.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://secunia.com/advisories/61925\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://secunia.com/advisories/62075\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://secunia.com/advisories/62361\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.debian.org/security/2015/dsa-3122\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.mandriva.com/security/advisories?name=MDVSA-2015:021\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.securityfocus.com/bid/71964\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.securitytracker.com/id/1032768\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.ubuntu.com/usn/USN-2474-1\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10131\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://security.gentoo.org/glsa/201701-47\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://support.apple.com/kb/HT205031\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://advisories.mageia.org/MGASA-2015-0020.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://curl.haxx.se/docs/adv_20150108B.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10743\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.fedoraproject.org/pipermail/package-announce/2015-January/147856.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.fedoraproject.org/pipermail/package-announce/2015-January/147876.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.fedoraproject.org/pipermail/package-announce/2015-May/156945.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.fedoraproject.org/pipermail/package-announce/2015-May/157188.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.opensuse.org/opensuse-updates/2015-02/msg00040.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2015-1254.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/61925\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/62075\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/62361\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.debian.org/security/2015/dsa-3122\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.mandriva.com/security/advisories?name=MDVSA-2015:021\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/71964\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securitytracker.com/id/1032768\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.ubuntu.com/usn/USN-2474-1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10131\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://security.gentoo.org/glsa/201701-47\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://support.apple.com/kb/HT205031\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}],\"evaluatorComment\":\"\u003ca href=\\\"http://cwe.mitre.org/data/definitions/93.html\\\" target=\\\"_blank\\\"\u003eCWE-93: CWE-93: Improper Neutralization of CRLF Sequences (\u0027CRLF Injection\u0027)\u003c/a\u003e\"}}" } }
gsd-2014-8150
Vulnerability from gsd
Modified
2023-12-13 01:22
Details
CRLF injection vulnerability in libcurl 6.0 through 7.x before 7.40.0, when using an HTTP proxy, allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via CRLF sequences in a URL.
Aliases
Aliases
{ "GSD": { "alias": "CVE-2014-8150", "description": "CRLF injection vulnerability in libcurl 6.0 through 7.x before 7.40.0, when using an HTTP proxy, allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via CRLF sequences in a URL.", "id": "GSD-2014-8150", "references": [ "https://www.suse.com/security/cve/CVE-2014-8150.html", "https://www.debian.org/security/2015/dsa-3122", "https://access.redhat.com/errata/RHSA-2015:2159", "https://access.redhat.com/errata/RHSA-2015:1254", "https://ubuntu.com/security/CVE-2014-8150", "https://advisories.mageia.org/CVE-2014-8150.html", "https://alas.aws.amazon.com/cve/html/CVE-2014-8150.html", "https://linux.oracle.com/cve/CVE-2014-8150.html" ] }, "gsd": { "metadata": { "exploitCode": "unknown", "remediation": "unknown", "reportConfidence": "confirmed", "type": "vulnerability" }, "osvSchema": { "aliases": [ "CVE-2014-8150" ], "details": "CRLF injection vulnerability in libcurl 6.0 through 7.x before 7.40.0, when using an HTTP proxy, allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via CRLF sequences in a URL.", "id": "GSD-2014-8150", "modified": "2023-12-13T01:22:49.770742Z", "schema_version": "1.4.0" } }, "namespaces": { "cve.org": { "CVE_data_meta": { "ASSIGNER": "secalert@redhat.com", "ID": "CVE-2014-8150", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "CRLF injection vulnerability in libcurl 6.0 through 7.x before 7.40.0, when using an HTTP proxy, allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via CRLF sequences in a URL." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "62361", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/62361" }, { "name": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10131", "refsource": "CONFIRM", "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10131" }, { "name": "FEDORA-2015-6853", "refsource": "FEDORA", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/157188.html" }, { "name": "http://advisories.mageia.org/MGASA-2015-0020.html", "refsource": "CONFIRM", "url": "http://advisories.mageia.org/MGASA-2015-0020.html" }, { "name": "71964", "refsource": "BID", "url": "http://www.securityfocus.com/bid/71964" }, { "name": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html", "refsource": "CONFIRM", "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html" }, { "name": "1032768", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1032768" }, { "name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html", "refsource": "CONFIRM", "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html" }, { "name": "FEDORA-2015-0418", "refsource": "FEDORA", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-January/147856.html" }, { "name": "http://curl.haxx.se/docs/adv_20150108B.html", "refsource": "CONFIRM", "url": "http://curl.haxx.se/docs/adv_20150108B.html" }, { "name": "APPLE-SA-2015-08-13-2", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html" }, { "name": "RHSA-2015:1254", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2015-1254.html" }, { "name": "http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html", "refsource": "CONFIRM", "url": "http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html" }, { "name": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10743", "refsource": "CONFIRM", "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10743" }, { "name": "openSUSE-SU-2015:0248", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-updates/2015-02/msg00040.html" }, { "name": "https://support.apple.com/kb/HT205031", "refsource": "CONFIRM", "url": "https://support.apple.com/kb/HT205031" }, { "name": "FEDORA-2015-0415", "refsource": "FEDORA", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-January/147876.html" }, { "name": "USN-2474-1", "refsource": "UBUNTU", "url": "http://www.ubuntu.com/usn/USN-2474-1" }, { "name": "GLSA-201701-47", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201701-47" }, { "name": "FEDORA-2015-6864", "refsource": "FEDORA", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/156945.html" }, { "name": "MDVSA-2015:021", "refsource": "MANDRIVA", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:021" }, { "name": "62075", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/62075" }, { "name": "DSA-3122", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2015/dsa-3122" }, { "name": "61925", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/61925" } ] } }, "nvd.nist.gov": { "configurations": { "CVE_data_version": "4.0", "nodes": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:haxx:libcurl:6.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:haxx:libcurl:6.5:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.10.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.10.5:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.12.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.12.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.15.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.15.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.16.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.16.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.19.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.19.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.20.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.21.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.21.7:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.22.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.28.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.28.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.29.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.36.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.37.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.5.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.5:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.7:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.9.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.9.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:haxx:libcurl:6.1:beta:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:haxx:libcurl:6.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:haxx:libcurl:6.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.10:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.10.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.10.8:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.11.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.13.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.13.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.13.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.15.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.15.5:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.17.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.18.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.19.5:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.19.6:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.21.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.21.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.24.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.25.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.32.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.33.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.39:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.6.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.7.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.8:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.9.5:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.9.6:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:haxx:libcurl:6.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:haxx:libcurl:6.3.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.10.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.10.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.11.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.11.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.14.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.14.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.16.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.16.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.18.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.18.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.19.7:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.20.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.21.5:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.21.6:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:haxx:libcurl:6.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:haxx:libcurl:6.5.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:haxx:libcurl:6.5.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.10.6:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.10.7:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.12.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.12.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.26.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.27.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.34.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.35.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.6:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.5.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.2.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.1.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.8.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.9:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.9.7:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.9.8:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.15.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.15.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.16.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.17.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.19.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.19.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.19.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.21.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.21.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.23.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.23.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.30.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.31.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.37.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.38.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.4.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.4.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.7.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.7.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.9.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.9.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:lts:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" } ] }, "cve": { "CVE_data_meta": { "ASSIGNER": "secalert@redhat.com", "ID": "CVE-2014-8150" }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "en", "value": "CRLF injection vulnerability in libcurl 6.0 through 7.x before 7.40.0, when using an HTTP proxy, allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via CRLF sequences in a URL." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ] } ] }, "references": { "reference_data": [ { "name": "62075", "refsource": "SECUNIA", "tags": [], "url": "http://secunia.com/advisories/62075" }, { "name": "http://curl.haxx.se/docs/adv_20150108B.html", "refsource": "CONFIRM", "tags": [ "Vendor Advisory" ], "url": "http://curl.haxx.se/docs/adv_20150108B.html" }, { "name": "61925", "refsource": "SECUNIA", "tags": [], "url": "http://secunia.com/advisories/61925" }, { "name": "DSA-3122", "refsource": "DEBIAN", "tags": [], "url": "http://www.debian.org/security/2015/dsa-3122" }, { "name": "62361", "refsource": "SECUNIA", "tags": [], "url": "http://secunia.com/advisories/62361" }, { "name": "USN-2474-1", "refsource": "UBUNTU", "tags": [], "url": "http://www.ubuntu.com/usn/USN-2474-1" }, { "name": "openSUSE-SU-2015:0248", "refsource": "SUSE", "tags": [], "url": "http://lists.opensuse.org/opensuse-updates/2015-02/msg00040.html" }, { "name": "http://advisories.mageia.org/MGASA-2015-0020.html", "refsource": "CONFIRM", "tags": [], "url": "http://advisories.mageia.org/MGASA-2015-0020.html" }, { "name": "MDVSA-2015:021", "refsource": "MANDRIVA", "tags": [], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:021" }, { "name": "FEDORA-2015-0418", "refsource": "FEDORA", "tags": [], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-January/147856.html" }, { "name": "FEDORA-2015-0415", "refsource": "FEDORA", "tags": [], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-January/147876.html" }, { "name": "FEDORA-2015-6853", "refsource": "FEDORA", "tags": [], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/157188.html" }, { "name": "FEDORA-2015-6864", "refsource": "FEDORA", "tags": [], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/156945.html" }, { "name": "APPLE-SA-2015-08-13-2", "refsource": "APPLE", "tags": [], "url": "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html" }, { "name": "https://support.apple.com/kb/HT205031", "refsource": "CONFIRM", "tags": [], "url": "https://support.apple.com/kb/HT205031" }, { "name": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html", "refsource": "CONFIRM", "tags": [], "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html" }, { "name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html", "refsource": "CONFIRM", "tags": [], "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html" }, { "name": "http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html", "refsource": "CONFIRM", "tags": [], "url": "http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html" }, { "name": "71964", "refsource": "BID", "tags": [], "url": "http://www.securityfocus.com/bid/71964" }, { "name": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10743", "refsource": "CONFIRM", "tags": [], "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10743" }, { "name": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10131", "refsource": "CONFIRM", "tags": [], "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10131" }, { "name": "GLSA-201701-47", "refsource": "GENTOO", "tags": [], "url": "https://security.gentoo.org/glsa/201701-47" }, { "name": "1032768", "refsource": "SECTRACK", "tags": [], "url": "http://www.securitytracker.com/id/1032768" }, { "name": "RHSA-2015:1254", "refsource": "REDHAT", "tags": [], "url": "http://rhn.redhat.com/errata/RHSA-2015-1254.html" } ] } }, "impact": { "baseMetricV2": { "cvssV2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": true } }, "lastModifiedDate": "2018-01-05T02:29Z", "publishedDate": "2015-01-15T15:59Z" } } }
rhsa-2015_2159
Vulnerability from csaf_redhat
Published
2015-11-19 03:26
Modified
2024-11-22 08:47
Summary
Red Hat Security Advisory: curl security, bug fix, and enhancement update
Notes
Topic
Updated curl packages that fix multiple security issues, several bugs, and
add two enhancements are now available for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having Moderate security
impact. Common Vulnerability Scoring System (CVSS) base scores, which give
detailed severity ratings, are available for each vulnerability from the
CVE links in the References section.
Details
The curl packages provide the libcurl library and the curl utility for
downloading files from servers using various protocols, including HTTP,
FTP, and LDAP.
It was found that the libcurl library did not correctly handle partial
literal IP addresses when parsing received HTTP cookies. An attacker able
to trick a user into connecting to a malicious server could use this flaw
to set the user's cookie to a crafted domain, making other cookie-related
issues easier to exploit. (CVE-2014-3613)
A flaw was found in the way the libcurl library performed the duplication
of connection handles. If an application set the CURLOPT_COPYPOSTFIELDS
option for a handle, using the handle's duplicate could cause the
application to crash or disclose a portion of its memory. (CVE-2014-3707)
It was discovered that the libcurl library failed to properly handle URLs
with embedded end-of-line characters. An attacker able to make an
application using libcurl access a specially crafted URL via an HTTP proxy
could use this flaw to inject additional headers to the request or
construct additional requests. (CVE-2014-8150)
It was discovered that libcurl implemented aspects of the NTLM and
Negotatiate authentication incorrectly. If an application uses libcurl
and the affected mechanisms in a specifc way, certain requests to a
previously NTLM-authenticated server could appears as sent by the wrong
authenticated user. Additionally, the initial set of credentials for HTTP
Negotiate-authenticated requests could be reused in subsequent requests,
although a different set of credentials was specified. (CVE-2015-3143,
CVE-2015-3148)
Red Hat would like to thank the cURL project for reporting these issues.
Bug fixes:
* An out-of-protocol fallback to SSL 3.0 was available with libcurl.
Attackers could abuse the fallback to force downgrade of the SSL version.
The fallback has been removed from libcurl. Users requiring this
functionality can explicitly enable SSL 3.0 through the libcurl API.
(BZ#1154060)
* TLS 1.1 and TLS 1.2 are no longer disabled by default in libcurl. You can
explicitly disable them through the libcurl API. (BZ#1170339)
* FTP operations such as downloading files took a significantly long time
to complete. Now, the FTP implementation in libcurl correctly sets blocking
direction and estimated timeout for connections, resulting in faster FTP
transfers. (BZ#1218272)
Enhancements:
* With the updated packages, it is possible to explicitly enable or disable
new Advanced Encryption Standard (AES) cipher suites to be used for the TLS
protocol. (BZ#1066065)
* The libcurl library did not implement a non-blocking SSL handshake, which
negatively affected performance of applications based on the libcurl multi
API. The non-blocking SSL handshake has been implemented in libcurl, and
the libcurl multi API now immediately returns the control back to the
application whenever it cannot read or write data from or to the underlying
network socket. (BZ#1091429)
* The libcurl library used an unnecessarily long blocking delay for actions
with no active file descriptors, even for short operations. Some actions,
such as resolving a host name using /etc/hosts, took a long time to
complete. The blocking code in libcurl has been modified so that the
initial delay is short and gradually increases until an event occurs.
(BZ#1130239)
All curl users are advised to upgrade to these updated packages, which
contain backported patches to correct these issues and add these
enhancements.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Moderate" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "Updated curl packages that fix multiple security issues, several bugs, and\nadd two enhancements are now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having Moderate security\nimpact. Common Vulnerability Scoring System (CVSS) base scores, which give\ndetailed severity ratings, are available for each vulnerability from the\nCVE links in the References section.", "title": "Topic" }, { "category": "general", "text": "The curl packages provide the libcurl library and the curl utility for\ndownloading files from servers using various protocols, including HTTP,\nFTP, and LDAP.\n\nIt was found that the libcurl library did not correctly handle partial\nliteral IP addresses when parsing received HTTP cookies. An attacker able\nto trick a user into connecting to a malicious server could use this flaw\nto set the user\u0027s cookie to a crafted domain, making other cookie-related\nissues easier to exploit. (CVE-2014-3613)\n\nA flaw was found in the way the libcurl library performed the duplication\nof connection handles. If an application set the CURLOPT_COPYPOSTFIELDS\noption for a handle, using the handle\u0027s duplicate could cause the\napplication to crash or disclose a portion of its memory. (CVE-2014-3707)\n\nIt was discovered that the libcurl library failed to properly handle URLs\nwith embedded end-of-line characters. An attacker able to make an\napplication using libcurl access a specially crafted URL via an HTTP proxy\ncould use this flaw to inject additional headers to the request or\nconstruct additional requests. (CVE-2014-8150)\n\nIt was discovered that libcurl implemented aspects of the NTLM and\nNegotatiate authentication incorrectly. If an application uses libcurl\nand the affected mechanisms in a specifc way, certain requests to a\npreviously NTLM-authenticated server could appears as sent by the wrong\nauthenticated user. Additionally, the initial set of credentials for HTTP\nNegotiate-authenticated requests could be reused in subsequent requests,\nalthough a different set of credentials was specified. (CVE-2015-3143,\nCVE-2015-3148)\n\nRed Hat would like to thank the cURL project for reporting these issues.\n\nBug fixes:\n\n* An out-of-protocol fallback to SSL 3.0 was available with libcurl.\nAttackers could abuse the fallback to force downgrade of the SSL version.\nThe fallback has been removed from libcurl. Users requiring this\nfunctionality can explicitly enable SSL 3.0 through the libcurl API.\n(BZ#1154060)\n\n* TLS 1.1 and TLS 1.2 are no longer disabled by default in libcurl. You can\nexplicitly disable them through the libcurl API. (BZ#1170339)\n\n* FTP operations such as downloading files took a significantly long time\nto complete. Now, the FTP implementation in libcurl correctly sets blocking\ndirection and estimated timeout for connections, resulting in faster FTP\ntransfers. (BZ#1218272)\n\nEnhancements:\n\n* With the updated packages, it is possible to explicitly enable or disable\nnew Advanced Encryption Standard (AES) cipher suites to be used for the TLS\nprotocol. (BZ#1066065)\n\n* The libcurl library did not implement a non-blocking SSL handshake, which\nnegatively affected performance of applications based on the libcurl multi\nAPI. The non-blocking SSL handshake has been implemented in libcurl, and\nthe libcurl multi API now immediately returns the control back to the\napplication whenever it cannot read or write data from or to the underlying\nnetwork socket. (BZ#1091429)\n\n* The libcurl library used an unnecessarily long blocking delay for actions\nwith no active file descriptors, even for short operations. Some actions,\nsuch as resolving a host name using /etc/hosts, took a long time to\ncomplete. The blocking code in libcurl has been modified so that the\ninitial delay is short and gradually increases until an event occurs.\n(BZ#1130239)\n\nAll curl users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues and add these\nenhancements.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2015:2159", "url": "https://access.redhat.com/errata/RHSA-2015:2159" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#moderate", "url": "https://access.redhat.com/security/updates/classification/#moderate" }, { "category": "external", "summary": "1130239", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1130239" }, { "category": "external", "summary": "1136154", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1136154" }, { "category": "external", "summary": "1154060", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1154060" }, { "category": "external", "summary": "1154941", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1154941" }, { "category": "external", "summary": "1161182", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1161182" }, { "category": "external", "summary": "1166264", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1166264" }, { "category": "external", "summary": "1170339", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1170339" }, { "category": "external", "summary": "1178692", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1178692" }, { "category": "external", "summary": "1213306", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1213306" }, { "category": "external", "summary": "1213351", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1213351" }, { "category": "external", "summary": "1218272", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1218272" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2015/rhsa-2015_2159.json" } ], "title": "Red Hat Security Advisory: curl security, bug fix, and enhancement update", "tracking": { "current_release_date": "2024-11-22T08:47:38+00:00", "generator": { "date": "2024-11-22T08:47:38+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.1" } }, "id": "RHSA-2015:2159", "initial_release_date": "2015-11-19T03:26:18+00:00", "revision_history": [ { "date": "2015-11-19T03:26:18+00:00", "number": "1", "summary": "Initial version" }, { "date": "2015-11-19T03:26:18+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-22T08:47:38+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat Enterprise Linux Client (v. 7)", "product": { "name": "Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:7::client" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux Client Optional (v. 7)", "product": { "name": "Red Hat Enterprise Linux Client Optional (v. 7)", "product_id": "7Client-optional", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:7::client" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux ComputeNode (v. 7)", "product": { "name": "Red Hat Enterprise Linux ComputeNode (v. 7)", "product_id": "7ComputeNode", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:7::computenode" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux ComputeNode Optional (v. 7)", "product": { "name": "Red Hat Enterprise Linux ComputeNode Optional (v. 7)", "product_id": "7ComputeNode-optional", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:7::computenode" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux Server (v. 7)", "product": { "name": "Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:7::server" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux Workstation (v. 7)", "product": { "name": "Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:7::workstation" } } } ], "category": "product_family", "name": "Red Hat Enterprise Linux" }, { "branches": [ { "category": "product_version", "name": "curl-debuginfo-0:7.29.0-25.el7.x86_64", "product": { "name": "curl-debuginfo-0:7.29.0-25.el7.x86_64", "product_id": "curl-debuginfo-0:7.29.0-25.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/curl-debuginfo@7.29.0-25.el7?arch=x86_64" } } }, { "category": "product_version", "name": "libcurl-devel-0:7.29.0-25.el7.x86_64", "product": { "name": "libcurl-devel-0:7.29.0-25.el7.x86_64", "product_id": "libcurl-devel-0:7.29.0-25.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/libcurl-devel@7.29.0-25.el7?arch=x86_64" } } }, { "category": "product_version", "name": "curl-0:7.29.0-25.el7.x86_64", "product": { "name": "curl-0:7.29.0-25.el7.x86_64", "product_id": "curl-0:7.29.0-25.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/curl@7.29.0-25.el7?arch=x86_64" } } }, { "category": "product_version", "name": "libcurl-0:7.29.0-25.el7.x86_64", "product": { "name": "libcurl-0:7.29.0-25.el7.x86_64", "product_id": "libcurl-0:7.29.0-25.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/libcurl@7.29.0-25.el7?arch=x86_64" } } } ], "category": "architecture", "name": "x86_64" }, { "branches": [ { "category": "product_version", "name": "libcurl-devel-0:7.29.0-25.el7.i686", "product": { "name": "libcurl-devel-0:7.29.0-25.el7.i686", "product_id": "libcurl-devel-0:7.29.0-25.el7.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/libcurl-devel@7.29.0-25.el7?arch=i686" } } }, { "category": "product_version", "name": "curl-debuginfo-0:7.29.0-25.el7.i686", "product": { "name": "curl-debuginfo-0:7.29.0-25.el7.i686", "product_id": "curl-debuginfo-0:7.29.0-25.el7.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/curl-debuginfo@7.29.0-25.el7?arch=i686" } } }, { "category": "product_version", "name": "libcurl-0:7.29.0-25.el7.i686", "product": { "name": "libcurl-0:7.29.0-25.el7.i686", "product_id": "libcurl-0:7.29.0-25.el7.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/libcurl@7.29.0-25.el7?arch=i686" } } } ], "category": "architecture", "name": "i686" }, { "branches": [ { "category": "product_version", "name": "curl-0:7.29.0-25.el7.src", "product": { "name": "curl-0:7.29.0-25.el7.src", "product_id": "curl-0:7.29.0-25.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/curl@7.29.0-25.el7?arch=src" } } } ], "category": "architecture", "name": "src" }, { "branches": [ { "category": "product_version", "name": "libcurl-devel-0:7.29.0-25.el7.ppc64", "product": { "name": "libcurl-devel-0:7.29.0-25.el7.ppc64", "product_id": "libcurl-devel-0:7.29.0-25.el7.ppc64", "product_identification_helper": { "purl": "pkg:rpm/redhat/libcurl-devel@7.29.0-25.el7?arch=ppc64" } } }, { "category": "product_version", "name": "curl-debuginfo-0:7.29.0-25.el7.ppc64", "product": { "name": "curl-debuginfo-0:7.29.0-25.el7.ppc64", "product_id": "curl-debuginfo-0:7.29.0-25.el7.ppc64", "product_identification_helper": { "purl": "pkg:rpm/redhat/curl-debuginfo@7.29.0-25.el7?arch=ppc64" } } }, { "category": "product_version", "name": "curl-0:7.29.0-25.el7.ppc64", "product": { "name": "curl-0:7.29.0-25.el7.ppc64", "product_id": "curl-0:7.29.0-25.el7.ppc64", "product_identification_helper": { "purl": "pkg:rpm/redhat/curl@7.29.0-25.el7?arch=ppc64" } } }, { "category": "product_version", "name": "libcurl-0:7.29.0-25.el7.ppc64", "product": { "name": "libcurl-0:7.29.0-25.el7.ppc64", "product_id": "libcurl-0:7.29.0-25.el7.ppc64", "product_identification_helper": { "purl": "pkg:rpm/redhat/libcurl@7.29.0-25.el7?arch=ppc64" } } } ], "category": "architecture", "name": "ppc64" }, { "branches": [ { "category": "product_version", "name": "libcurl-0:7.29.0-25.el7.ppc", "product": { "name": "libcurl-0:7.29.0-25.el7.ppc", "product_id": "libcurl-0:7.29.0-25.el7.ppc", "product_identification_helper": { "purl": "pkg:rpm/redhat/libcurl@7.29.0-25.el7?arch=ppc" } } }, { "category": "product_version", "name": "curl-debuginfo-0:7.29.0-25.el7.ppc", "product": { "name": "curl-debuginfo-0:7.29.0-25.el7.ppc", "product_id": "curl-debuginfo-0:7.29.0-25.el7.ppc", "product_identification_helper": { "purl": "pkg:rpm/redhat/curl-debuginfo@7.29.0-25.el7?arch=ppc" } } }, { "category": "product_version", "name": "libcurl-devel-0:7.29.0-25.el7.ppc", "product": { "name": "libcurl-devel-0:7.29.0-25.el7.ppc", "product_id": "libcurl-devel-0:7.29.0-25.el7.ppc", "product_identification_helper": { "purl": "pkg:rpm/redhat/libcurl-devel@7.29.0-25.el7?arch=ppc" } } } ], "category": "architecture", "name": "ppc" }, { "branches": [ { "category": "product_version", "name": "libcurl-devel-0:7.29.0-25.el7.s390x", "product": { "name": "libcurl-devel-0:7.29.0-25.el7.s390x", "product_id": "libcurl-devel-0:7.29.0-25.el7.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/libcurl-devel@7.29.0-25.el7?arch=s390x" } } }, { "category": "product_version", "name": "libcurl-0:7.29.0-25.el7.s390x", "product": { "name": "libcurl-0:7.29.0-25.el7.s390x", "product_id": "libcurl-0:7.29.0-25.el7.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/libcurl@7.29.0-25.el7?arch=s390x" } } }, { "category": "product_version", "name": "curl-debuginfo-0:7.29.0-25.el7.s390x", "product": { "name": "curl-debuginfo-0:7.29.0-25.el7.s390x", "product_id": "curl-debuginfo-0:7.29.0-25.el7.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/curl-debuginfo@7.29.0-25.el7?arch=s390x" } } }, { "category": "product_version", "name": "curl-0:7.29.0-25.el7.s390x", "product": { "name": "curl-0:7.29.0-25.el7.s390x", "product_id": "curl-0:7.29.0-25.el7.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/curl@7.29.0-25.el7?arch=s390x" } } } ], "category": "architecture", "name": "s390x" }, { "branches": [ { "category": "product_version", "name": "libcurl-devel-0:7.29.0-25.el7.s390", "product": { "name": "libcurl-devel-0:7.29.0-25.el7.s390", "product_id": "libcurl-devel-0:7.29.0-25.el7.s390", "product_identification_helper": { "purl": "pkg:rpm/redhat/libcurl-devel@7.29.0-25.el7?arch=s390" } } }, { "category": "product_version", "name": "curl-debuginfo-0:7.29.0-25.el7.s390", "product": { "name": "curl-debuginfo-0:7.29.0-25.el7.s390", "product_id": "curl-debuginfo-0:7.29.0-25.el7.s390", "product_identification_helper": { "purl": "pkg:rpm/redhat/curl-debuginfo@7.29.0-25.el7?arch=s390" } } }, { "category": "product_version", "name": "libcurl-0:7.29.0-25.el7.s390", "product": { "name": "libcurl-0:7.29.0-25.el7.s390", "product_id": "libcurl-0:7.29.0-25.el7.s390", "product_identification_helper": { "purl": "pkg:rpm/redhat/libcurl@7.29.0-25.el7?arch=s390" } } } ], "category": "architecture", "name": "s390" }, { "branches": [ { "category": "product_version", "name": "libcurl-devel-0:7.29.0-25.el7.ppc64le", "product": { "name": "libcurl-devel-0:7.29.0-25.el7.ppc64le", "product_id": "libcurl-devel-0:7.29.0-25.el7.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/libcurl-devel@7.29.0-25.el7?arch=ppc64le" } } }, { "category": "product_version", "name": "libcurl-0:7.29.0-25.el7.ppc64le", "product": { "name": "libcurl-0:7.29.0-25.el7.ppc64le", "product_id": "libcurl-0:7.29.0-25.el7.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/libcurl@7.29.0-25.el7?arch=ppc64le" } } }, { "category": "product_version", "name": "curl-0:7.29.0-25.el7.ppc64le", "product": { "name": "curl-0:7.29.0-25.el7.ppc64le", "product_id": "curl-0:7.29.0-25.el7.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/curl@7.29.0-25.el7?arch=ppc64le" } } }, { "category": "product_version", "name": "curl-debuginfo-0:7.29.0-25.el7.ppc64le", "product": { "name": "curl-debuginfo-0:7.29.0-25.el7.ppc64le", "product_id": "curl-debuginfo-0:7.29.0-25.el7.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/curl-debuginfo@7.29.0-25.el7?arch=ppc64le" } } } ], "category": "architecture", "name": "ppc64le" }, { "branches": [ { "category": "product_version", "name": "libcurl-devel-0:7.29.0-25.el7.aarch64", "product": { "name": "libcurl-devel-0:7.29.0-25.el7.aarch64", "product_id": "libcurl-devel-0:7.29.0-25.el7.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/libcurl-devel@7.29.0-25.el7?arch=aarch64" } } }, { "category": "product_version", "name": "curl-0:7.29.0-25.el7.aarch64", "product": { "name": "curl-0:7.29.0-25.el7.aarch64", "product_id": "curl-0:7.29.0-25.el7.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/curl@7.29.0-25.el7?arch=aarch64" } } }, { "category": "product_version", "name": "libcurl-0:7.29.0-25.el7.aarch64", "product": { "name": "libcurl-0:7.29.0-25.el7.aarch64", "product_id": "libcurl-0:7.29.0-25.el7.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/libcurl@7.29.0-25.el7?arch=aarch64" } } }, { "category": "product_version", "name": "curl-debuginfo-0:7.29.0-25.el7.aarch64", "product": { "name": "curl-debuginfo-0:7.29.0-25.el7.aarch64", "product_id": "curl-debuginfo-0:7.29.0-25.el7.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/curl-debuginfo@7.29.0-25.el7?arch=aarch64" } } } ], "category": "architecture", "name": "aarch64" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "curl-0:7.29.0-25.el7.aarch64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)", "product_id": "7Client-optional:curl-0:7.29.0-25.el7.aarch64" }, "product_reference": "curl-0:7.29.0-25.el7.aarch64", "relates_to_product_reference": "7Client-optional" }, { "category": "default_component_of", "full_product_name": { "name": "curl-0:7.29.0-25.el7.ppc64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)", "product_id": "7Client-optional:curl-0:7.29.0-25.el7.ppc64" }, "product_reference": "curl-0:7.29.0-25.el7.ppc64", "relates_to_product_reference": "7Client-optional" }, { "category": "default_component_of", "full_product_name": { "name": "curl-0:7.29.0-25.el7.ppc64le as a component of Red Hat Enterprise Linux Client Optional (v. 7)", "product_id": "7Client-optional:curl-0:7.29.0-25.el7.ppc64le" }, "product_reference": "curl-0:7.29.0-25.el7.ppc64le", "relates_to_product_reference": "7Client-optional" }, { "category": "default_component_of", "full_product_name": { "name": "curl-0:7.29.0-25.el7.s390x as a component of Red Hat Enterprise Linux Client Optional (v. 7)", "product_id": "7Client-optional:curl-0:7.29.0-25.el7.s390x" }, "product_reference": "curl-0:7.29.0-25.el7.s390x", "relates_to_product_reference": "7Client-optional" }, { "category": "default_component_of", "full_product_name": { "name": "curl-0:7.29.0-25.el7.src as a component of Red Hat Enterprise Linux Client Optional (v. 7)", "product_id": "7Client-optional:curl-0:7.29.0-25.el7.src" }, "product_reference": "curl-0:7.29.0-25.el7.src", "relates_to_product_reference": "7Client-optional" }, { "category": "default_component_of", "full_product_name": { "name": "curl-0:7.29.0-25.el7.x86_64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)", "product_id": "7Client-optional:curl-0:7.29.0-25.el7.x86_64" }, "product_reference": "curl-0:7.29.0-25.el7.x86_64", "relates_to_product_reference": "7Client-optional" }, { "category": "default_component_of", "full_product_name": { "name": "curl-debuginfo-0:7.29.0-25.el7.aarch64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)", "product_id": "7Client-optional:curl-debuginfo-0:7.29.0-25.el7.aarch64" }, "product_reference": "curl-debuginfo-0:7.29.0-25.el7.aarch64", "relates_to_product_reference": "7Client-optional" }, { "category": "default_component_of", "full_product_name": { "name": "curl-debuginfo-0:7.29.0-25.el7.i686 as a component of Red Hat Enterprise Linux Client Optional (v. 7)", "product_id": "7Client-optional:curl-debuginfo-0:7.29.0-25.el7.i686" }, "product_reference": "curl-debuginfo-0:7.29.0-25.el7.i686", "relates_to_product_reference": "7Client-optional" }, { "category": "default_component_of", "full_product_name": { "name": "curl-debuginfo-0:7.29.0-25.el7.ppc as a component of Red Hat Enterprise Linux Client Optional (v. 7)", "product_id": "7Client-optional:curl-debuginfo-0:7.29.0-25.el7.ppc" }, "product_reference": "curl-debuginfo-0:7.29.0-25.el7.ppc", "relates_to_product_reference": "7Client-optional" }, { "category": "default_component_of", "full_product_name": { "name": "curl-debuginfo-0:7.29.0-25.el7.ppc64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)", "product_id": "7Client-optional:curl-debuginfo-0:7.29.0-25.el7.ppc64" }, "product_reference": "curl-debuginfo-0:7.29.0-25.el7.ppc64", "relates_to_product_reference": "7Client-optional" }, { "category": "default_component_of", "full_product_name": { "name": "curl-debuginfo-0:7.29.0-25.el7.ppc64le as a component of Red Hat Enterprise Linux Client Optional (v. 7)", "product_id": "7Client-optional:curl-debuginfo-0:7.29.0-25.el7.ppc64le" }, "product_reference": "curl-debuginfo-0:7.29.0-25.el7.ppc64le", "relates_to_product_reference": "7Client-optional" }, { "category": "default_component_of", "full_product_name": { "name": "curl-debuginfo-0:7.29.0-25.el7.s390 as a component of Red Hat Enterprise Linux Client Optional (v. 7)", "product_id": "7Client-optional:curl-debuginfo-0:7.29.0-25.el7.s390" }, "product_reference": "curl-debuginfo-0:7.29.0-25.el7.s390", "relates_to_product_reference": "7Client-optional" }, { "category": "default_component_of", "full_product_name": { "name": "curl-debuginfo-0:7.29.0-25.el7.s390x as a component of Red Hat Enterprise Linux Client Optional (v. 7)", "product_id": "7Client-optional:curl-debuginfo-0:7.29.0-25.el7.s390x" }, "product_reference": "curl-debuginfo-0:7.29.0-25.el7.s390x", "relates_to_product_reference": "7Client-optional" }, { "category": "default_component_of", "full_product_name": { "name": "curl-debuginfo-0:7.29.0-25.el7.x86_64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)", "product_id": "7Client-optional:curl-debuginfo-0:7.29.0-25.el7.x86_64" }, "product_reference": "curl-debuginfo-0:7.29.0-25.el7.x86_64", "relates_to_product_reference": "7Client-optional" }, { "category": "default_component_of", "full_product_name": { "name": "libcurl-0:7.29.0-25.el7.aarch64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)", "product_id": "7Client-optional:libcurl-0:7.29.0-25.el7.aarch64" }, "product_reference": "libcurl-0:7.29.0-25.el7.aarch64", "relates_to_product_reference": "7Client-optional" }, { "category": "default_component_of", "full_product_name": { "name": "libcurl-0:7.29.0-25.el7.i686 as a component of Red Hat Enterprise Linux Client Optional (v. 7)", "product_id": "7Client-optional:libcurl-0:7.29.0-25.el7.i686" }, "product_reference": "libcurl-0:7.29.0-25.el7.i686", "relates_to_product_reference": "7Client-optional" }, { "category": "default_component_of", "full_product_name": { "name": "libcurl-0:7.29.0-25.el7.ppc as a component of Red Hat Enterprise Linux Client Optional (v. 7)", "product_id": "7Client-optional:libcurl-0:7.29.0-25.el7.ppc" }, "product_reference": "libcurl-0:7.29.0-25.el7.ppc", "relates_to_product_reference": "7Client-optional" }, { "category": "default_component_of", "full_product_name": { "name": "libcurl-0:7.29.0-25.el7.ppc64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)", "product_id": "7Client-optional:libcurl-0:7.29.0-25.el7.ppc64" }, "product_reference": "libcurl-0:7.29.0-25.el7.ppc64", "relates_to_product_reference": "7Client-optional" }, { "category": "default_component_of", "full_product_name": { "name": "libcurl-0:7.29.0-25.el7.ppc64le as a component of Red Hat Enterprise Linux Client Optional (v. 7)", "product_id": "7Client-optional:libcurl-0:7.29.0-25.el7.ppc64le" }, "product_reference": "libcurl-0:7.29.0-25.el7.ppc64le", "relates_to_product_reference": "7Client-optional" }, { "category": "default_component_of", "full_product_name": { "name": "libcurl-0:7.29.0-25.el7.s390 as a component of Red Hat Enterprise Linux Client Optional (v. 7)", "product_id": "7Client-optional:libcurl-0:7.29.0-25.el7.s390" }, "product_reference": "libcurl-0:7.29.0-25.el7.s390", "relates_to_product_reference": "7Client-optional" }, { "category": "default_component_of", "full_product_name": { "name": "libcurl-0:7.29.0-25.el7.s390x as a component of Red Hat Enterprise Linux Client Optional (v. 7)", "product_id": "7Client-optional:libcurl-0:7.29.0-25.el7.s390x" }, "product_reference": "libcurl-0:7.29.0-25.el7.s390x", "relates_to_product_reference": "7Client-optional" }, { "category": "default_component_of", "full_product_name": { "name": "libcurl-0:7.29.0-25.el7.x86_64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)", "product_id": "7Client-optional:libcurl-0:7.29.0-25.el7.x86_64" }, "product_reference": "libcurl-0:7.29.0-25.el7.x86_64", "relates_to_product_reference": "7Client-optional" }, { "category": "default_component_of", "full_product_name": { "name": "libcurl-devel-0:7.29.0-25.el7.aarch64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)", "product_id": "7Client-optional:libcurl-devel-0:7.29.0-25.el7.aarch64" }, "product_reference": "libcurl-devel-0:7.29.0-25.el7.aarch64", "relates_to_product_reference": "7Client-optional" }, { "category": "default_component_of", "full_product_name": { "name": "libcurl-devel-0:7.29.0-25.el7.i686 as a component of Red Hat Enterprise Linux Client Optional (v. 7)", "product_id": "7Client-optional:libcurl-devel-0:7.29.0-25.el7.i686" }, "product_reference": "libcurl-devel-0:7.29.0-25.el7.i686", "relates_to_product_reference": "7Client-optional" }, { "category": "default_component_of", "full_product_name": { "name": "libcurl-devel-0:7.29.0-25.el7.ppc as a component of Red Hat Enterprise Linux Client Optional (v. 7)", "product_id": "7Client-optional:libcurl-devel-0:7.29.0-25.el7.ppc" }, "product_reference": "libcurl-devel-0:7.29.0-25.el7.ppc", "relates_to_product_reference": "7Client-optional" }, { "category": "default_component_of", "full_product_name": { "name": "libcurl-devel-0:7.29.0-25.el7.ppc64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)", "product_id": "7Client-optional:libcurl-devel-0:7.29.0-25.el7.ppc64" }, "product_reference": "libcurl-devel-0:7.29.0-25.el7.ppc64", "relates_to_product_reference": "7Client-optional" }, { "category": "default_component_of", "full_product_name": { "name": "libcurl-devel-0:7.29.0-25.el7.ppc64le as a component of Red Hat Enterprise Linux Client Optional (v. 7)", "product_id": "7Client-optional:libcurl-devel-0:7.29.0-25.el7.ppc64le" }, "product_reference": "libcurl-devel-0:7.29.0-25.el7.ppc64le", "relates_to_product_reference": "7Client-optional" }, { "category": "default_component_of", "full_product_name": { "name": "libcurl-devel-0:7.29.0-25.el7.s390 as a component of Red Hat Enterprise Linux Client Optional (v. 7)", "product_id": "7Client-optional:libcurl-devel-0:7.29.0-25.el7.s390" }, "product_reference": "libcurl-devel-0:7.29.0-25.el7.s390", "relates_to_product_reference": "7Client-optional" }, { "category": "default_component_of", "full_product_name": { "name": "libcurl-devel-0:7.29.0-25.el7.s390x as a component of Red Hat Enterprise Linux Client Optional (v. 7)", "product_id": "7Client-optional:libcurl-devel-0:7.29.0-25.el7.s390x" }, "product_reference": "libcurl-devel-0:7.29.0-25.el7.s390x", "relates_to_product_reference": "7Client-optional" }, { "category": "default_component_of", "full_product_name": { "name": "libcurl-devel-0:7.29.0-25.el7.x86_64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)", "product_id": "7Client-optional:libcurl-devel-0:7.29.0-25.el7.x86_64" }, "product_reference": "libcurl-devel-0:7.29.0-25.el7.x86_64", "relates_to_product_reference": "7Client-optional" }, { "category": "default_component_of", "full_product_name": { "name": "curl-0:7.29.0-25.el7.aarch64 as a component of Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client:curl-0:7.29.0-25.el7.aarch64" }, "product_reference": "curl-0:7.29.0-25.el7.aarch64", "relates_to_product_reference": "7Client" }, { "category": "default_component_of", "full_product_name": { "name": "curl-0:7.29.0-25.el7.ppc64 as a component of Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client:curl-0:7.29.0-25.el7.ppc64" }, "product_reference": "curl-0:7.29.0-25.el7.ppc64", "relates_to_product_reference": "7Client" }, { "category": "default_component_of", "full_product_name": { "name": "curl-0:7.29.0-25.el7.ppc64le as a component of Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client:curl-0:7.29.0-25.el7.ppc64le" }, "product_reference": "curl-0:7.29.0-25.el7.ppc64le", "relates_to_product_reference": "7Client" }, { "category": "default_component_of", "full_product_name": { "name": "curl-0:7.29.0-25.el7.s390x as a component of Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client:curl-0:7.29.0-25.el7.s390x" }, "product_reference": "curl-0:7.29.0-25.el7.s390x", "relates_to_product_reference": "7Client" }, { "category": "default_component_of", "full_product_name": { "name": "curl-0:7.29.0-25.el7.src as a component of Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client:curl-0:7.29.0-25.el7.src" }, "product_reference": "curl-0:7.29.0-25.el7.src", "relates_to_product_reference": "7Client" }, { "category": "default_component_of", "full_product_name": { "name": "curl-0:7.29.0-25.el7.x86_64 as a component of Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client:curl-0:7.29.0-25.el7.x86_64" }, "product_reference": "curl-0:7.29.0-25.el7.x86_64", "relates_to_product_reference": "7Client" }, { "category": "default_component_of", "full_product_name": { "name": "curl-debuginfo-0:7.29.0-25.el7.aarch64 as a component of Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client:curl-debuginfo-0:7.29.0-25.el7.aarch64" }, "product_reference": "curl-debuginfo-0:7.29.0-25.el7.aarch64", "relates_to_product_reference": "7Client" }, { "category": "default_component_of", "full_product_name": { "name": "curl-debuginfo-0:7.29.0-25.el7.i686 as a component of Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client:curl-debuginfo-0:7.29.0-25.el7.i686" }, "product_reference": "curl-debuginfo-0:7.29.0-25.el7.i686", "relates_to_product_reference": "7Client" }, { "category": "default_component_of", "full_product_name": { "name": "curl-debuginfo-0:7.29.0-25.el7.ppc as a component of Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client:curl-debuginfo-0:7.29.0-25.el7.ppc" }, "product_reference": "curl-debuginfo-0:7.29.0-25.el7.ppc", "relates_to_product_reference": "7Client" }, { "category": "default_component_of", "full_product_name": { "name": "curl-debuginfo-0:7.29.0-25.el7.ppc64 as a component of Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client:curl-debuginfo-0:7.29.0-25.el7.ppc64" }, "product_reference": "curl-debuginfo-0:7.29.0-25.el7.ppc64", "relates_to_product_reference": "7Client" }, { "category": "default_component_of", "full_product_name": { "name": "curl-debuginfo-0:7.29.0-25.el7.ppc64le as a component of Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client:curl-debuginfo-0:7.29.0-25.el7.ppc64le" }, "product_reference": "curl-debuginfo-0:7.29.0-25.el7.ppc64le", "relates_to_product_reference": "7Client" }, { "category": "default_component_of", "full_product_name": { "name": "curl-debuginfo-0:7.29.0-25.el7.s390 as a component of Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client:curl-debuginfo-0:7.29.0-25.el7.s390" }, "product_reference": "curl-debuginfo-0:7.29.0-25.el7.s390", "relates_to_product_reference": "7Client" }, { "category": "default_component_of", "full_product_name": { "name": "curl-debuginfo-0:7.29.0-25.el7.s390x as a component of Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client:curl-debuginfo-0:7.29.0-25.el7.s390x" }, "product_reference": "curl-debuginfo-0:7.29.0-25.el7.s390x", "relates_to_product_reference": "7Client" }, { "category": "default_component_of", "full_product_name": { "name": "curl-debuginfo-0:7.29.0-25.el7.x86_64 as a component of Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client:curl-debuginfo-0:7.29.0-25.el7.x86_64" }, "product_reference": "curl-debuginfo-0:7.29.0-25.el7.x86_64", "relates_to_product_reference": "7Client" }, { "category": "default_component_of", "full_product_name": { "name": "libcurl-0:7.29.0-25.el7.aarch64 as a component of Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client:libcurl-0:7.29.0-25.el7.aarch64" }, "product_reference": "libcurl-0:7.29.0-25.el7.aarch64", "relates_to_product_reference": "7Client" }, { "category": "default_component_of", "full_product_name": { "name": "libcurl-0:7.29.0-25.el7.i686 as a component of Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client:libcurl-0:7.29.0-25.el7.i686" }, "product_reference": "libcurl-0:7.29.0-25.el7.i686", "relates_to_product_reference": "7Client" }, { "category": "default_component_of", "full_product_name": { "name": "libcurl-0:7.29.0-25.el7.ppc as a component of Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client:libcurl-0:7.29.0-25.el7.ppc" }, "product_reference": "libcurl-0:7.29.0-25.el7.ppc", "relates_to_product_reference": "7Client" }, { "category": "default_component_of", "full_product_name": { "name": "libcurl-0:7.29.0-25.el7.ppc64 as a component of Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client:libcurl-0:7.29.0-25.el7.ppc64" }, "product_reference": "libcurl-0:7.29.0-25.el7.ppc64", "relates_to_product_reference": "7Client" }, { "category": "default_component_of", "full_product_name": { "name": "libcurl-0:7.29.0-25.el7.ppc64le as a component of Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client:libcurl-0:7.29.0-25.el7.ppc64le" }, "product_reference": "libcurl-0:7.29.0-25.el7.ppc64le", "relates_to_product_reference": "7Client" }, { "category": "default_component_of", "full_product_name": { "name": "libcurl-0:7.29.0-25.el7.s390 as a component of Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client:libcurl-0:7.29.0-25.el7.s390" }, "product_reference": "libcurl-0:7.29.0-25.el7.s390", "relates_to_product_reference": "7Client" }, { "category": "default_component_of", "full_product_name": { "name": "libcurl-0:7.29.0-25.el7.s390x as a component of Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client:libcurl-0:7.29.0-25.el7.s390x" }, "product_reference": "libcurl-0:7.29.0-25.el7.s390x", "relates_to_product_reference": "7Client" }, { "category": "default_component_of", "full_product_name": { "name": "libcurl-0:7.29.0-25.el7.x86_64 as a component of Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client:libcurl-0:7.29.0-25.el7.x86_64" }, "product_reference": "libcurl-0:7.29.0-25.el7.x86_64", "relates_to_product_reference": "7Client" }, { "category": "default_component_of", "full_product_name": { "name": "libcurl-devel-0:7.29.0-25.el7.aarch64 as a component of Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client:libcurl-devel-0:7.29.0-25.el7.aarch64" }, "product_reference": "libcurl-devel-0:7.29.0-25.el7.aarch64", "relates_to_product_reference": "7Client" }, { "category": "default_component_of", "full_product_name": { "name": "libcurl-devel-0:7.29.0-25.el7.i686 as a component of Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client:libcurl-devel-0:7.29.0-25.el7.i686" }, "product_reference": "libcurl-devel-0:7.29.0-25.el7.i686", "relates_to_product_reference": "7Client" }, { "category": "default_component_of", "full_product_name": { "name": "libcurl-devel-0:7.29.0-25.el7.ppc as a component of Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client:libcurl-devel-0:7.29.0-25.el7.ppc" }, "product_reference": "libcurl-devel-0:7.29.0-25.el7.ppc", "relates_to_product_reference": "7Client" }, { "category": "default_component_of", "full_product_name": { "name": "libcurl-devel-0:7.29.0-25.el7.ppc64 as a component of Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client:libcurl-devel-0:7.29.0-25.el7.ppc64" }, "product_reference": "libcurl-devel-0:7.29.0-25.el7.ppc64", "relates_to_product_reference": "7Client" }, { "category": "default_component_of", "full_product_name": { "name": "libcurl-devel-0:7.29.0-25.el7.ppc64le as a component of Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client:libcurl-devel-0:7.29.0-25.el7.ppc64le" }, "product_reference": "libcurl-devel-0:7.29.0-25.el7.ppc64le", "relates_to_product_reference": "7Client" }, { "category": "default_component_of", "full_product_name": { "name": "libcurl-devel-0:7.29.0-25.el7.s390 as a component of Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client:libcurl-devel-0:7.29.0-25.el7.s390" }, "product_reference": "libcurl-devel-0:7.29.0-25.el7.s390", "relates_to_product_reference": "7Client" }, { "category": "default_component_of", "full_product_name": { "name": "libcurl-devel-0:7.29.0-25.el7.s390x as a component of Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client:libcurl-devel-0:7.29.0-25.el7.s390x" }, "product_reference": "libcurl-devel-0:7.29.0-25.el7.s390x", "relates_to_product_reference": "7Client" }, { "category": "default_component_of", "full_product_name": { "name": "libcurl-devel-0:7.29.0-25.el7.x86_64 as a component of Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client:libcurl-devel-0:7.29.0-25.el7.x86_64" }, "product_reference": "libcurl-devel-0:7.29.0-25.el7.x86_64", "relates_to_product_reference": "7Client" }, { "category": "default_component_of", "full_product_name": { "name": "curl-0:7.29.0-25.el7.aarch64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", "product_id": "7ComputeNode-optional:curl-0:7.29.0-25.el7.aarch64" }, "product_reference": "curl-0:7.29.0-25.el7.aarch64", "relates_to_product_reference": "7ComputeNode-optional" }, { "category": "default_component_of", "full_product_name": { "name": "curl-0:7.29.0-25.el7.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", "product_id": "7ComputeNode-optional:curl-0:7.29.0-25.el7.ppc64" }, "product_reference": "curl-0:7.29.0-25.el7.ppc64", "relates_to_product_reference": "7ComputeNode-optional" }, { "category": "default_component_of", "full_product_name": { "name": "curl-0:7.29.0-25.el7.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", "product_id": "7ComputeNode-optional:curl-0:7.29.0-25.el7.ppc64le" }, "product_reference": "curl-0:7.29.0-25.el7.ppc64le", "relates_to_product_reference": "7ComputeNode-optional" }, { "category": "default_component_of", "full_product_name": { "name": "curl-0:7.29.0-25.el7.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", "product_id": "7ComputeNode-optional:curl-0:7.29.0-25.el7.s390x" }, "product_reference": "curl-0:7.29.0-25.el7.s390x", "relates_to_product_reference": "7ComputeNode-optional" }, { "category": "default_component_of", "full_product_name": { "name": "curl-0:7.29.0-25.el7.src as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", "product_id": "7ComputeNode-optional:curl-0:7.29.0-25.el7.src" }, "product_reference": "curl-0:7.29.0-25.el7.src", "relates_to_product_reference": "7ComputeNode-optional" }, { "category": "default_component_of", "full_product_name": { "name": "curl-0:7.29.0-25.el7.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", "product_id": "7ComputeNode-optional:curl-0:7.29.0-25.el7.x86_64" }, "product_reference": "curl-0:7.29.0-25.el7.x86_64", "relates_to_product_reference": "7ComputeNode-optional" }, { "category": "default_component_of", "full_product_name": { "name": "curl-debuginfo-0:7.29.0-25.el7.aarch64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", "product_id": "7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.aarch64" }, "product_reference": "curl-debuginfo-0:7.29.0-25.el7.aarch64", "relates_to_product_reference": "7ComputeNode-optional" }, { "category": "default_component_of", "full_product_name": { "name": "curl-debuginfo-0:7.29.0-25.el7.i686 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", "product_id": "7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.i686" }, "product_reference": "curl-debuginfo-0:7.29.0-25.el7.i686", "relates_to_product_reference": "7ComputeNode-optional" }, { "category": "default_component_of", "full_product_name": { "name": "curl-debuginfo-0:7.29.0-25.el7.ppc as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", "product_id": "7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.ppc" }, "product_reference": "curl-debuginfo-0:7.29.0-25.el7.ppc", "relates_to_product_reference": "7ComputeNode-optional" }, { "category": "default_component_of", "full_product_name": { "name": "curl-debuginfo-0:7.29.0-25.el7.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", "product_id": "7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.ppc64" }, "product_reference": "curl-debuginfo-0:7.29.0-25.el7.ppc64", "relates_to_product_reference": "7ComputeNode-optional" }, { "category": "default_component_of", "full_product_name": { "name": "curl-debuginfo-0:7.29.0-25.el7.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", "product_id": "7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.ppc64le" }, "product_reference": "curl-debuginfo-0:7.29.0-25.el7.ppc64le", "relates_to_product_reference": "7ComputeNode-optional" }, { "category": "default_component_of", "full_product_name": { "name": "curl-debuginfo-0:7.29.0-25.el7.s390 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", "product_id": "7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.s390" }, "product_reference": "curl-debuginfo-0:7.29.0-25.el7.s390", "relates_to_product_reference": "7ComputeNode-optional" }, { "category": "default_component_of", "full_product_name": { "name": "curl-debuginfo-0:7.29.0-25.el7.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", "product_id": "7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.s390x" }, "product_reference": "curl-debuginfo-0:7.29.0-25.el7.s390x", "relates_to_product_reference": "7ComputeNode-optional" }, { "category": "default_component_of", "full_product_name": { "name": "curl-debuginfo-0:7.29.0-25.el7.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", "product_id": "7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.x86_64" }, "product_reference": "curl-debuginfo-0:7.29.0-25.el7.x86_64", "relates_to_product_reference": "7ComputeNode-optional" }, { "category": "default_component_of", "full_product_name": { "name": "libcurl-0:7.29.0-25.el7.aarch64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", "product_id": "7ComputeNode-optional:libcurl-0:7.29.0-25.el7.aarch64" }, "product_reference": "libcurl-0:7.29.0-25.el7.aarch64", "relates_to_product_reference": "7ComputeNode-optional" }, { "category": "default_component_of", "full_product_name": { "name": "libcurl-0:7.29.0-25.el7.i686 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", "product_id": "7ComputeNode-optional:libcurl-0:7.29.0-25.el7.i686" }, "product_reference": "libcurl-0:7.29.0-25.el7.i686", "relates_to_product_reference": "7ComputeNode-optional" }, { "category": "default_component_of", "full_product_name": { "name": "libcurl-0:7.29.0-25.el7.ppc as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", "product_id": "7ComputeNode-optional:libcurl-0:7.29.0-25.el7.ppc" }, "product_reference": "libcurl-0:7.29.0-25.el7.ppc", "relates_to_product_reference": "7ComputeNode-optional" }, { "category": "default_component_of", "full_product_name": { "name": "libcurl-0:7.29.0-25.el7.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", "product_id": "7ComputeNode-optional:libcurl-0:7.29.0-25.el7.ppc64" }, "product_reference": "libcurl-0:7.29.0-25.el7.ppc64", "relates_to_product_reference": "7ComputeNode-optional" }, { "category": "default_component_of", "full_product_name": { "name": "libcurl-0:7.29.0-25.el7.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", "product_id": "7ComputeNode-optional:libcurl-0:7.29.0-25.el7.ppc64le" }, "product_reference": "libcurl-0:7.29.0-25.el7.ppc64le", "relates_to_product_reference": "7ComputeNode-optional" }, { "category": "default_component_of", "full_product_name": { "name": "libcurl-0:7.29.0-25.el7.s390 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", "product_id": "7ComputeNode-optional:libcurl-0:7.29.0-25.el7.s390" }, "product_reference": "libcurl-0:7.29.0-25.el7.s390", "relates_to_product_reference": "7ComputeNode-optional" }, { "category": "default_component_of", "full_product_name": { "name": "libcurl-0:7.29.0-25.el7.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", "product_id": "7ComputeNode-optional:libcurl-0:7.29.0-25.el7.s390x" }, "product_reference": "libcurl-0:7.29.0-25.el7.s390x", "relates_to_product_reference": "7ComputeNode-optional" }, { "category": "default_component_of", "full_product_name": { "name": "libcurl-0:7.29.0-25.el7.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", "product_id": "7ComputeNode-optional:libcurl-0:7.29.0-25.el7.x86_64" }, "product_reference": "libcurl-0:7.29.0-25.el7.x86_64", "relates_to_product_reference": "7ComputeNode-optional" }, { "category": "default_component_of", "full_product_name": { "name": "libcurl-devel-0:7.29.0-25.el7.aarch64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", "product_id": "7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.aarch64" }, "product_reference": "libcurl-devel-0:7.29.0-25.el7.aarch64", "relates_to_product_reference": "7ComputeNode-optional" }, { "category": "default_component_of", "full_product_name": { "name": "libcurl-devel-0:7.29.0-25.el7.i686 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", "product_id": "7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.i686" }, "product_reference": "libcurl-devel-0:7.29.0-25.el7.i686", "relates_to_product_reference": "7ComputeNode-optional" }, { "category": "default_component_of", "full_product_name": { "name": "libcurl-devel-0:7.29.0-25.el7.ppc as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", "product_id": "7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.ppc" }, "product_reference": "libcurl-devel-0:7.29.0-25.el7.ppc", "relates_to_product_reference": "7ComputeNode-optional" }, { "category": "default_component_of", "full_product_name": { "name": "libcurl-devel-0:7.29.0-25.el7.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", "product_id": "7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.ppc64" }, "product_reference": "libcurl-devel-0:7.29.0-25.el7.ppc64", "relates_to_product_reference": "7ComputeNode-optional" }, { "category": "default_component_of", "full_product_name": { "name": "libcurl-devel-0:7.29.0-25.el7.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", "product_id": "7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.ppc64le" }, "product_reference": "libcurl-devel-0:7.29.0-25.el7.ppc64le", "relates_to_product_reference": "7ComputeNode-optional" }, { "category": "default_component_of", "full_product_name": { "name": "libcurl-devel-0:7.29.0-25.el7.s390 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", "product_id": "7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.s390" }, "product_reference": "libcurl-devel-0:7.29.0-25.el7.s390", "relates_to_product_reference": "7ComputeNode-optional" }, { "category": "default_component_of", "full_product_name": { "name": "libcurl-devel-0:7.29.0-25.el7.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", "product_id": "7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.s390x" }, "product_reference": "libcurl-devel-0:7.29.0-25.el7.s390x", "relates_to_product_reference": "7ComputeNode-optional" }, { "category": "default_component_of", "full_product_name": { "name": "libcurl-devel-0:7.29.0-25.el7.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", "product_id": "7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.x86_64" }, "product_reference": "libcurl-devel-0:7.29.0-25.el7.x86_64", "relates_to_product_reference": "7ComputeNode-optional" }, { "category": "default_component_of", "full_product_name": { "name": "curl-0:7.29.0-25.el7.aarch64 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", "product_id": "7ComputeNode:curl-0:7.29.0-25.el7.aarch64" }, "product_reference": "curl-0:7.29.0-25.el7.aarch64", "relates_to_product_reference": "7ComputeNode" }, { "category": "default_component_of", "full_product_name": { "name": "curl-0:7.29.0-25.el7.ppc64 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", "product_id": "7ComputeNode:curl-0:7.29.0-25.el7.ppc64" }, "product_reference": "curl-0:7.29.0-25.el7.ppc64", "relates_to_product_reference": "7ComputeNode" }, { "category": "default_component_of", "full_product_name": { "name": "curl-0:7.29.0-25.el7.ppc64le as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", "product_id": "7ComputeNode:curl-0:7.29.0-25.el7.ppc64le" }, "product_reference": "curl-0:7.29.0-25.el7.ppc64le", "relates_to_product_reference": "7ComputeNode" }, { "category": "default_component_of", "full_product_name": { "name": "curl-0:7.29.0-25.el7.s390x as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", "product_id": "7ComputeNode:curl-0:7.29.0-25.el7.s390x" }, "product_reference": "curl-0:7.29.0-25.el7.s390x", "relates_to_product_reference": "7ComputeNode" }, { "category": "default_component_of", "full_product_name": { "name": "curl-0:7.29.0-25.el7.src as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", "product_id": "7ComputeNode:curl-0:7.29.0-25.el7.src" }, "product_reference": "curl-0:7.29.0-25.el7.src", "relates_to_product_reference": "7ComputeNode" }, { "category": "default_component_of", "full_product_name": { "name": "curl-0:7.29.0-25.el7.x86_64 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", "product_id": "7ComputeNode:curl-0:7.29.0-25.el7.x86_64" }, "product_reference": "curl-0:7.29.0-25.el7.x86_64", "relates_to_product_reference": "7ComputeNode" }, { "category": "default_component_of", "full_product_name": { "name": "curl-debuginfo-0:7.29.0-25.el7.aarch64 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", "product_id": "7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.aarch64" }, "product_reference": "curl-debuginfo-0:7.29.0-25.el7.aarch64", "relates_to_product_reference": "7ComputeNode" }, { "category": "default_component_of", "full_product_name": { "name": "curl-debuginfo-0:7.29.0-25.el7.i686 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", "product_id": "7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.i686" }, "product_reference": "curl-debuginfo-0:7.29.0-25.el7.i686", "relates_to_product_reference": "7ComputeNode" }, { "category": "default_component_of", "full_product_name": { "name": "curl-debuginfo-0:7.29.0-25.el7.ppc as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", "product_id": "7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.ppc" }, "product_reference": "curl-debuginfo-0:7.29.0-25.el7.ppc", "relates_to_product_reference": "7ComputeNode" }, { "category": "default_component_of", "full_product_name": { "name": "curl-debuginfo-0:7.29.0-25.el7.ppc64 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", "product_id": "7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.ppc64" }, "product_reference": "curl-debuginfo-0:7.29.0-25.el7.ppc64", "relates_to_product_reference": "7ComputeNode" }, { "category": "default_component_of", "full_product_name": { "name": "curl-debuginfo-0:7.29.0-25.el7.ppc64le as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", "product_id": "7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.ppc64le" }, "product_reference": "curl-debuginfo-0:7.29.0-25.el7.ppc64le", "relates_to_product_reference": "7ComputeNode" }, { "category": "default_component_of", "full_product_name": { "name": "curl-debuginfo-0:7.29.0-25.el7.s390 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", "product_id": "7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.s390" }, "product_reference": "curl-debuginfo-0:7.29.0-25.el7.s390", "relates_to_product_reference": "7ComputeNode" }, { "category": "default_component_of", "full_product_name": { "name": "curl-debuginfo-0:7.29.0-25.el7.s390x as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", "product_id": "7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.s390x" }, "product_reference": "curl-debuginfo-0:7.29.0-25.el7.s390x", "relates_to_product_reference": "7ComputeNode" }, { "category": "default_component_of", "full_product_name": { "name": "curl-debuginfo-0:7.29.0-25.el7.x86_64 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", "product_id": "7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.x86_64" }, "product_reference": "curl-debuginfo-0:7.29.0-25.el7.x86_64", "relates_to_product_reference": "7ComputeNode" }, { "category": "default_component_of", "full_product_name": { "name": "libcurl-0:7.29.0-25.el7.aarch64 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", "product_id": "7ComputeNode:libcurl-0:7.29.0-25.el7.aarch64" }, "product_reference": "libcurl-0:7.29.0-25.el7.aarch64", "relates_to_product_reference": "7ComputeNode" }, { "category": "default_component_of", "full_product_name": { "name": "libcurl-0:7.29.0-25.el7.i686 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", "product_id": "7ComputeNode:libcurl-0:7.29.0-25.el7.i686" }, "product_reference": "libcurl-0:7.29.0-25.el7.i686", "relates_to_product_reference": "7ComputeNode" }, { "category": "default_component_of", "full_product_name": { "name": "libcurl-0:7.29.0-25.el7.ppc as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", "product_id": "7ComputeNode:libcurl-0:7.29.0-25.el7.ppc" }, "product_reference": "libcurl-0:7.29.0-25.el7.ppc", "relates_to_product_reference": "7ComputeNode" }, { "category": "default_component_of", "full_product_name": { "name": "libcurl-0:7.29.0-25.el7.ppc64 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", "product_id": "7ComputeNode:libcurl-0:7.29.0-25.el7.ppc64" }, "product_reference": "libcurl-0:7.29.0-25.el7.ppc64", "relates_to_product_reference": "7ComputeNode" }, { "category": "default_component_of", "full_product_name": { "name": "libcurl-0:7.29.0-25.el7.ppc64le as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", "product_id": "7ComputeNode:libcurl-0:7.29.0-25.el7.ppc64le" }, "product_reference": "libcurl-0:7.29.0-25.el7.ppc64le", "relates_to_product_reference": "7ComputeNode" }, { "category": "default_component_of", "full_product_name": { "name": "libcurl-0:7.29.0-25.el7.s390 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", "product_id": "7ComputeNode:libcurl-0:7.29.0-25.el7.s390" }, "product_reference": "libcurl-0:7.29.0-25.el7.s390", "relates_to_product_reference": "7ComputeNode" }, { "category": "default_component_of", "full_product_name": { "name": "libcurl-0:7.29.0-25.el7.s390x as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", "product_id": "7ComputeNode:libcurl-0:7.29.0-25.el7.s390x" }, "product_reference": "libcurl-0:7.29.0-25.el7.s390x", "relates_to_product_reference": "7ComputeNode" }, { "category": "default_component_of", "full_product_name": { "name": "libcurl-0:7.29.0-25.el7.x86_64 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", "product_id": "7ComputeNode:libcurl-0:7.29.0-25.el7.x86_64" }, "product_reference": "libcurl-0:7.29.0-25.el7.x86_64", "relates_to_product_reference": "7ComputeNode" }, { "category": "default_component_of", "full_product_name": { "name": "libcurl-devel-0:7.29.0-25.el7.aarch64 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", "product_id": "7ComputeNode:libcurl-devel-0:7.29.0-25.el7.aarch64" }, "product_reference": "libcurl-devel-0:7.29.0-25.el7.aarch64", "relates_to_product_reference": "7ComputeNode" }, { "category": "default_component_of", "full_product_name": { "name": "libcurl-devel-0:7.29.0-25.el7.i686 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", "product_id": "7ComputeNode:libcurl-devel-0:7.29.0-25.el7.i686" }, "product_reference": "libcurl-devel-0:7.29.0-25.el7.i686", "relates_to_product_reference": "7ComputeNode" }, { "category": "default_component_of", "full_product_name": { "name": "libcurl-devel-0:7.29.0-25.el7.ppc as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", "product_id": "7ComputeNode:libcurl-devel-0:7.29.0-25.el7.ppc" }, "product_reference": "libcurl-devel-0:7.29.0-25.el7.ppc", "relates_to_product_reference": "7ComputeNode" }, { "category": "default_component_of", "full_product_name": { "name": "libcurl-devel-0:7.29.0-25.el7.ppc64 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", "product_id": "7ComputeNode:libcurl-devel-0:7.29.0-25.el7.ppc64" }, "product_reference": "libcurl-devel-0:7.29.0-25.el7.ppc64", "relates_to_product_reference": "7ComputeNode" }, { "category": "default_component_of", "full_product_name": { "name": "libcurl-devel-0:7.29.0-25.el7.ppc64le as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", "product_id": "7ComputeNode:libcurl-devel-0:7.29.0-25.el7.ppc64le" }, "product_reference": "libcurl-devel-0:7.29.0-25.el7.ppc64le", "relates_to_product_reference": "7ComputeNode" }, { "category": "default_component_of", "full_product_name": { "name": "libcurl-devel-0:7.29.0-25.el7.s390 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", "product_id": "7ComputeNode:libcurl-devel-0:7.29.0-25.el7.s390" }, "product_reference": "libcurl-devel-0:7.29.0-25.el7.s390", "relates_to_product_reference": "7ComputeNode" }, { "category": "default_component_of", "full_product_name": { "name": "libcurl-devel-0:7.29.0-25.el7.s390x as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", "product_id": "7ComputeNode:libcurl-devel-0:7.29.0-25.el7.s390x" }, "product_reference": "libcurl-devel-0:7.29.0-25.el7.s390x", "relates_to_product_reference": "7ComputeNode" }, { "category": "default_component_of", "full_product_name": { "name": "libcurl-devel-0:7.29.0-25.el7.x86_64 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", "product_id": "7ComputeNode:libcurl-devel-0:7.29.0-25.el7.x86_64" }, "product_reference": "libcurl-devel-0:7.29.0-25.el7.x86_64", "relates_to_product_reference": "7ComputeNode" }, { "category": "default_component_of", "full_product_name": { "name": "curl-0:7.29.0-25.el7.aarch64 as a component of Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server:curl-0:7.29.0-25.el7.aarch64" }, "product_reference": "curl-0:7.29.0-25.el7.aarch64", "relates_to_product_reference": "7Server" }, { "category": "default_component_of", "full_product_name": { "name": "curl-0:7.29.0-25.el7.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server:curl-0:7.29.0-25.el7.ppc64" }, "product_reference": "curl-0:7.29.0-25.el7.ppc64", "relates_to_product_reference": "7Server" }, { "category": "default_component_of", "full_product_name": { "name": "curl-0:7.29.0-25.el7.ppc64le as a component of Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server:curl-0:7.29.0-25.el7.ppc64le" }, "product_reference": "curl-0:7.29.0-25.el7.ppc64le", "relates_to_product_reference": "7Server" }, { "category": "default_component_of", "full_product_name": { "name": "curl-0:7.29.0-25.el7.s390x as a component of Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server:curl-0:7.29.0-25.el7.s390x" }, "product_reference": "curl-0:7.29.0-25.el7.s390x", "relates_to_product_reference": "7Server" }, { "category": "default_component_of", "full_product_name": { "name": "curl-0:7.29.0-25.el7.src as a component of Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server:curl-0:7.29.0-25.el7.src" }, "product_reference": "curl-0:7.29.0-25.el7.src", "relates_to_product_reference": "7Server" }, { "category": "default_component_of", "full_product_name": { "name": "curl-0:7.29.0-25.el7.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server:curl-0:7.29.0-25.el7.x86_64" }, "product_reference": "curl-0:7.29.0-25.el7.x86_64", "relates_to_product_reference": "7Server" }, { "category": "default_component_of", "full_product_name": { "name": "curl-debuginfo-0:7.29.0-25.el7.aarch64 as a component of Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server:curl-debuginfo-0:7.29.0-25.el7.aarch64" }, "product_reference": "curl-debuginfo-0:7.29.0-25.el7.aarch64", "relates_to_product_reference": "7Server" }, { "category": "default_component_of", "full_product_name": { "name": "curl-debuginfo-0:7.29.0-25.el7.i686 as a component of Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server:curl-debuginfo-0:7.29.0-25.el7.i686" }, "product_reference": "curl-debuginfo-0:7.29.0-25.el7.i686", "relates_to_product_reference": "7Server" }, { "category": "default_component_of", "full_product_name": { "name": "curl-debuginfo-0:7.29.0-25.el7.ppc as a component of Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server:curl-debuginfo-0:7.29.0-25.el7.ppc" }, "product_reference": "curl-debuginfo-0:7.29.0-25.el7.ppc", "relates_to_product_reference": "7Server" }, { "category": "default_component_of", "full_product_name": { "name": "curl-debuginfo-0:7.29.0-25.el7.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server:curl-debuginfo-0:7.29.0-25.el7.ppc64" }, "product_reference": "curl-debuginfo-0:7.29.0-25.el7.ppc64", "relates_to_product_reference": "7Server" }, { "category": "default_component_of", "full_product_name": { "name": "curl-debuginfo-0:7.29.0-25.el7.ppc64le as a component of Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server:curl-debuginfo-0:7.29.0-25.el7.ppc64le" }, "product_reference": "curl-debuginfo-0:7.29.0-25.el7.ppc64le", "relates_to_product_reference": "7Server" }, { "category": "default_component_of", "full_product_name": { "name": "curl-debuginfo-0:7.29.0-25.el7.s390 as a component of Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server:curl-debuginfo-0:7.29.0-25.el7.s390" }, "product_reference": "curl-debuginfo-0:7.29.0-25.el7.s390", "relates_to_product_reference": "7Server" }, { "category": "default_component_of", "full_product_name": { "name": "curl-debuginfo-0:7.29.0-25.el7.s390x as a component of Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server:curl-debuginfo-0:7.29.0-25.el7.s390x" }, "product_reference": "curl-debuginfo-0:7.29.0-25.el7.s390x", "relates_to_product_reference": "7Server" }, { "category": "default_component_of", "full_product_name": { "name": "curl-debuginfo-0:7.29.0-25.el7.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server:curl-debuginfo-0:7.29.0-25.el7.x86_64" }, "product_reference": "curl-debuginfo-0:7.29.0-25.el7.x86_64", "relates_to_product_reference": "7Server" }, { "category": "default_component_of", "full_product_name": { "name": "libcurl-0:7.29.0-25.el7.aarch64 as a component of Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server:libcurl-0:7.29.0-25.el7.aarch64" }, "product_reference": "libcurl-0:7.29.0-25.el7.aarch64", "relates_to_product_reference": "7Server" }, { "category": "default_component_of", "full_product_name": { "name": "libcurl-0:7.29.0-25.el7.i686 as a component of Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server:libcurl-0:7.29.0-25.el7.i686" }, "product_reference": "libcurl-0:7.29.0-25.el7.i686", "relates_to_product_reference": "7Server" }, { "category": "default_component_of", "full_product_name": { "name": "libcurl-0:7.29.0-25.el7.ppc as a component of Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server:libcurl-0:7.29.0-25.el7.ppc" }, "product_reference": "libcurl-0:7.29.0-25.el7.ppc", "relates_to_product_reference": "7Server" }, { "category": "default_component_of", "full_product_name": { "name": "libcurl-0:7.29.0-25.el7.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server:libcurl-0:7.29.0-25.el7.ppc64" }, "product_reference": "libcurl-0:7.29.0-25.el7.ppc64", "relates_to_product_reference": "7Server" }, { "category": "default_component_of", "full_product_name": { "name": "libcurl-0:7.29.0-25.el7.ppc64le as a component of Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server:libcurl-0:7.29.0-25.el7.ppc64le" }, "product_reference": "libcurl-0:7.29.0-25.el7.ppc64le", "relates_to_product_reference": "7Server" }, { "category": "default_component_of", "full_product_name": { "name": "libcurl-0:7.29.0-25.el7.s390 as a component of Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server:libcurl-0:7.29.0-25.el7.s390" }, "product_reference": "libcurl-0:7.29.0-25.el7.s390", "relates_to_product_reference": "7Server" }, { "category": "default_component_of", "full_product_name": { "name": "libcurl-0:7.29.0-25.el7.s390x as a component of Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server:libcurl-0:7.29.0-25.el7.s390x" }, "product_reference": "libcurl-0:7.29.0-25.el7.s390x", "relates_to_product_reference": "7Server" }, { "category": "default_component_of", "full_product_name": { "name": "libcurl-0:7.29.0-25.el7.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server:libcurl-0:7.29.0-25.el7.x86_64" }, "product_reference": "libcurl-0:7.29.0-25.el7.x86_64", "relates_to_product_reference": "7Server" }, { "category": "default_component_of", "full_product_name": { "name": "libcurl-devel-0:7.29.0-25.el7.aarch64 as a component of Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server:libcurl-devel-0:7.29.0-25.el7.aarch64" }, "product_reference": "libcurl-devel-0:7.29.0-25.el7.aarch64", "relates_to_product_reference": "7Server" }, { "category": "default_component_of", "full_product_name": { "name": "libcurl-devel-0:7.29.0-25.el7.i686 as a component of Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server:libcurl-devel-0:7.29.0-25.el7.i686" }, "product_reference": "libcurl-devel-0:7.29.0-25.el7.i686", "relates_to_product_reference": "7Server" }, { "category": "default_component_of", "full_product_name": { "name": "libcurl-devel-0:7.29.0-25.el7.ppc as a component of Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server:libcurl-devel-0:7.29.0-25.el7.ppc" }, "product_reference": "libcurl-devel-0:7.29.0-25.el7.ppc", "relates_to_product_reference": "7Server" }, { "category": "default_component_of", "full_product_name": { "name": "libcurl-devel-0:7.29.0-25.el7.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server:libcurl-devel-0:7.29.0-25.el7.ppc64" }, "product_reference": "libcurl-devel-0:7.29.0-25.el7.ppc64", "relates_to_product_reference": "7Server" }, { "category": "default_component_of", "full_product_name": { "name": "libcurl-devel-0:7.29.0-25.el7.ppc64le as a component of Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server:libcurl-devel-0:7.29.0-25.el7.ppc64le" }, "product_reference": "libcurl-devel-0:7.29.0-25.el7.ppc64le", "relates_to_product_reference": "7Server" }, { "category": "default_component_of", "full_product_name": { "name": "libcurl-devel-0:7.29.0-25.el7.s390 as a component of Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server:libcurl-devel-0:7.29.0-25.el7.s390" }, "product_reference": "libcurl-devel-0:7.29.0-25.el7.s390", "relates_to_product_reference": "7Server" }, { "category": "default_component_of", "full_product_name": { "name": "libcurl-devel-0:7.29.0-25.el7.s390x as a component of Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server:libcurl-devel-0:7.29.0-25.el7.s390x" }, "product_reference": "libcurl-devel-0:7.29.0-25.el7.s390x", "relates_to_product_reference": "7Server" }, { "category": "default_component_of", "full_product_name": { "name": "libcurl-devel-0:7.29.0-25.el7.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server:libcurl-devel-0:7.29.0-25.el7.x86_64" }, "product_reference": "libcurl-devel-0:7.29.0-25.el7.x86_64", "relates_to_product_reference": "7Server" }, { "category": "default_component_of", "full_product_name": { "name": "curl-0:7.29.0-25.el7.aarch64 as a component of Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation:curl-0:7.29.0-25.el7.aarch64" }, "product_reference": "curl-0:7.29.0-25.el7.aarch64", "relates_to_product_reference": "7Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "curl-0:7.29.0-25.el7.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation:curl-0:7.29.0-25.el7.ppc64" }, "product_reference": "curl-0:7.29.0-25.el7.ppc64", "relates_to_product_reference": "7Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "curl-0:7.29.0-25.el7.ppc64le as a component of Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation:curl-0:7.29.0-25.el7.ppc64le" }, "product_reference": "curl-0:7.29.0-25.el7.ppc64le", "relates_to_product_reference": "7Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "curl-0:7.29.0-25.el7.s390x as a component of Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation:curl-0:7.29.0-25.el7.s390x" }, "product_reference": "curl-0:7.29.0-25.el7.s390x", "relates_to_product_reference": "7Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "curl-0:7.29.0-25.el7.src as a component of Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation:curl-0:7.29.0-25.el7.src" }, "product_reference": "curl-0:7.29.0-25.el7.src", "relates_to_product_reference": "7Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "curl-0:7.29.0-25.el7.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation:curl-0:7.29.0-25.el7.x86_64" }, "product_reference": "curl-0:7.29.0-25.el7.x86_64", "relates_to_product_reference": "7Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "curl-debuginfo-0:7.29.0-25.el7.aarch64 as a component of Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation:curl-debuginfo-0:7.29.0-25.el7.aarch64" }, "product_reference": "curl-debuginfo-0:7.29.0-25.el7.aarch64", "relates_to_product_reference": "7Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "curl-debuginfo-0:7.29.0-25.el7.i686 as a component of Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation:curl-debuginfo-0:7.29.0-25.el7.i686" }, "product_reference": "curl-debuginfo-0:7.29.0-25.el7.i686", "relates_to_product_reference": "7Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "curl-debuginfo-0:7.29.0-25.el7.ppc as a component of Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation:curl-debuginfo-0:7.29.0-25.el7.ppc" }, "product_reference": "curl-debuginfo-0:7.29.0-25.el7.ppc", "relates_to_product_reference": "7Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "curl-debuginfo-0:7.29.0-25.el7.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation:curl-debuginfo-0:7.29.0-25.el7.ppc64" }, "product_reference": "curl-debuginfo-0:7.29.0-25.el7.ppc64", "relates_to_product_reference": "7Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "curl-debuginfo-0:7.29.0-25.el7.ppc64le as a component of Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation:curl-debuginfo-0:7.29.0-25.el7.ppc64le" }, "product_reference": "curl-debuginfo-0:7.29.0-25.el7.ppc64le", "relates_to_product_reference": "7Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "curl-debuginfo-0:7.29.0-25.el7.s390 as a component of Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation:curl-debuginfo-0:7.29.0-25.el7.s390" }, "product_reference": "curl-debuginfo-0:7.29.0-25.el7.s390", "relates_to_product_reference": "7Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "curl-debuginfo-0:7.29.0-25.el7.s390x as a component of Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation:curl-debuginfo-0:7.29.0-25.el7.s390x" }, "product_reference": "curl-debuginfo-0:7.29.0-25.el7.s390x", "relates_to_product_reference": "7Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "curl-debuginfo-0:7.29.0-25.el7.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation:curl-debuginfo-0:7.29.0-25.el7.x86_64" }, "product_reference": "curl-debuginfo-0:7.29.0-25.el7.x86_64", "relates_to_product_reference": "7Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "libcurl-0:7.29.0-25.el7.aarch64 as a component of Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation:libcurl-0:7.29.0-25.el7.aarch64" }, "product_reference": "libcurl-0:7.29.0-25.el7.aarch64", "relates_to_product_reference": "7Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "libcurl-0:7.29.0-25.el7.i686 as a component of Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation:libcurl-0:7.29.0-25.el7.i686" }, "product_reference": "libcurl-0:7.29.0-25.el7.i686", "relates_to_product_reference": "7Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "libcurl-0:7.29.0-25.el7.ppc as a component of Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation:libcurl-0:7.29.0-25.el7.ppc" }, "product_reference": "libcurl-0:7.29.0-25.el7.ppc", "relates_to_product_reference": "7Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "libcurl-0:7.29.0-25.el7.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation:libcurl-0:7.29.0-25.el7.ppc64" }, "product_reference": "libcurl-0:7.29.0-25.el7.ppc64", "relates_to_product_reference": "7Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "libcurl-0:7.29.0-25.el7.ppc64le as a component of Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation:libcurl-0:7.29.0-25.el7.ppc64le" }, "product_reference": "libcurl-0:7.29.0-25.el7.ppc64le", "relates_to_product_reference": "7Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "libcurl-0:7.29.0-25.el7.s390 as a component of Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation:libcurl-0:7.29.0-25.el7.s390" }, "product_reference": "libcurl-0:7.29.0-25.el7.s390", "relates_to_product_reference": "7Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "libcurl-0:7.29.0-25.el7.s390x as a component of Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation:libcurl-0:7.29.0-25.el7.s390x" }, "product_reference": "libcurl-0:7.29.0-25.el7.s390x", "relates_to_product_reference": "7Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "libcurl-0:7.29.0-25.el7.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation:libcurl-0:7.29.0-25.el7.x86_64" }, "product_reference": "libcurl-0:7.29.0-25.el7.x86_64", "relates_to_product_reference": "7Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "libcurl-devel-0:7.29.0-25.el7.aarch64 as a component of Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation:libcurl-devel-0:7.29.0-25.el7.aarch64" }, "product_reference": "libcurl-devel-0:7.29.0-25.el7.aarch64", "relates_to_product_reference": "7Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "libcurl-devel-0:7.29.0-25.el7.i686 as a component of Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation:libcurl-devel-0:7.29.0-25.el7.i686" }, "product_reference": "libcurl-devel-0:7.29.0-25.el7.i686", "relates_to_product_reference": "7Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "libcurl-devel-0:7.29.0-25.el7.ppc as a component of Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation:libcurl-devel-0:7.29.0-25.el7.ppc" }, "product_reference": "libcurl-devel-0:7.29.0-25.el7.ppc", "relates_to_product_reference": "7Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "libcurl-devel-0:7.29.0-25.el7.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation:libcurl-devel-0:7.29.0-25.el7.ppc64" }, "product_reference": "libcurl-devel-0:7.29.0-25.el7.ppc64", "relates_to_product_reference": "7Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "libcurl-devel-0:7.29.0-25.el7.ppc64le as a component of Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation:libcurl-devel-0:7.29.0-25.el7.ppc64le" }, "product_reference": "libcurl-devel-0:7.29.0-25.el7.ppc64le", "relates_to_product_reference": "7Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "libcurl-devel-0:7.29.0-25.el7.s390 as a component of Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation:libcurl-devel-0:7.29.0-25.el7.s390" }, "product_reference": "libcurl-devel-0:7.29.0-25.el7.s390", "relates_to_product_reference": "7Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "libcurl-devel-0:7.29.0-25.el7.s390x as a component of Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation:libcurl-devel-0:7.29.0-25.el7.s390x" }, "product_reference": "libcurl-devel-0:7.29.0-25.el7.s390x", "relates_to_product_reference": "7Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "libcurl-devel-0:7.29.0-25.el7.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation:libcurl-devel-0:7.29.0-25.el7.x86_64" }, "product_reference": "libcurl-devel-0:7.29.0-25.el7.x86_64", "relates_to_product_reference": "7Workstation" } ] }, "vulnerabilities": [ { "acknowledgments": [ { "names": [ "cURL project" ] }, { "names": [ "Tim Ruehsen" ], "summary": "Acknowledged by upstream." } ], "cve": "CVE-2014-3613", "cwe": { "id": "CWE-284", "name": "Improper Access Control" }, "discovery_date": "2014-09-02T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1136154" } ], "notes": [ { "category": "description", "text": "It was found that the libcurl library did not correctly handle partial literal IP addresses when parsing received HTTP cookies. An attacker able to trick a user into connecting to a malicious server could use this flaw to set the user\u0027s cookie to a crafted domain, making other cookie-related issues easier to exploit.", "title": "Vulnerability description" }, { "category": "summary", "text": "curl: incorrect handling of IP addresses in cookie domain", "title": "Vulnerability summary" }, { "category": "other", "text": "This issue affects the versions of curl as shipped with Red Hat Enterprise Linux 5 and is not planned to be corrected in future updates.\n\nInktank Ceph Enterprise 1.1 and 1.2 receives only qualified Important and Critical impact security fixes. This issue has been rated as having Moderate security impact and is not currently planned to be addressed in future updates. For additional information, refer to the Inktank Ceph Enterprise Support Matrix:\nhttp://www.inktank.com/enterprise/support/", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Client-optional:curl-0:7.29.0-25.el7.aarch64", "7Client-optional:curl-0:7.29.0-25.el7.ppc64", "7Client-optional:curl-0:7.29.0-25.el7.ppc64le", "7Client-optional:curl-0:7.29.0-25.el7.s390x", "7Client-optional:curl-0:7.29.0-25.el7.src", "7Client-optional:curl-0:7.29.0-25.el7.x86_64", "7Client-optional:curl-debuginfo-0:7.29.0-25.el7.aarch64", "7Client-optional:curl-debuginfo-0:7.29.0-25.el7.i686", "7Client-optional:curl-debuginfo-0:7.29.0-25.el7.ppc", "7Client-optional:curl-debuginfo-0:7.29.0-25.el7.ppc64", "7Client-optional:curl-debuginfo-0:7.29.0-25.el7.ppc64le", "7Client-optional:curl-debuginfo-0:7.29.0-25.el7.s390", "7Client-optional:curl-debuginfo-0:7.29.0-25.el7.s390x", "7Client-optional:curl-debuginfo-0:7.29.0-25.el7.x86_64", "7Client-optional:libcurl-0:7.29.0-25.el7.aarch64", "7Client-optional:libcurl-0:7.29.0-25.el7.i686", "7Client-optional:libcurl-0:7.29.0-25.el7.ppc", "7Client-optional:libcurl-0:7.29.0-25.el7.ppc64", "7Client-optional:libcurl-0:7.29.0-25.el7.ppc64le", "7Client-optional:libcurl-0:7.29.0-25.el7.s390", "7Client-optional:libcurl-0:7.29.0-25.el7.s390x", "7Client-optional:libcurl-0:7.29.0-25.el7.x86_64", "7Client-optional:libcurl-devel-0:7.29.0-25.el7.aarch64", "7Client-optional:libcurl-devel-0:7.29.0-25.el7.i686", "7Client-optional:libcurl-devel-0:7.29.0-25.el7.ppc", "7Client-optional:libcurl-devel-0:7.29.0-25.el7.ppc64", "7Client-optional:libcurl-devel-0:7.29.0-25.el7.ppc64le", "7Client-optional:libcurl-devel-0:7.29.0-25.el7.s390", "7Client-optional:libcurl-devel-0:7.29.0-25.el7.s390x", "7Client-optional:libcurl-devel-0:7.29.0-25.el7.x86_64", "7Client:curl-0:7.29.0-25.el7.aarch64", "7Client:curl-0:7.29.0-25.el7.ppc64", "7Client:curl-0:7.29.0-25.el7.ppc64le", "7Client:curl-0:7.29.0-25.el7.s390x", "7Client:curl-0:7.29.0-25.el7.src", "7Client:curl-0:7.29.0-25.el7.x86_64", "7Client:curl-debuginfo-0:7.29.0-25.el7.aarch64", "7Client:curl-debuginfo-0:7.29.0-25.el7.i686", "7Client:curl-debuginfo-0:7.29.0-25.el7.ppc", "7Client:curl-debuginfo-0:7.29.0-25.el7.ppc64", "7Client:curl-debuginfo-0:7.29.0-25.el7.ppc64le", "7Client:curl-debuginfo-0:7.29.0-25.el7.s390", "7Client:curl-debuginfo-0:7.29.0-25.el7.s390x", "7Client:curl-debuginfo-0:7.29.0-25.el7.x86_64", "7Client:libcurl-0:7.29.0-25.el7.aarch64", "7Client:libcurl-0:7.29.0-25.el7.i686", "7Client:libcurl-0:7.29.0-25.el7.ppc", "7Client:libcurl-0:7.29.0-25.el7.ppc64", "7Client:libcurl-0:7.29.0-25.el7.ppc64le", "7Client:libcurl-0:7.29.0-25.el7.s390", "7Client:libcurl-0:7.29.0-25.el7.s390x", "7Client:libcurl-0:7.29.0-25.el7.x86_64", "7Client:libcurl-devel-0:7.29.0-25.el7.aarch64", "7Client:libcurl-devel-0:7.29.0-25.el7.i686", "7Client:libcurl-devel-0:7.29.0-25.el7.ppc", "7Client:libcurl-devel-0:7.29.0-25.el7.ppc64", "7Client:libcurl-devel-0:7.29.0-25.el7.ppc64le", "7Client:libcurl-devel-0:7.29.0-25.el7.s390", "7Client:libcurl-devel-0:7.29.0-25.el7.s390x", "7Client:libcurl-devel-0:7.29.0-25.el7.x86_64", "7ComputeNode-optional:curl-0:7.29.0-25.el7.aarch64", "7ComputeNode-optional:curl-0:7.29.0-25.el7.ppc64", "7ComputeNode-optional:curl-0:7.29.0-25.el7.ppc64le", "7ComputeNode-optional:curl-0:7.29.0-25.el7.s390x", "7ComputeNode-optional:curl-0:7.29.0-25.el7.src", "7ComputeNode-optional:curl-0:7.29.0-25.el7.x86_64", "7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.aarch64", "7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.i686", "7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.ppc", "7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.ppc64", "7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.ppc64le", "7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.s390", "7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.s390x", "7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.x86_64", "7ComputeNode-optional:libcurl-0:7.29.0-25.el7.aarch64", "7ComputeNode-optional:libcurl-0:7.29.0-25.el7.i686", "7ComputeNode-optional:libcurl-0:7.29.0-25.el7.ppc", "7ComputeNode-optional:libcurl-0:7.29.0-25.el7.ppc64", "7ComputeNode-optional:libcurl-0:7.29.0-25.el7.ppc64le", "7ComputeNode-optional:libcurl-0:7.29.0-25.el7.s390", "7ComputeNode-optional:libcurl-0:7.29.0-25.el7.s390x", "7ComputeNode-optional:libcurl-0:7.29.0-25.el7.x86_64", "7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.aarch64", "7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.i686", "7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.ppc", "7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.ppc64", "7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.ppc64le", "7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.s390", "7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.s390x", "7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.x86_64", "7ComputeNode:curl-0:7.29.0-25.el7.aarch64", "7ComputeNode:curl-0:7.29.0-25.el7.ppc64", "7ComputeNode:curl-0:7.29.0-25.el7.ppc64le", "7ComputeNode:curl-0:7.29.0-25.el7.s390x", "7ComputeNode:curl-0:7.29.0-25.el7.src", "7ComputeNode:curl-0:7.29.0-25.el7.x86_64", "7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.aarch64", "7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.i686", "7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.ppc", "7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.ppc64", "7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.ppc64le", "7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.s390", "7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.s390x", "7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.x86_64", "7ComputeNode:libcurl-0:7.29.0-25.el7.aarch64", "7ComputeNode:libcurl-0:7.29.0-25.el7.i686", "7ComputeNode:libcurl-0:7.29.0-25.el7.ppc", "7ComputeNode:libcurl-0:7.29.0-25.el7.ppc64", "7ComputeNode:libcurl-0:7.29.0-25.el7.ppc64le", "7ComputeNode:libcurl-0:7.29.0-25.el7.s390", "7ComputeNode:libcurl-0:7.29.0-25.el7.s390x", "7ComputeNode:libcurl-0:7.29.0-25.el7.x86_64", "7ComputeNode:libcurl-devel-0:7.29.0-25.el7.aarch64", "7ComputeNode:libcurl-devel-0:7.29.0-25.el7.i686", "7ComputeNode:libcurl-devel-0:7.29.0-25.el7.ppc", "7ComputeNode:libcurl-devel-0:7.29.0-25.el7.ppc64", "7ComputeNode:libcurl-devel-0:7.29.0-25.el7.ppc64le", "7ComputeNode:libcurl-devel-0:7.29.0-25.el7.s390", "7ComputeNode:libcurl-devel-0:7.29.0-25.el7.s390x", "7ComputeNode:libcurl-devel-0:7.29.0-25.el7.x86_64", "7Server:curl-0:7.29.0-25.el7.aarch64", "7Server:curl-0:7.29.0-25.el7.ppc64", "7Server:curl-0:7.29.0-25.el7.ppc64le", "7Server:curl-0:7.29.0-25.el7.s390x", "7Server:curl-0:7.29.0-25.el7.src", "7Server:curl-0:7.29.0-25.el7.x86_64", "7Server:curl-debuginfo-0:7.29.0-25.el7.aarch64", "7Server:curl-debuginfo-0:7.29.0-25.el7.i686", "7Server:curl-debuginfo-0:7.29.0-25.el7.ppc", "7Server:curl-debuginfo-0:7.29.0-25.el7.ppc64", "7Server:curl-debuginfo-0:7.29.0-25.el7.ppc64le", "7Server:curl-debuginfo-0:7.29.0-25.el7.s390", "7Server:curl-debuginfo-0:7.29.0-25.el7.s390x", "7Server:curl-debuginfo-0:7.29.0-25.el7.x86_64", "7Server:libcurl-0:7.29.0-25.el7.aarch64", "7Server:libcurl-0:7.29.0-25.el7.i686", "7Server:libcurl-0:7.29.0-25.el7.ppc", "7Server:libcurl-0:7.29.0-25.el7.ppc64", "7Server:libcurl-0:7.29.0-25.el7.ppc64le", "7Server:libcurl-0:7.29.0-25.el7.s390", "7Server:libcurl-0:7.29.0-25.el7.s390x", "7Server:libcurl-0:7.29.0-25.el7.x86_64", "7Server:libcurl-devel-0:7.29.0-25.el7.aarch64", "7Server:libcurl-devel-0:7.29.0-25.el7.i686", "7Server:libcurl-devel-0:7.29.0-25.el7.ppc", "7Server:libcurl-devel-0:7.29.0-25.el7.ppc64", "7Server:libcurl-devel-0:7.29.0-25.el7.ppc64le", "7Server:libcurl-devel-0:7.29.0-25.el7.s390", "7Server:libcurl-devel-0:7.29.0-25.el7.s390x", "7Server:libcurl-devel-0:7.29.0-25.el7.x86_64", "7Workstation:curl-0:7.29.0-25.el7.aarch64", "7Workstation:curl-0:7.29.0-25.el7.ppc64", "7Workstation:curl-0:7.29.0-25.el7.ppc64le", "7Workstation:curl-0:7.29.0-25.el7.s390x", "7Workstation:curl-0:7.29.0-25.el7.src", "7Workstation:curl-0:7.29.0-25.el7.x86_64", "7Workstation:curl-debuginfo-0:7.29.0-25.el7.aarch64", "7Workstation:curl-debuginfo-0:7.29.0-25.el7.i686", "7Workstation:curl-debuginfo-0:7.29.0-25.el7.ppc", "7Workstation:curl-debuginfo-0:7.29.0-25.el7.ppc64", "7Workstation:curl-debuginfo-0:7.29.0-25.el7.ppc64le", "7Workstation:curl-debuginfo-0:7.29.0-25.el7.s390", "7Workstation:curl-debuginfo-0:7.29.0-25.el7.s390x", "7Workstation:curl-debuginfo-0:7.29.0-25.el7.x86_64", "7Workstation:libcurl-0:7.29.0-25.el7.aarch64", "7Workstation:libcurl-0:7.29.0-25.el7.i686", "7Workstation:libcurl-0:7.29.0-25.el7.ppc", "7Workstation:libcurl-0:7.29.0-25.el7.ppc64", "7Workstation:libcurl-0:7.29.0-25.el7.ppc64le", "7Workstation:libcurl-0:7.29.0-25.el7.s390", "7Workstation:libcurl-0:7.29.0-25.el7.s390x", "7Workstation:libcurl-0:7.29.0-25.el7.x86_64", "7Workstation:libcurl-devel-0:7.29.0-25.el7.aarch64", "7Workstation:libcurl-devel-0:7.29.0-25.el7.i686", "7Workstation:libcurl-devel-0:7.29.0-25.el7.ppc", "7Workstation:libcurl-devel-0:7.29.0-25.el7.ppc64", "7Workstation:libcurl-devel-0:7.29.0-25.el7.ppc64le", "7Workstation:libcurl-devel-0:7.29.0-25.el7.s390", "7Workstation:libcurl-devel-0:7.29.0-25.el7.s390x", "7Workstation:libcurl-devel-0:7.29.0-25.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2014-3613" }, { "category": "external", "summary": "RHBZ#1136154", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1136154" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2014-3613", "url": "https://www.cve.org/CVERecord?id=CVE-2014-3613" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-3613", "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-3613" }, { "category": "external", "summary": "http://curl.haxx.se/docs/adv_20140910A.html", "url": "http://curl.haxx.se/docs/adv_20140910A.html" } ], "release_date": "2014-09-10T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2015-11-19T03:26:18+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Client-optional:curl-0:7.29.0-25.el7.aarch64", "7Client-optional:curl-0:7.29.0-25.el7.ppc64", "7Client-optional:curl-0:7.29.0-25.el7.ppc64le", "7Client-optional:curl-0:7.29.0-25.el7.s390x", "7Client-optional:curl-0:7.29.0-25.el7.src", "7Client-optional:curl-0:7.29.0-25.el7.x86_64", "7Client-optional:curl-debuginfo-0:7.29.0-25.el7.aarch64", "7Client-optional:curl-debuginfo-0:7.29.0-25.el7.i686", "7Client-optional:curl-debuginfo-0:7.29.0-25.el7.ppc", "7Client-optional:curl-debuginfo-0:7.29.0-25.el7.ppc64", "7Client-optional:curl-debuginfo-0:7.29.0-25.el7.ppc64le", "7Client-optional:curl-debuginfo-0:7.29.0-25.el7.s390", "7Client-optional:curl-debuginfo-0:7.29.0-25.el7.s390x", "7Client-optional:curl-debuginfo-0:7.29.0-25.el7.x86_64", "7Client-optional:libcurl-0:7.29.0-25.el7.aarch64", "7Client-optional:libcurl-0:7.29.0-25.el7.i686", "7Client-optional:libcurl-0:7.29.0-25.el7.ppc", "7Client-optional:libcurl-0:7.29.0-25.el7.ppc64", "7Client-optional:libcurl-0:7.29.0-25.el7.ppc64le", "7Client-optional:libcurl-0:7.29.0-25.el7.s390", "7Client-optional:libcurl-0:7.29.0-25.el7.s390x", "7Client-optional:libcurl-0:7.29.0-25.el7.x86_64", "7Client-optional:libcurl-devel-0:7.29.0-25.el7.aarch64", "7Client-optional:libcurl-devel-0:7.29.0-25.el7.i686", "7Client-optional:libcurl-devel-0:7.29.0-25.el7.ppc", "7Client-optional:libcurl-devel-0:7.29.0-25.el7.ppc64", "7Client-optional:libcurl-devel-0:7.29.0-25.el7.ppc64le", "7Client-optional:libcurl-devel-0:7.29.0-25.el7.s390", "7Client-optional:libcurl-devel-0:7.29.0-25.el7.s390x", "7Client-optional:libcurl-devel-0:7.29.0-25.el7.x86_64", "7Client:curl-0:7.29.0-25.el7.aarch64", "7Client:curl-0:7.29.0-25.el7.ppc64", "7Client:curl-0:7.29.0-25.el7.ppc64le", "7Client:curl-0:7.29.0-25.el7.s390x", "7Client:curl-0:7.29.0-25.el7.src", "7Client:curl-0:7.29.0-25.el7.x86_64", "7Client:curl-debuginfo-0:7.29.0-25.el7.aarch64", "7Client:curl-debuginfo-0:7.29.0-25.el7.i686", "7Client:curl-debuginfo-0:7.29.0-25.el7.ppc", "7Client:curl-debuginfo-0:7.29.0-25.el7.ppc64", "7Client:curl-debuginfo-0:7.29.0-25.el7.ppc64le", "7Client:curl-debuginfo-0:7.29.0-25.el7.s390", "7Client:curl-debuginfo-0:7.29.0-25.el7.s390x", "7Client:curl-debuginfo-0:7.29.0-25.el7.x86_64", "7Client:libcurl-0:7.29.0-25.el7.aarch64", "7Client:libcurl-0:7.29.0-25.el7.i686", "7Client:libcurl-0:7.29.0-25.el7.ppc", "7Client:libcurl-0:7.29.0-25.el7.ppc64", "7Client:libcurl-0:7.29.0-25.el7.ppc64le", "7Client:libcurl-0:7.29.0-25.el7.s390", "7Client:libcurl-0:7.29.0-25.el7.s390x", "7Client:libcurl-0:7.29.0-25.el7.x86_64", "7Client:libcurl-devel-0:7.29.0-25.el7.aarch64", "7Client:libcurl-devel-0:7.29.0-25.el7.i686", "7Client:libcurl-devel-0:7.29.0-25.el7.ppc", "7Client:libcurl-devel-0:7.29.0-25.el7.ppc64", "7Client:libcurl-devel-0:7.29.0-25.el7.ppc64le", "7Client:libcurl-devel-0:7.29.0-25.el7.s390", "7Client:libcurl-devel-0:7.29.0-25.el7.s390x", "7Client:libcurl-devel-0:7.29.0-25.el7.x86_64", "7ComputeNode-optional:curl-0:7.29.0-25.el7.aarch64", "7ComputeNode-optional:curl-0:7.29.0-25.el7.ppc64", "7ComputeNode-optional:curl-0:7.29.0-25.el7.ppc64le", "7ComputeNode-optional:curl-0:7.29.0-25.el7.s390x", "7ComputeNode-optional:curl-0:7.29.0-25.el7.src", "7ComputeNode-optional:curl-0:7.29.0-25.el7.x86_64", "7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.aarch64", "7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.i686", "7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.ppc", "7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.ppc64", "7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.ppc64le", "7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.s390", "7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.s390x", "7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.x86_64", "7ComputeNode-optional:libcurl-0:7.29.0-25.el7.aarch64", "7ComputeNode-optional:libcurl-0:7.29.0-25.el7.i686", "7ComputeNode-optional:libcurl-0:7.29.0-25.el7.ppc", "7ComputeNode-optional:libcurl-0:7.29.0-25.el7.ppc64", "7ComputeNode-optional:libcurl-0:7.29.0-25.el7.ppc64le", "7ComputeNode-optional:libcurl-0:7.29.0-25.el7.s390", "7ComputeNode-optional:libcurl-0:7.29.0-25.el7.s390x", "7ComputeNode-optional:libcurl-0:7.29.0-25.el7.x86_64", "7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.aarch64", "7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.i686", "7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.ppc", "7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.ppc64", "7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.ppc64le", "7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.s390", "7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.s390x", "7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.x86_64", "7ComputeNode:curl-0:7.29.0-25.el7.aarch64", "7ComputeNode:curl-0:7.29.0-25.el7.ppc64", "7ComputeNode:curl-0:7.29.0-25.el7.ppc64le", "7ComputeNode:curl-0:7.29.0-25.el7.s390x", "7ComputeNode:curl-0:7.29.0-25.el7.src", "7ComputeNode:curl-0:7.29.0-25.el7.x86_64", "7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.aarch64", "7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.i686", "7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.ppc", "7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.ppc64", "7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.ppc64le", "7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.s390", "7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.s390x", "7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.x86_64", "7ComputeNode:libcurl-0:7.29.0-25.el7.aarch64", "7ComputeNode:libcurl-0:7.29.0-25.el7.i686", "7ComputeNode:libcurl-0:7.29.0-25.el7.ppc", "7ComputeNode:libcurl-0:7.29.0-25.el7.ppc64", "7ComputeNode:libcurl-0:7.29.0-25.el7.ppc64le", "7ComputeNode:libcurl-0:7.29.0-25.el7.s390", "7ComputeNode:libcurl-0:7.29.0-25.el7.s390x", "7ComputeNode:libcurl-0:7.29.0-25.el7.x86_64", "7ComputeNode:libcurl-devel-0:7.29.0-25.el7.aarch64", "7ComputeNode:libcurl-devel-0:7.29.0-25.el7.i686", "7ComputeNode:libcurl-devel-0:7.29.0-25.el7.ppc", "7ComputeNode:libcurl-devel-0:7.29.0-25.el7.ppc64", "7ComputeNode:libcurl-devel-0:7.29.0-25.el7.ppc64le", "7ComputeNode:libcurl-devel-0:7.29.0-25.el7.s390", "7ComputeNode:libcurl-devel-0:7.29.0-25.el7.s390x", "7ComputeNode:libcurl-devel-0:7.29.0-25.el7.x86_64", "7Server:curl-0:7.29.0-25.el7.aarch64", "7Server:curl-0:7.29.0-25.el7.ppc64", "7Server:curl-0:7.29.0-25.el7.ppc64le", "7Server:curl-0:7.29.0-25.el7.s390x", "7Server:curl-0:7.29.0-25.el7.src", "7Server:curl-0:7.29.0-25.el7.x86_64", "7Server:curl-debuginfo-0:7.29.0-25.el7.aarch64", "7Server:curl-debuginfo-0:7.29.0-25.el7.i686", "7Server:curl-debuginfo-0:7.29.0-25.el7.ppc", "7Server:curl-debuginfo-0:7.29.0-25.el7.ppc64", "7Server:curl-debuginfo-0:7.29.0-25.el7.ppc64le", "7Server:curl-debuginfo-0:7.29.0-25.el7.s390", "7Server:curl-debuginfo-0:7.29.0-25.el7.s390x", "7Server:curl-debuginfo-0:7.29.0-25.el7.x86_64", "7Server:libcurl-0:7.29.0-25.el7.aarch64", "7Server:libcurl-0:7.29.0-25.el7.i686", "7Server:libcurl-0:7.29.0-25.el7.ppc", "7Server:libcurl-0:7.29.0-25.el7.ppc64", "7Server:libcurl-0:7.29.0-25.el7.ppc64le", "7Server:libcurl-0:7.29.0-25.el7.s390", "7Server:libcurl-0:7.29.0-25.el7.s390x", "7Server:libcurl-0:7.29.0-25.el7.x86_64", "7Server:libcurl-devel-0:7.29.0-25.el7.aarch64", "7Server:libcurl-devel-0:7.29.0-25.el7.i686", "7Server:libcurl-devel-0:7.29.0-25.el7.ppc", "7Server:libcurl-devel-0:7.29.0-25.el7.ppc64", "7Server:libcurl-devel-0:7.29.0-25.el7.ppc64le", "7Server:libcurl-devel-0:7.29.0-25.el7.s390", "7Server:libcurl-devel-0:7.29.0-25.el7.s390x", "7Server:libcurl-devel-0:7.29.0-25.el7.x86_64", "7Workstation:curl-0:7.29.0-25.el7.aarch64", "7Workstation:curl-0:7.29.0-25.el7.ppc64", "7Workstation:curl-0:7.29.0-25.el7.ppc64le", "7Workstation:curl-0:7.29.0-25.el7.s390x", "7Workstation:curl-0:7.29.0-25.el7.src", "7Workstation:curl-0:7.29.0-25.el7.x86_64", "7Workstation:curl-debuginfo-0:7.29.0-25.el7.aarch64", "7Workstation:curl-debuginfo-0:7.29.0-25.el7.i686", "7Workstation:curl-debuginfo-0:7.29.0-25.el7.ppc", "7Workstation:curl-debuginfo-0:7.29.0-25.el7.ppc64", "7Workstation:curl-debuginfo-0:7.29.0-25.el7.ppc64le", "7Workstation:curl-debuginfo-0:7.29.0-25.el7.s390", "7Workstation:curl-debuginfo-0:7.29.0-25.el7.s390x", "7Workstation:curl-debuginfo-0:7.29.0-25.el7.x86_64", "7Workstation:libcurl-0:7.29.0-25.el7.aarch64", "7Workstation:libcurl-0:7.29.0-25.el7.i686", "7Workstation:libcurl-0:7.29.0-25.el7.ppc", "7Workstation:libcurl-0:7.29.0-25.el7.ppc64", "7Workstation:libcurl-0:7.29.0-25.el7.ppc64le", "7Workstation:libcurl-0:7.29.0-25.el7.s390", "7Workstation:libcurl-0:7.29.0-25.el7.s390x", "7Workstation:libcurl-0:7.29.0-25.el7.x86_64", "7Workstation:libcurl-devel-0:7.29.0-25.el7.aarch64", "7Workstation:libcurl-devel-0:7.29.0-25.el7.i686", "7Workstation:libcurl-devel-0:7.29.0-25.el7.ppc", "7Workstation:libcurl-devel-0:7.29.0-25.el7.ppc64", "7Workstation:libcurl-devel-0:7.29.0-25.el7.ppc64le", "7Workstation:libcurl-devel-0:7.29.0-25.el7.s390", "7Workstation:libcurl-devel-0:7.29.0-25.el7.s390x", "7Workstation:libcurl-devel-0:7.29.0-25.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2015:2159" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0" }, "products": [ "7Client-optional:curl-0:7.29.0-25.el7.aarch64", "7Client-optional:curl-0:7.29.0-25.el7.ppc64", "7Client-optional:curl-0:7.29.0-25.el7.ppc64le", "7Client-optional:curl-0:7.29.0-25.el7.s390x", "7Client-optional:curl-0:7.29.0-25.el7.src", "7Client-optional:curl-0:7.29.0-25.el7.x86_64", "7Client-optional:curl-debuginfo-0:7.29.0-25.el7.aarch64", "7Client-optional:curl-debuginfo-0:7.29.0-25.el7.i686", "7Client-optional:curl-debuginfo-0:7.29.0-25.el7.ppc", "7Client-optional:curl-debuginfo-0:7.29.0-25.el7.ppc64", "7Client-optional:curl-debuginfo-0:7.29.0-25.el7.ppc64le", "7Client-optional:curl-debuginfo-0:7.29.0-25.el7.s390", "7Client-optional:curl-debuginfo-0:7.29.0-25.el7.s390x", "7Client-optional:curl-debuginfo-0:7.29.0-25.el7.x86_64", "7Client-optional:libcurl-0:7.29.0-25.el7.aarch64", "7Client-optional:libcurl-0:7.29.0-25.el7.i686", "7Client-optional:libcurl-0:7.29.0-25.el7.ppc", "7Client-optional:libcurl-0:7.29.0-25.el7.ppc64", "7Client-optional:libcurl-0:7.29.0-25.el7.ppc64le", "7Client-optional:libcurl-0:7.29.0-25.el7.s390", "7Client-optional:libcurl-0:7.29.0-25.el7.s390x", "7Client-optional:libcurl-0:7.29.0-25.el7.x86_64", "7Client-optional:libcurl-devel-0:7.29.0-25.el7.aarch64", "7Client-optional:libcurl-devel-0:7.29.0-25.el7.i686", "7Client-optional:libcurl-devel-0:7.29.0-25.el7.ppc", "7Client-optional:libcurl-devel-0:7.29.0-25.el7.ppc64", "7Client-optional:libcurl-devel-0:7.29.0-25.el7.ppc64le", "7Client-optional:libcurl-devel-0:7.29.0-25.el7.s390", "7Client-optional:libcurl-devel-0:7.29.0-25.el7.s390x", "7Client-optional:libcurl-devel-0:7.29.0-25.el7.x86_64", "7Client:curl-0:7.29.0-25.el7.aarch64", "7Client:curl-0:7.29.0-25.el7.ppc64", "7Client:curl-0:7.29.0-25.el7.ppc64le", "7Client:curl-0:7.29.0-25.el7.s390x", "7Client:curl-0:7.29.0-25.el7.src", "7Client:curl-0:7.29.0-25.el7.x86_64", "7Client:curl-debuginfo-0:7.29.0-25.el7.aarch64", "7Client:curl-debuginfo-0:7.29.0-25.el7.i686", "7Client:curl-debuginfo-0:7.29.0-25.el7.ppc", "7Client:curl-debuginfo-0:7.29.0-25.el7.ppc64", "7Client:curl-debuginfo-0:7.29.0-25.el7.ppc64le", "7Client:curl-debuginfo-0:7.29.0-25.el7.s390", "7Client:curl-debuginfo-0:7.29.0-25.el7.s390x", "7Client:curl-debuginfo-0:7.29.0-25.el7.x86_64", "7Client:libcurl-0:7.29.0-25.el7.aarch64", "7Client:libcurl-0:7.29.0-25.el7.i686", "7Client:libcurl-0:7.29.0-25.el7.ppc", "7Client:libcurl-0:7.29.0-25.el7.ppc64", "7Client:libcurl-0:7.29.0-25.el7.ppc64le", "7Client:libcurl-0:7.29.0-25.el7.s390", "7Client:libcurl-0:7.29.0-25.el7.s390x", "7Client:libcurl-0:7.29.0-25.el7.x86_64", "7Client:libcurl-devel-0:7.29.0-25.el7.aarch64", "7Client:libcurl-devel-0:7.29.0-25.el7.i686", "7Client:libcurl-devel-0:7.29.0-25.el7.ppc", "7Client:libcurl-devel-0:7.29.0-25.el7.ppc64", "7Client:libcurl-devel-0:7.29.0-25.el7.ppc64le", "7Client:libcurl-devel-0:7.29.0-25.el7.s390", "7Client:libcurl-devel-0:7.29.0-25.el7.s390x", "7Client:libcurl-devel-0:7.29.0-25.el7.x86_64", "7ComputeNode-optional:curl-0:7.29.0-25.el7.aarch64", "7ComputeNode-optional:curl-0:7.29.0-25.el7.ppc64", "7ComputeNode-optional:curl-0:7.29.0-25.el7.ppc64le", "7ComputeNode-optional:curl-0:7.29.0-25.el7.s390x", "7ComputeNode-optional:curl-0:7.29.0-25.el7.src", "7ComputeNode-optional:curl-0:7.29.0-25.el7.x86_64", "7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.aarch64", "7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.i686", "7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.ppc", "7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.ppc64", "7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.ppc64le", "7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.s390", "7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.s390x", "7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.x86_64", "7ComputeNode-optional:libcurl-0:7.29.0-25.el7.aarch64", "7ComputeNode-optional:libcurl-0:7.29.0-25.el7.i686", "7ComputeNode-optional:libcurl-0:7.29.0-25.el7.ppc", "7ComputeNode-optional:libcurl-0:7.29.0-25.el7.ppc64", "7ComputeNode-optional:libcurl-0:7.29.0-25.el7.ppc64le", "7ComputeNode-optional:libcurl-0:7.29.0-25.el7.s390", "7ComputeNode-optional:libcurl-0:7.29.0-25.el7.s390x", "7ComputeNode-optional:libcurl-0:7.29.0-25.el7.x86_64", "7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.aarch64", "7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.i686", "7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.ppc", "7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.ppc64", "7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.ppc64le", "7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.s390", "7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.s390x", "7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.x86_64", "7ComputeNode:curl-0:7.29.0-25.el7.aarch64", "7ComputeNode:curl-0:7.29.0-25.el7.ppc64", "7ComputeNode:curl-0:7.29.0-25.el7.ppc64le", "7ComputeNode:curl-0:7.29.0-25.el7.s390x", "7ComputeNode:curl-0:7.29.0-25.el7.src", "7ComputeNode:curl-0:7.29.0-25.el7.x86_64", "7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.aarch64", "7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.i686", "7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.ppc", "7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.ppc64", "7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.ppc64le", "7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.s390", "7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.s390x", "7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.x86_64", "7ComputeNode:libcurl-0:7.29.0-25.el7.aarch64", "7ComputeNode:libcurl-0:7.29.0-25.el7.i686", "7ComputeNode:libcurl-0:7.29.0-25.el7.ppc", "7ComputeNode:libcurl-0:7.29.0-25.el7.ppc64", "7ComputeNode:libcurl-0:7.29.0-25.el7.ppc64le", "7ComputeNode:libcurl-0:7.29.0-25.el7.s390", "7ComputeNode:libcurl-0:7.29.0-25.el7.s390x", "7ComputeNode:libcurl-0:7.29.0-25.el7.x86_64", "7ComputeNode:libcurl-devel-0:7.29.0-25.el7.aarch64", "7ComputeNode:libcurl-devel-0:7.29.0-25.el7.i686", "7ComputeNode:libcurl-devel-0:7.29.0-25.el7.ppc", "7ComputeNode:libcurl-devel-0:7.29.0-25.el7.ppc64", "7ComputeNode:libcurl-devel-0:7.29.0-25.el7.ppc64le", "7ComputeNode:libcurl-devel-0:7.29.0-25.el7.s390", "7ComputeNode:libcurl-devel-0:7.29.0-25.el7.s390x", "7ComputeNode:libcurl-devel-0:7.29.0-25.el7.x86_64", "7Server:curl-0:7.29.0-25.el7.aarch64", "7Server:curl-0:7.29.0-25.el7.ppc64", "7Server:curl-0:7.29.0-25.el7.ppc64le", "7Server:curl-0:7.29.0-25.el7.s390x", "7Server:curl-0:7.29.0-25.el7.src", "7Server:curl-0:7.29.0-25.el7.x86_64", "7Server:curl-debuginfo-0:7.29.0-25.el7.aarch64", "7Server:curl-debuginfo-0:7.29.0-25.el7.i686", "7Server:curl-debuginfo-0:7.29.0-25.el7.ppc", "7Server:curl-debuginfo-0:7.29.0-25.el7.ppc64", "7Server:curl-debuginfo-0:7.29.0-25.el7.ppc64le", "7Server:curl-debuginfo-0:7.29.0-25.el7.s390", "7Server:curl-debuginfo-0:7.29.0-25.el7.s390x", "7Server:curl-debuginfo-0:7.29.0-25.el7.x86_64", "7Server:libcurl-0:7.29.0-25.el7.aarch64", "7Server:libcurl-0:7.29.0-25.el7.i686", "7Server:libcurl-0:7.29.0-25.el7.ppc", "7Server:libcurl-0:7.29.0-25.el7.ppc64", "7Server:libcurl-0:7.29.0-25.el7.ppc64le", "7Server:libcurl-0:7.29.0-25.el7.s390", "7Server:libcurl-0:7.29.0-25.el7.s390x", "7Server:libcurl-0:7.29.0-25.el7.x86_64", "7Server:libcurl-devel-0:7.29.0-25.el7.aarch64", "7Server:libcurl-devel-0:7.29.0-25.el7.i686", "7Server:libcurl-devel-0:7.29.0-25.el7.ppc", "7Server:libcurl-devel-0:7.29.0-25.el7.ppc64", "7Server:libcurl-devel-0:7.29.0-25.el7.ppc64le", "7Server:libcurl-devel-0:7.29.0-25.el7.s390", "7Server:libcurl-devel-0:7.29.0-25.el7.s390x", "7Server:libcurl-devel-0:7.29.0-25.el7.x86_64", "7Workstation:curl-0:7.29.0-25.el7.aarch64", "7Workstation:curl-0:7.29.0-25.el7.ppc64", "7Workstation:curl-0:7.29.0-25.el7.ppc64le", "7Workstation:curl-0:7.29.0-25.el7.s390x", "7Workstation:curl-0:7.29.0-25.el7.src", "7Workstation:curl-0:7.29.0-25.el7.x86_64", "7Workstation:curl-debuginfo-0:7.29.0-25.el7.aarch64", "7Workstation:curl-debuginfo-0:7.29.0-25.el7.i686", "7Workstation:curl-debuginfo-0:7.29.0-25.el7.ppc", "7Workstation:curl-debuginfo-0:7.29.0-25.el7.ppc64", "7Workstation:curl-debuginfo-0:7.29.0-25.el7.ppc64le", "7Workstation:curl-debuginfo-0:7.29.0-25.el7.s390", "7Workstation:curl-debuginfo-0:7.29.0-25.el7.s390x", "7Workstation:curl-debuginfo-0:7.29.0-25.el7.x86_64", "7Workstation:libcurl-0:7.29.0-25.el7.aarch64", "7Workstation:libcurl-0:7.29.0-25.el7.i686", "7Workstation:libcurl-0:7.29.0-25.el7.ppc", "7Workstation:libcurl-0:7.29.0-25.el7.ppc64", "7Workstation:libcurl-0:7.29.0-25.el7.ppc64le", "7Workstation:libcurl-0:7.29.0-25.el7.s390", "7Workstation:libcurl-0:7.29.0-25.el7.s390x", "7Workstation:libcurl-0:7.29.0-25.el7.x86_64", "7Workstation:libcurl-devel-0:7.29.0-25.el7.aarch64", "7Workstation:libcurl-devel-0:7.29.0-25.el7.i686", "7Workstation:libcurl-devel-0:7.29.0-25.el7.ppc", "7Workstation:libcurl-devel-0:7.29.0-25.el7.ppc64", "7Workstation:libcurl-devel-0:7.29.0-25.el7.ppc64le", "7Workstation:libcurl-devel-0:7.29.0-25.el7.s390", "7Workstation:libcurl-devel-0:7.29.0-25.el7.s390x", "7Workstation:libcurl-devel-0:7.29.0-25.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "curl: incorrect handling of IP addresses in cookie domain" }, { "acknowledgments": [ { "names": [ "cURL project" ] }, { "names": [ "Symeon Paraschoudis" ], "summary": "Acknowledged by upstream." } ], "cve": "CVE-2014-3707", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "discovery_date": "2014-10-20T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1154941" } ], "notes": [ { "category": "description", "text": "A flaw was found in the way the libcurl library performed the duplication of connection handles. If an application set the CURLOPT_COPYPOSTFIELDS option for a handle, using the handle\u0027s duplicate could cause the application to crash or disclose a portion of its memory.", "title": "Vulnerability description" }, { "category": "summary", "text": "curl: incorrect handle duplication after COPYPOSTFIELDS", "title": "Vulnerability summary" }, { "category": "other", "text": "This issue does not affect the versions of curl as shipped with Red Hat Enterprise Linux 5.\n\nNote that there are no applications provided with Red Hat Enterprise Linux that use the vulnerable CURLOPT_COPYPOSTFIELDS option, except PHP which could only be affected if used in an extremely unlikely scenario or via the script\u0027s author.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Client-optional:curl-0:7.29.0-25.el7.aarch64", "7Client-optional:curl-0:7.29.0-25.el7.ppc64", "7Client-optional:curl-0:7.29.0-25.el7.ppc64le", "7Client-optional:curl-0:7.29.0-25.el7.s390x", "7Client-optional:curl-0:7.29.0-25.el7.src", "7Client-optional:curl-0:7.29.0-25.el7.x86_64", "7Client-optional:curl-debuginfo-0:7.29.0-25.el7.aarch64", "7Client-optional:curl-debuginfo-0:7.29.0-25.el7.i686", "7Client-optional:curl-debuginfo-0:7.29.0-25.el7.ppc", "7Client-optional:curl-debuginfo-0:7.29.0-25.el7.ppc64", "7Client-optional:curl-debuginfo-0:7.29.0-25.el7.ppc64le", "7Client-optional:curl-debuginfo-0:7.29.0-25.el7.s390", "7Client-optional:curl-debuginfo-0:7.29.0-25.el7.s390x", "7Client-optional:curl-debuginfo-0:7.29.0-25.el7.x86_64", "7Client-optional:libcurl-0:7.29.0-25.el7.aarch64", "7Client-optional:libcurl-0:7.29.0-25.el7.i686", "7Client-optional:libcurl-0:7.29.0-25.el7.ppc", "7Client-optional:libcurl-0:7.29.0-25.el7.ppc64", "7Client-optional:libcurl-0:7.29.0-25.el7.ppc64le", "7Client-optional:libcurl-0:7.29.0-25.el7.s390", "7Client-optional:libcurl-0:7.29.0-25.el7.s390x", "7Client-optional:libcurl-0:7.29.0-25.el7.x86_64", "7Client-optional:libcurl-devel-0:7.29.0-25.el7.aarch64", "7Client-optional:libcurl-devel-0:7.29.0-25.el7.i686", "7Client-optional:libcurl-devel-0:7.29.0-25.el7.ppc", "7Client-optional:libcurl-devel-0:7.29.0-25.el7.ppc64", "7Client-optional:libcurl-devel-0:7.29.0-25.el7.ppc64le", "7Client-optional:libcurl-devel-0:7.29.0-25.el7.s390", "7Client-optional:libcurl-devel-0:7.29.0-25.el7.s390x", "7Client-optional:libcurl-devel-0:7.29.0-25.el7.x86_64", "7Client:curl-0:7.29.0-25.el7.aarch64", "7Client:curl-0:7.29.0-25.el7.ppc64", "7Client:curl-0:7.29.0-25.el7.ppc64le", "7Client:curl-0:7.29.0-25.el7.s390x", "7Client:curl-0:7.29.0-25.el7.src", "7Client:curl-0:7.29.0-25.el7.x86_64", "7Client:curl-debuginfo-0:7.29.0-25.el7.aarch64", "7Client:curl-debuginfo-0:7.29.0-25.el7.i686", "7Client:curl-debuginfo-0:7.29.0-25.el7.ppc", "7Client:curl-debuginfo-0:7.29.0-25.el7.ppc64", "7Client:curl-debuginfo-0:7.29.0-25.el7.ppc64le", "7Client:curl-debuginfo-0:7.29.0-25.el7.s390", "7Client:curl-debuginfo-0:7.29.0-25.el7.s390x", "7Client:curl-debuginfo-0:7.29.0-25.el7.x86_64", "7Client:libcurl-0:7.29.0-25.el7.aarch64", "7Client:libcurl-0:7.29.0-25.el7.i686", "7Client:libcurl-0:7.29.0-25.el7.ppc", "7Client:libcurl-0:7.29.0-25.el7.ppc64", "7Client:libcurl-0:7.29.0-25.el7.ppc64le", "7Client:libcurl-0:7.29.0-25.el7.s390", "7Client:libcurl-0:7.29.0-25.el7.s390x", "7Client:libcurl-0:7.29.0-25.el7.x86_64", "7Client:libcurl-devel-0:7.29.0-25.el7.aarch64", "7Client:libcurl-devel-0:7.29.0-25.el7.i686", "7Client:libcurl-devel-0:7.29.0-25.el7.ppc", "7Client:libcurl-devel-0:7.29.0-25.el7.ppc64", "7Client:libcurl-devel-0:7.29.0-25.el7.ppc64le", "7Client:libcurl-devel-0:7.29.0-25.el7.s390", "7Client:libcurl-devel-0:7.29.0-25.el7.s390x", "7Client:libcurl-devel-0:7.29.0-25.el7.x86_64", "7ComputeNode-optional:curl-0:7.29.0-25.el7.aarch64", "7ComputeNode-optional:curl-0:7.29.0-25.el7.ppc64", "7ComputeNode-optional:curl-0:7.29.0-25.el7.ppc64le", "7ComputeNode-optional:curl-0:7.29.0-25.el7.s390x", "7ComputeNode-optional:curl-0:7.29.0-25.el7.src", "7ComputeNode-optional:curl-0:7.29.0-25.el7.x86_64", "7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.aarch64", "7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.i686", "7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.ppc", "7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.ppc64", "7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.ppc64le", "7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.s390", "7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.s390x", "7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.x86_64", "7ComputeNode-optional:libcurl-0:7.29.0-25.el7.aarch64", "7ComputeNode-optional:libcurl-0:7.29.0-25.el7.i686", "7ComputeNode-optional:libcurl-0:7.29.0-25.el7.ppc", "7ComputeNode-optional:libcurl-0:7.29.0-25.el7.ppc64", "7ComputeNode-optional:libcurl-0:7.29.0-25.el7.ppc64le", "7ComputeNode-optional:libcurl-0:7.29.0-25.el7.s390", "7ComputeNode-optional:libcurl-0:7.29.0-25.el7.s390x", "7ComputeNode-optional:libcurl-0:7.29.0-25.el7.x86_64", "7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.aarch64", "7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.i686", "7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.ppc", "7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.ppc64", "7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.ppc64le", "7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.s390", "7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.s390x", "7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.x86_64", "7ComputeNode:curl-0:7.29.0-25.el7.aarch64", "7ComputeNode:curl-0:7.29.0-25.el7.ppc64", "7ComputeNode:curl-0:7.29.0-25.el7.ppc64le", "7ComputeNode:curl-0:7.29.0-25.el7.s390x", "7ComputeNode:curl-0:7.29.0-25.el7.src", "7ComputeNode:curl-0:7.29.0-25.el7.x86_64", "7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.aarch64", "7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.i686", "7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.ppc", "7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.ppc64", "7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.ppc64le", "7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.s390", "7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.s390x", "7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.x86_64", "7ComputeNode:libcurl-0:7.29.0-25.el7.aarch64", "7ComputeNode:libcurl-0:7.29.0-25.el7.i686", "7ComputeNode:libcurl-0:7.29.0-25.el7.ppc", "7ComputeNode:libcurl-0:7.29.0-25.el7.ppc64", "7ComputeNode:libcurl-0:7.29.0-25.el7.ppc64le", "7ComputeNode:libcurl-0:7.29.0-25.el7.s390", "7ComputeNode:libcurl-0:7.29.0-25.el7.s390x", "7ComputeNode:libcurl-0:7.29.0-25.el7.x86_64", "7ComputeNode:libcurl-devel-0:7.29.0-25.el7.aarch64", "7ComputeNode:libcurl-devel-0:7.29.0-25.el7.i686", "7ComputeNode:libcurl-devel-0:7.29.0-25.el7.ppc", "7ComputeNode:libcurl-devel-0:7.29.0-25.el7.ppc64", "7ComputeNode:libcurl-devel-0:7.29.0-25.el7.ppc64le", "7ComputeNode:libcurl-devel-0:7.29.0-25.el7.s390", "7ComputeNode:libcurl-devel-0:7.29.0-25.el7.s390x", "7ComputeNode:libcurl-devel-0:7.29.0-25.el7.x86_64", "7Server:curl-0:7.29.0-25.el7.aarch64", "7Server:curl-0:7.29.0-25.el7.ppc64", "7Server:curl-0:7.29.0-25.el7.ppc64le", "7Server:curl-0:7.29.0-25.el7.s390x", "7Server:curl-0:7.29.0-25.el7.src", "7Server:curl-0:7.29.0-25.el7.x86_64", "7Server:curl-debuginfo-0:7.29.0-25.el7.aarch64", "7Server:curl-debuginfo-0:7.29.0-25.el7.i686", "7Server:curl-debuginfo-0:7.29.0-25.el7.ppc", "7Server:curl-debuginfo-0:7.29.0-25.el7.ppc64", "7Server:curl-debuginfo-0:7.29.0-25.el7.ppc64le", "7Server:curl-debuginfo-0:7.29.0-25.el7.s390", "7Server:curl-debuginfo-0:7.29.0-25.el7.s390x", "7Server:curl-debuginfo-0:7.29.0-25.el7.x86_64", "7Server:libcurl-0:7.29.0-25.el7.aarch64", "7Server:libcurl-0:7.29.0-25.el7.i686", "7Server:libcurl-0:7.29.0-25.el7.ppc", "7Server:libcurl-0:7.29.0-25.el7.ppc64", "7Server:libcurl-0:7.29.0-25.el7.ppc64le", "7Server:libcurl-0:7.29.0-25.el7.s390", "7Server:libcurl-0:7.29.0-25.el7.s390x", "7Server:libcurl-0:7.29.0-25.el7.x86_64", "7Server:libcurl-devel-0:7.29.0-25.el7.aarch64", "7Server:libcurl-devel-0:7.29.0-25.el7.i686", "7Server:libcurl-devel-0:7.29.0-25.el7.ppc", "7Server:libcurl-devel-0:7.29.0-25.el7.ppc64", "7Server:libcurl-devel-0:7.29.0-25.el7.ppc64le", "7Server:libcurl-devel-0:7.29.0-25.el7.s390", "7Server:libcurl-devel-0:7.29.0-25.el7.s390x", "7Server:libcurl-devel-0:7.29.0-25.el7.x86_64", "7Workstation:curl-0:7.29.0-25.el7.aarch64", "7Workstation:curl-0:7.29.0-25.el7.ppc64", "7Workstation:curl-0:7.29.0-25.el7.ppc64le", "7Workstation:curl-0:7.29.0-25.el7.s390x", "7Workstation:curl-0:7.29.0-25.el7.src", "7Workstation:curl-0:7.29.0-25.el7.x86_64", "7Workstation:curl-debuginfo-0:7.29.0-25.el7.aarch64", "7Workstation:curl-debuginfo-0:7.29.0-25.el7.i686", "7Workstation:curl-debuginfo-0:7.29.0-25.el7.ppc", "7Workstation:curl-debuginfo-0:7.29.0-25.el7.ppc64", "7Workstation:curl-debuginfo-0:7.29.0-25.el7.ppc64le", "7Workstation:curl-debuginfo-0:7.29.0-25.el7.s390", "7Workstation:curl-debuginfo-0:7.29.0-25.el7.s390x", "7Workstation:curl-debuginfo-0:7.29.0-25.el7.x86_64", "7Workstation:libcurl-0:7.29.0-25.el7.aarch64", "7Workstation:libcurl-0:7.29.0-25.el7.i686", "7Workstation:libcurl-0:7.29.0-25.el7.ppc", "7Workstation:libcurl-0:7.29.0-25.el7.ppc64", "7Workstation:libcurl-0:7.29.0-25.el7.ppc64le", "7Workstation:libcurl-0:7.29.0-25.el7.s390", "7Workstation:libcurl-0:7.29.0-25.el7.s390x", "7Workstation:libcurl-0:7.29.0-25.el7.x86_64", "7Workstation:libcurl-devel-0:7.29.0-25.el7.aarch64", "7Workstation:libcurl-devel-0:7.29.0-25.el7.i686", "7Workstation:libcurl-devel-0:7.29.0-25.el7.ppc", "7Workstation:libcurl-devel-0:7.29.0-25.el7.ppc64", "7Workstation:libcurl-devel-0:7.29.0-25.el7.ppc64le", "7Workstation:libcurl-devel-0:7.29.0-25.el7.s390", "7Workstation:libcurl-devel-0:7.29.0-25.el7.s390x", "7Workstation:libcurl-devel-0:7.29.0-25.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2014-3707" }, { "category": "external", "summary": "RHBZ#1154941", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1154941" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2014-3707", "url": "https://www.cve.org/CVERecord?id=CVE-2014-3707" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-3707", "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-3707" }, { "category": "external", "summary": "http://curl.haxx.se/docs/adv_20141105.html", "url": "http://curl.haxx.se/docs/adv_20141105.html" } ], "release_date": "2014-11-05T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2015-11-19T03:26:18+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Client-optional:curl-0:7.29.0-25.el7.aarch64", "7Client-optional:curl-0:7.29.0-25.el7.ppc64", "7Client-optional:curl-0:7.29.0-25.el7.ppc64le", "7Client-optional:curl-0:7.29.0-25.el7.s390x", "7Client-optional:curl-0:7.29.0-25.el7.src", "7Client-optional:curl-0:7.29.0-25.el7.x86_64", "7Client-optional:curl-debuginfo-0:7.29.0-25.el7.aarch64", "7Client-optional:curl-debuginfo-0:7.29.0-25.el7.i686", "7Client-optional:curl-debuginfo-0:7.29.0-25.el7.ppc", "7Client-optional:curl-debuginfo-0:7.29.0-25.el7.ppc64", "7Client-optional:curl-debuginfo-0:7.29.0-25.el7.ppc64le", "7Client-optional:curl-debuginfo-0:7.29.0-25.el7.s390", "7Client-optional:curl-debuginfo-0:7.29.0-25.el7.s390x", "7Client-optional:curl-debuginfo-0:7.29.0-25.el7.x86_64", "7Client-optional:libcurl-0:7.29.0-25.el7.aarch64", "7Client-optional:libcurl-0:7.29.0-25.el7.i686", "7Client-optional:libcurl-0:7.29.0-25.el7.ppc", "7Client-optional:libcurl-0:7.29.0-25.el7.ppc64", "7Client-optional:libcurl-0:7.29.0-25.el7.ppc64le", "7Client-optional:libcurl-0:7.29.0-25.el7.s390", "7Client-optional:libcurl-0:7.29.0-25.el7.s390x", "7Client-optional:libcurl-0:7.29.0-25.el7.x86_64", "7Client-optional:libcurl-devel-0:7.29.0-25.el7.aarch64", "7Client-optional:libcurl-devel-0:7.29.0-25.el7.i686", "7Client-optional:libcurl-devel-0:7.29.0-25.el7.ppc", "7Client-optional:libcurl-devel-0:7.29.0-25.el7.ppc64", "7Client-optional:libcurl-devel-0:7.29.0-25.el7.ppc64le", "7Client-optional:libcurl-devel-0:7.29.0-25.el7.s390", "7Client-optional:libcurl-devel-0:7.29.0-25.el7.s390x", "7Client-optional:libcurl-devel-0:7.29.0-25.el7.x86_64", "7Client:curl-0:7.29.0-25.el7.aarch64", "7Client:curl-0:7.29.0-25.el7.ppc64", "7Client:curl-0:7.29.0-25.el7.ppc64le", "7Client:curl-0:7.29.0-25.el7.s390x", "7Client:curl-0:7.29.0-25.el7.src", "7Client:curl-0:7.29.0-25.el7.x86_64", "7Client:curl-debuginfo-0:7.29.0-25.el7.aarch64", "7Client:curl-debuginfo-0:7.29.0-25.el7.i686", "7Client:curl-debuginfo-0:7.29.0-25.el7.ppc", "7Client:curl-debuginfo-0:7.29.0-25.el7.ppc64", "7Client:curl-debuginfo-0:7.29.0-25.el7.ppc64le", "7Client:curl-debuginfo-0:7.29.0-25.el7.s390", "7Client:curl-debuginfo-0:7.29.0-25.el7.s390x", "7Client:curl-debuginfo-0:7.29.0-25.el7.x86_64", "7Client:libcurl-0:7.29.0-25.el7.aarch64", "7Client:libcurl-0:7.29.0-25.el7.i686", "7Client:libcurl-0:7.29.0-25.el7.ppc", "7Client:libcurl-0:7.29.0-25.el7.ppc64", "7Client:libcurl-0:7.29.0-25.el7.ppc64le", "7Client:libcurl-0:7.29.0-25.el7.s390", "7Client:libcurl-0:7.29.0-25.el7.s390x", "7Client:libcurl-0:7.29.0-25.el7.x86_64", "7Client:libcurl-devel-0:7.29.0-25.el7.aarch64", "7Client:libcurl-devel-0:7.29.0-25.el7.i686", "7Client:libcurl-devel-0:7.29.0-25.el7.ppc", "7Client:libcurl-devel-0:7.29.0-25.el7.ppc64", "7Client:libcurl-devel-0:7.29.0-25.el7.ppc64le", "7Client:libcurl-devel-0:7.29.0-25.el7.s390", "7Client:libcurl-devel-0:7.29.0-25.el7.s390x", "7Client:libcurl-devel-0:7.29.0-25.el7.x86_64", "7ComputeNode-optional:curl-0:7.29.0-25.el7.aarch64", "7ComputeNode-optional:curl-0:7.29.0-25.el7.ppc64", "7ComputeNode-optional:curl-0:7.29.0-25.el7.ppc64le", "7ComputeNode-optional:curl-0:7.29.0-25.el7.s390x", "7ComputeNode-optional:curl-0:7.29.0-25.el7.src", "7ComputeNode-optional:curl-0:7.29.0-25.el7.x86_64", "7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.aarch64", "7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.i686", "7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.ppc", "7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.ppc64", "7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.ppc64le", "7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.s390", "7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.s390x", "7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.x86_64", "7ComputeNode-optional:libcurl-0:7.29.0-25.el7.aarch64", "7ComputeNode-optional:libcurl-0:7.29.0-25.el7.i686", "7ComputeNode-optional:libcurl-0:7.29.0-25.el7.ppc", "7ComputeNode-optional:libcurl-0:7.29.0-25.el7.ppc64", "7ComputeNode-optional:libcurl-0:7.29.0-25.el7.ppc64le", "7ComputeNode-optional:libcurl-0:7.29.0-25.el7.s390", "7ComputeNode-optional:libcurl-0:7.29.0-25.el7.s390x", "7ComputeNode-optional:libcurl-0:7.29.0-25.el7.x86_64", "7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.aarch64", "7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.i686", "7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.ppc", "7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.ppc64", "7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.ppc64le", "7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.s390", "7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.s390x", "7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.x86_64", "7ComputeNode:curl-0:7.29.0-25.el7.aarch64", "7ComputeNode:curl-0:7.29.0-25.el7.ppc64", "7ComputeNode:curl-0:7.29.0-25.el7.ppc64le", "7ComputeNode:curl-0:7.29.0-25.el7.s390x", "7ComputeNode:curl-0:7.29.0-25.el7.src", "7ComputeNode:curl-0:7.29.0-25.el7.x86_64", "7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.aarch64", "7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.i686", "7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.ppc", "7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.ppc64", "7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.ppc64le", "7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.s390", "7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.s390x", "7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.x86_64", "7ComputeNode:libcurl-0:7.29.0-25.el7.aarch64", "7ComputeNode:libcurl-0:7.29.0-25.el7.i686", "7ComputeNode:libcurl-0:7.29.0-25.el7.ppc", "7ComputeNode:libcurl-0:7.29.0-25.el7.ppc64", "7ComputeNode:libcurl-0:7.29.0-25.el7.ppc64le", "7ComputeNode:libcurl-0:7.29.0-25.el7.s390", "7ComputeNode:libcurl-0:7.29.0-25.el7.s390x", "7ComputeNode:libcurl-0:7.29.0-25.el7.x86_64", "7ComputeNode:libcurl-devel-0:7.29.0-25.el7.aarch64", "7ComputeNode:libcurl-devel-0:7.29.0-25.el7.i686", "7ComputeNode:libcurl-devel-0:7.29.0-25.el7.ppc", "7ComputeNode:libcurl-devel-0:7.29.0-25.el7.ppc64", "7ComputeNode:libcurl-devel-0:7.29.0-25.el7.ppc64le", "7ComputeNode:libcurl-devel-0:7.29.0-25.el7.s390", "7ComputeNode:libcurl-devel-0:7.29.0-25.el7.s390x", "7ComputeNode:libcurl-devel-0:7.29.0-25.el7.x86_64", "7Server:curl-0:7.29.0-25.el7.aarch64", "7Server:curl-0:7.29.0-25.el7.ppc64", "7Server:curl-0:7.29.0-25.el7.ppc64le", "7Server:curl-0:7.29.0-25.el7.s390x", "7Server:curl-0:7.29.0-25.el7.src", "7Server:curl-0:7.29.0-25.el7.x86_64", "7Server:curl-debuginfo-0:7.29.0-25.el7.aarch64", "7Server:curl-debuginfo-0:7.29.0-25.el7.i686", "7Server:curl-debuginfo-0:7.29.0-25.el7.ppc", "7Server:curl-debuginfo-0:7.29.0-25.el7.ppc64", "7Server:curl-debuginfo-0:7.29.0-25.el7.ppc64le", "7Server:curl-debuginfo-0:7.29.0-25.el7.s390", "7Server:curl-debuginfo-0:7.29.0-25.el7.s390x", "7Server:curl-debuginfo-0:7.29.0-25.el7.x86_64", "7Server:libcurl-0:7.29.0-25.el7.aarch64", "7Server:libcurl-0:7.29.0-25.el7.i686", "7Server:libcurl-0:7.29.0-25.el7.ppc", "7Server:libcurl-0:7.29.0-25.el7.ppc64", "7Server:libcurl-0:7.29.0-25.el7.ppc64le", "7Server:libcurl-0:7.29.0-25.el7.s390", "7Server:libcurl-0:7.29.0-25.el7.s390x", "7Server:libcurl-0:7.29.0-25.el7.x86_64", "7Server:libcurl-devel-0:7.29.0-25.el7.aarch64", "7Server:libcurl-devel-0:7.29.0-25.el7.i686", "7Server:libcurl-devel-0:7.29.0-25.el7.ppc", "7Server:libcurl-devel-0:7.29.0-25.el7.ppc64", "7Server:libcurl-devel-0:7.29.0-25.el7.ppc64le", "7Server:libcurl-devel-0:7.29.0-25.el7.s390", "7Server:libcurl-devel-0:7.29.0-25.el7.s390x", "7Server:libcurl-devel-0:7.29.0-25.el7.x86_64", "7Workstation:curl-0:7.29.0-25.el7.aarch64", "7Workstation:curl-0:7.29.0-25.el7.ppc64", "7Workstation:curl-0:7.29.0-25.el7.ppc64le", "7Workstation:curl-0:7.29.0-25.el7.s390x", "7Workstation:curl-0:7.29.0-25.el7.src", "7Workstation:curl-0:7.29.0-25.el7.x86_64", "7Workstation:curl-debuginfo-0:7.29.0-25.el7.aarch64", "7Workstation:curl-debuginfo-0:7.29.0-25.el7.i686", "7Workstation:curl-debuginfo-0:7.29.0-25.el7.ppc", "7Workstation:curl-debuginfo-0:7.29.0-25.el7.ppc64", "7Workstation:curl-debuginfo-0:7.29.0-25.el7.ppc64le", "7Workstation:curl-debuginfo-0:7.29.0-25.el7.s390", "7Workstation:curl-debuginfo-0:7.29.0-25.el7.s390x", "7Workstation:curl-debuginfo-0:7.29.0-25.el7.x86_64", "7Workstation:libcurl-0:7.29.0-25.el7.aarch64", "7Workstation:libcurl-0:7.29.0-25.el7.i686", "7Workstation:libcurl-0:7.29.0-25.el7.ppc", "7Workstation:libcurl-0:7.29.0-25.el7.ppc64", "7Workstation:libcurl-0:7.29.0-25.el7.ppc64le", "7Workstation:libcurl-0:7.29.0-25.el7.s390", "7Workstation:libcurl-0:7.29.0-25.el7.s390x", "7Workstation:libcurl-0:7.29.0-25.el7.x86_64", "7Workstation:libcurl-devel-0:7.29.0-25.el7.aarch64", "7Workstation:libcurl-devel-0:7.29.0-25.el7.i686", "7Workstation:libcurl-devel-0:7.29.0-25.el7.ppc", "7Workstation:libcurl-devel-0:7.29.0-25.el7.ppc64", "7Workstation:libcurl-devel-0:7.29.0-25.el7.ppc64le", "7Workstation:libcurl-devel-0:7.29.0-25.el7.s390", "7Workstation:libcurl-devel-0:7.29.0-25.el7.s390x", "7Workstation:libcurl-devel-0:7.29.0-25.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2015:2159" } ], "scores": [ { "cvss_v2": { "accessComplexity": "HIGH", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:H/Au:N/C:P/I:N/A:P", "version": "2.0" }, "products": [ "7Client-optional:curl-0:7.29.0-25.el7.aarch64", "7Client-optional:curl-0:7.29.0-25.el7.ppc64", "7Client-optional:curl-0:7.29.0-25.el7.ppc64le", "7Client-optional:curl-0:7.29.0-25.el7.s390x", "7Client-optional:curl-0:7.29.0-25.el7.src", "7Client-optional:curl-0:7.29.0-25.el7.x86_64", "7Client-optional:curl-debuginfo-0:7.29.0-25.el7.aarch64", "7Client-optional:curl-debuginfo-0:7.29.0-25.el7.i686", "7Client-optional:curl-debuginfo-0:7.29.0-25.el7.ppc", "7Client-optional:curl-debuginfo-0:7.29.0-25.el7.ppc64", "7Client-optional:curl-debuginfo-0:7.29.0-25.el7.ppc64le", "7Client-optional:curl-debuginfo-0:7.29.0-25.el7.s390", "7Client-optional:curl-debuginfo-0:7.29.0-25.el7.s390x", "7Client-optional:curl-debuginfo-0:7.29.0-25.el7.x86_64", "7Client-optional:libcurl-0:7.29.0-25.el7.aarch64", "7Client-optional:libcurl-0:7.29.0-25.el7.i686", "7Client-optional:libcurl-0:7.29.0-25.el7.ppc", "7Client-optional:libcurl-0:7.29.0-25.el7.ppc64", "7Client-optional:libcurl-0:7.29.0-25.el7.ppc64le", "7Client-optional:libcurl-0:7.29.0-25.el7.s390", "7Client-optional:libcurl-0:7.29.0-25.el7.s390x", "7Client-optional:libcurl-0:7.29.0-25.el7.x86_64", "7Client-optional:libcurl-devel-0:7.29.0-25.el7.aarch64", "7Client-optional:libcurl-devel-0:7.29.0-25.el7.i686", "7Client-optional:libcurl-devel-0:7.29.0-25.el7.ppc", "7Client-optional:libcurl-devel-0:7.29.0-25.el7.ppc64", "7Client-optional:libcurl-devel-0:7.29.0-25.el7.ppc64le", "7Client-optional:libcurl-devel-0:7.29.0-25.el7.s390", "7Client-optional:libcurl-devel-0:7.29.0-25.el7.s390x", "7Client-optional:libcurl-devel-0:7.29.0-25.el7.x86_64", "7Client:curl-0:7.29.0-25.el7.aarch64", "7Client:curl-0:7.29.0-25.el7.ppc64", "7Client:curl-0:7.29.0-25.el7.ppc64le", "7Client:curl-0:7.29.0-25.el7.s390x", "7Client:curl-0:7.29.0-25.el7.src", "7Client:curl-0:7.29.0-25.el7.x86_64", "7Client:curl-debuginfo-0:7.29.0-25.el7.aarch64", "7Client:curl-debuginfo-0:7.29.0-25.el7.i686", "7Client:curl-debuginfo-0:7.29.0-25.el7.ppc", "7Client:curl-debuginfo-0:7.29.0-25.el7.ppc64", "7Client:curl-debuginfo-0:7.29.0-25.el7.ppc64le", "7Client:curl-debuginfo-0:7.29.0-25.el7.s390", "7Client:curl-debuginfo-0:7.29.0-25.el7.s390x", "7Client:curl-debuginfo-0:7.29.0-25.el7.x86_64", "7Client:libcurl-0:7.29.0-25.el7.aarch64", "7Client:libcurl-0:7.29.0-25.el7.i686", "7Client:libcurl-0:7.29.0-25.el7.ppc", "7Client:libcurl-0:7.29.0-25.el7.ppc64", "7Client:libcurl-0:7.29.0-25.el7.ppc64le", "7Client:libcurl-0:7.29.0-25.el7.s390", "7Client:libcurl-0:7.29.0-25.el7.s390x", "7Client:libcurl-0:7.29.0-25.el7.x86_64", "7Client:libcurl-devel-0:7.29.0-25.el7.aarch64", "7Client:libcurl-devel-0:7.29.0-25.el7.i686", "7Client:libcurl-devel-0:7.29.0-25.el7.ppc", "7Client:libcurl-devel-0:7.29.0-25.el7.ppc64", "7Client:libcurl-devel-0:7.29.0-25.el7.ppc64le", "7Client:libcurl-devel-0:7.29.0-25.el7.s390", "7Client:libcurl-devel-0:7.29.0-25.el7.s390x", "7Client:libcurl-devel-0:7.29.0-25.el7.x86_64", "7ComputeNode-optional:curl-0:7.29.0-25.el7.aarch64", "7ComputeNode-optional:curl-0:7.29.0-25.el7.ppc64", "7ComputeNode-optional:curl-0:7.29.0-25.el7.ppc64le", "7ComputeNode-optional:curl-0:7.29.0-25.el7.s390x", "7ComputeNode-optional:curl-0:7.29.0-25.el7.src", "7ComputeNode-optional:curl-0:7.29.0-25.el7.x86_64", "7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.aarch64", "7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.i686", "7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.ppc", "7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.ppc64", "7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.ppc64le", "7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.s390", "7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.s390x", "7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.x86_64", "7ComputeNode-optional:libcurl-0:7.29.0-25.el7.aarch64", "7ComputeNode-optional:libcurl-0:7.29.0-25.el7.i686", "7ComputeNode-optional:libcurl-0:7.29.0-25.el7.ppc", "7ComputeNode-optional:libcurl-0:7.29.0-25.el7.ppc64", "7ComputeNode-optional:libcurl-0:7.29.0-25.el7.ppc64le", "7ComputeNode-optional:libcurl-0:7.29.0-25.el7.s390", "7ComputeNode-optional:libcurl-0:7.29.0-25.el7.s390x", "7ComputeNode-optional:libcurl-0:7.29.0-25.el7.x86_64", "7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.aarch64", "7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.i686", "7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.ppc", "7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.ppc64", "7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.ppc64le", "7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.s390", "7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.s390x", "7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.x86_64", "7ComputeNode:curl-0:7.29.0-25.el7.aarch64", "7ComputeNode:curl-0:7.29.0-25.el7.ppc64", "7ComputeNode:curl-0:7.29.0-25.el7.ppc64le", "7ComputeNode:curl-0:7.29.0-25.el7.s390x", "7ComputeNode:curl-0:7.29.0-25.el7.src", "7ComputeNode:curl-0:7.29.0-25.el7.x86_64", "7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.aarch64", "7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.i686", "7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.ppc", "7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.ppc64", "7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.ppc64le", "7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.s390", "7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.s390x", "7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.x86_64", "7ComputeNode:libcurl-0:7.29.0-25.el7.aarch64", "7ComputeNode:libcurl-0:7.29.0-25.el7.i686", "7ComputeNode:libcurl-0:7.29.0-25.el7.ppc", "7ComputeNode:libcurl-0:7.29.0-25.el7.ppc64", "7ComputeNode:libcurl-0:7.29.0-25.el7.ppc64le", "7ComputeNode:libcurl-0:7.29.0-25.el7.s390", "7ComputeNode:libcurl-0:7.29.0-25.el7.s390x", "7ComputeNode:libcurl-0:7.29.0-25.el7.x86_64", "7ComputeNode:libcurl-devel-0:7.29.0-25.el7.aarch64", "7ComputeNode:libcurl-devel-0:7.29.0-25.el7.i686", "7ComputeNode:libcurl-devel-0:7.29.0-25.el7.ppc", "7ComputeNode:libcurl-devel-0:7.29.0-25.el7.ppc64", "7ComputeNode:libcurl-devel-0:7.29.0-25.el7.ppc64le", "7ComputeNode:libcurl-devel-0:7.29.0-25.el7.s390", "7ComputeNode:libcurl-devel-0:7.29.0-25.el7.s390x", "7ComputeNode:libcurl-devel-0:7.29.0-25.el7.x86_64", "7Server:curl-0:7.29.0-25.el7.aarch64", "7Server:curl-0:7.29.0-25.el7.ppc64", "7Server:curl-0:7.29.0-25.el7.ppc64le", "7Server:curl-0:7.29.0-25.el7.s390x", "7Server:curl-0:7.29.0-25.el7.src", "7Server:curl-0:7.29.0-25.el7.x86_64", "7Server:curl-debuginfo-0:7.29.0-25.el7.aarch64", "7Server:curl-debuginfo-0:7.29.0-25.el7.i686", "7Server:curl-debuginfo-0:7.29.0-25.el7.ppc", "7Server:curl-debuginfo-0:7.29.0-25.el7.ppc64", "7Server:curl-debuginfo-0:7.29.0-25.el7.ppc64le", "7Server:curl-debuginfo-0:7.29.0-25.el7.s390", "7Server:curl-debuginfo-0:7.29.0-25.el7.s390x", "7Server:curl-debuginfo-0:7.29.0-25.el7.x86_64", "7Server:libcurl-0:7.29.0-25.el7.aarch64", "7Server:libcurl-0:7.29.0-25.el7.i686", "7Server:libcurl-0:7.29.0-25.el7.ppc", "7Server:libcurl-0:7.29.0-25.el7.ppc64", "7Server:libcurl-0:7.29.0-25.el7.ppc64le", "7Server:libcurl-0:7.29.0-25.el7.s390", "7Server:libcurl-0:7.29.0-25.el7.s390x", "7Server:libcurl-0:7.29.0-25.el7.x86_64", "7Server:libcurl-devel-0:7.29.0-25.el7.aarch64", "7Server:libcurl-devel-0:7.29.0-25.el7.i686", "7Server:libcurl-devel-0:7.29.0-25.el7.ppc", "7Server:libcurl-devel-0:7.29.0-25.el7.ppc64", "7Server:libcurl-devel-0:7.29.0-25.el7.ppc64le", "7Server:libcurl-devel-0:7.29.0-25.el7.s390", "7Server:libcurl-devel-0:7.29.0-25.el7.s390x", "7Server:libcurl-devel-0:7.29.0-25.el7.x86_64", "7Workstation:curl-0:7.29.0-25.el7.aarch64", "7Workstation:curl-0:7.29.0-25.el7.ppc64", "7Workstation:curl-0:7.29.0-25.el7.ppc64le", "7Workstation:curl-0:7.29.0-25.el7.s390x", "7Workstation:curl-0:7.29.0-25.el7.src", "7Workstation:curl-0:7.29.0-25.el7.x86_64", "7Workstation:curl-debuginfo-0:7.29.0-25.el7.aarch64", "7Workstation:curl-debuginfo-0:7.29.0-25.el7.i686", "7Workstation:curl-debuginfo-0:7.29.0-25.el7.ppc", "7Workstation:curl-debuginfo-0:7.29.0-25.el7.ppc64", "7Workstation:curl-debuginfo-0:7.29.0-25.el7.ppc64le", "7Workstation:curl-debuginfo-0:7.29.0-25.el7.s390", "7Workstation:curl-debuginfo-0:7.29.0-25.el7.s390x", "7Workstation:curl-debuginfo-0:7.29.0-25.el7.x86_64", "7Workstation:libcurl-0:7.29.0-25.el7.aarch64", "7Workstation:libcurl-0:7.29.0-25.el7.i686", "7Workstation:libcurl-0:7.29.0-25.el7.ppc", "7Workstation:libcurl-0:7.29.0-25.el7.ppc64", "7Workstation:libcurl-0:7.29.0-25.el7.ppc64le", "7Workstation:libcurl-0:7.29.0-25.el7.s390", "7Workstation:libcurl-0:7.29.0-25.el7.s390x", "7Workstation:libcurl-0:7.29.0-25.el7.x86_64", "7Workstation:libcurl-devel-0:7.29.0-25.el7.aarch64", "7Workstation:libcurl-devel-0:7.29.0-25.el7.i686", "7Workstation:libcurl-devel-0:7.29.0-25.el7.ppc", "7Workstation:libcurl-devel-0:7.29.0-25.el7.ppc64", "7Workstation:libcurl-devel-0:7.29.0-25.el7.ppc64le", "7Workstation:libcurl-devel-0:7.29.0-25.el7.s390", "7Workstation:libcurl-devel-0:7.29.0-25.el7.s390x", "7Workstation:libcurl-devel-0:7.29.0-25.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "curl: incorrect handle duplication after COPYPOSTFIELDS" }, { "acknowledgments": [ { "names": [ "cURL project" ] }, { "names": [ "Andrey Labunets" ], "organization": "Facebook", "summary": "Acknowledged by upstream." } ], "cve": "CVE-2014-8150", "cwe": { "id": "CWE-113", "name": "Improper Neutralization of CRLF Sequences in HTTP Headers (\u0027HTTP Request/Response Splitting\u0027)" }, "discovery_date": "2015-01-05T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1178692" } ], "notes": [ { "category": "description", "text": "It was discovered that the libcurl library failed to properly handle URLs with embedded end-of-line characters. An attacker able to make an application using libcurl access a specially crafted URL via an HTTP proxy could use this flaw to inject additional headers to the request or construct additional requests.", "title": "Vulnerability description" }, { "category": "summary", "text": "curl: URL request injection vulnerability in parseurlandfillconn()", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat Enterprise Linux 5 is now in Production 3 Phase of the support and maintenance life cycle. This has been rated as having Moderate security impact and is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Enterprise Linux Life Cycle: https://access.redhat.com/support/policy/updates/errata/.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Client-optional:curl-0:7.29.0-25.el7.aarch64", "7Client-optional:curl-0:7.29.0-25.el7.ppc64", "7Client-optional:curl-0:7.29.0-25.el7.ppc64le", "7Client-optional:curl-0:7.29.0-25.el7.s390x", "7Client-optional:curl-0:7.29.0-25.el7.src", "7Client-optional:curl-0:7.29.0-25.el7.x86_64", "7Client-optional:curl-debuginfo-0:7.29.0-25.el7.aarch64", "7Client-optional:curl-debuginfo-0:7.29.0-25.el7.i686", "7Client-optional:curl-debuginfo-0:7.29.0-25.el7.ppc", "7Client-optional:curl-debuginfo-0:7.29.0-25.el7.ppc64", "7Client-optional:curl-debuginfo-0:7.29.0-25.el7.ppc64le", "7Client-optional:curl-debuginfo-0:7.29.0-25.el7.s390", "7Client-optional:curl-debuginfo-0:7.29.0-25.el7.s390x", "7Client-optional:curl-debuginfo-0:7.29.0-25.el7.x86_64", "7Client-optional:libcurl-0:7.29.0-25.el7.aarch64", "7Client-optional:libcurl-0:7.29.0-25.el7.i686", "7Client-optional:libcurl-0:7.29.0-25.el7.ppc", "7Client-optional:libcurl-0:7.29.0-25.el7.ppc64", "7Client-optional:libcurl-0:7.29.0-25.el7.ppc64le", "7Client-optional:libcurl-0:7.29.0-25.el7.s390", "7Client-optional:libcurl-0:7.29.0-25.el7.s390x", "7Client-optional:libcurl-0:7.29.0-25.el7.x86_64", "7Client-optional:libcurl-devel-0:7.29.0-25.el7.aarch64", "7Client-optional:libcurl-devel-0:7.29.0-25.el7.i686", "7Client-optional:libcurl-devel-0:7.29.0-25.el7.ppc", "7Client-optional:libcurl-devel-0:7.29.0-25.el7.ppc64", "7Client-optional:libcurl-devel-0:7.29.0-25.el7.ppc64le", "7Client-optional:libcurl-devel-0:7.29.0-25.el7.s390", "7Client-optional:libcurl-devel-0:7.29.0-25.el7.s390x", "7Client-optional:libcurl-devel-0:7.29.0-25.el7.x86_64", "7Client:curl-0:7.29.0-25.el7.aarch64", "7Client:curl-0:7.29.0-25.el7.ppc64", "7Client:curl-0:7.29.0-25.el7.ppc64le", "7Client:curl-0:7.29.0-25.el7.s390x", "7Client:curl-0:7.29.0-25.el7.src", "7Client:curl-0:7.29.0-25.el7.x86_64", "7Client:curl-debuginfo-0:7.29.0-25.el7.aarch64", "7Client:curl-debuginfo-0:7.29.0-25.el7.i686", "7Client:curl-debuginfo-0:7.29.0-25.el7.ppc", "7Client:curl-debuginfo-0:7.29.0-25.el7.ppc64", "7Client:curl-debuginfo-0:7.29.0-25.el7.ppc64le", "7Client:curl-debuginfo-0:7.29.0-25.el7.s390", "7Client:curl-debuginfo-0:7.29.0-25.el7.s390x", "7Client:curl-debuginfo-0:7.29.0-25.el7.x86_64", "7Client:libcurl-0:7.29.0-25.el7.aarch64", "7Client:libcurl-0:7.29.0-25.el7.i686", "7Client:libcurl-0:7.29.0-25.el7.ppc", "7Client:libcurl-0:7.29.0-25.el7.ppc64", "7Client:libcurl-0:7.29.0-25.el7.ppc64le", "7Client:libcurl-0:7.29.0-25.el7.s390", "7Client:libcurl-0:7.29.0-25.el7.s390x", "7Client:libcurl-0:7.29.0-25.el7.x86_64", "7Client:libcurl-devel-0:7.29.0-25.el7.aarch64", "7Client:libcurl-devel-0:7.29.0-25.el7.i686", "7Client:libcurl-devel-0:7.29.0-25.el7.ppc", "7Client:libcurl-devel-0:7.29.0-25.el7.ppc64", "7Client:libcurl-devel-0:7.29.0-25.el7.ppc64le", "7Client:libcurl-devel-0:7.29.0-25.el7.s390", "7Client:libcurl-devel-0:7.29.0-25.el7.s390x", "7Client:libcurl-devel-0:7.29.0-25.el7.x86_64", "7ComputeNode-optional:curl-0:7.29.0-25.el7.aarch64", "7ComputeNode-optional:curl-0:7.29.0-25.el7.ppc64", "7ComputeNode-optional:curl-0:7.29.0-25.el7.ppc64le", "7ComputeNode-optional:curl-0:7.29.0-25.el7.s390x", "7ComputeNode-optional:curl-0:7.29.0-25.el7.src", "7ComputeNode-optional:curl-0:7.29.0-25.el7.x86_64", "7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.aarch64", "7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.i686", "7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.ppc", "7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.ppc64", "7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.ppc64le", "7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.s390", "7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.s390x", "7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.x86_64", "7ComputeNode-optional:libcurl-0:7.29.0-25.el7.aarch64", "7ComputeNode-optional:libcurl-0:7.29.0-25.el7.i686", "7ComputeNode-optional:libcurl-0:7.29.0-25.el7.ppc", "7ComputeNode-optional:libcurl-0:7.29.0-25.el7.ppc64", "7ComputeNode-optional:libcurl-0:7.29.0-25.el7.ppc64le", "7ComputeNode-optional:libcurl-0:7.29.0-25.el7.s390", "7ComputeNode-optional:libcurl-0:7.29.0-25.el7.s390x", "7ComputeNode-optional:libcurl-0:7.29.0-25.el7.x86_64", "7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.aarch64", "7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.i686", "7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.ppc", "7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.ppc64", "7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.ppc64le", "7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.s390", "7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.s390x", "7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.x86_64", "7ComputeNode:curl-0:7.29.0-25.el7.aarch64", "7ComputeNode:curl-0:7.29.0-25.el7.ppc64", "7ComputeNode:curl-0:7.29.0-25.el7.ppc64le", "7ComputeNode:curl-0:7.29.0-25.el7.s390x", "7ComputeNode:curl-0:7.29.0-25.el7.src", "7ComputeNode:curl-0:7.29.0-25.el7.x86_64", "7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.aarch64", "7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.i686", "7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.ppc", "7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.ppc64", "7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.ppc64le", "7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.s390", "7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.s390x", "7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.x86_64", "7ComputeNode:libcurl-0:7.29.0-25.el7.aarch64", "7ComputeNode:libcurl-0:7.29.0-25.el7.i686", "7ComputeNode:libcurl-0:7.29.0-25.el7.ppc", "7ComputeNode:libcurl-0:7.29.0-25.el7.ppc64", "7ComputeNode:libcurl-0:7.29.0-25.el7.ppc64le", "7ComputeNode:libcurl-0:7.29.0-25.el7.s390", "7ComputeNode:libcurl-0:7.29.0-25.el7.s390x", "7ComputeNode:libcurl-0:7.29.0-25.el7.x86_64", "7ComputeNode:libcurl-devel-0:7.29.0-25.el7.aarch64", "7ComputeNode:libcurl-devel-0:7.29.0-25.el7.i686", "7ComputeNode:libcurl-devel-0:7.29.0-25.el7.ppc", "7ComputeNode:libcurl-devel-0:7.29.0-25.el7.ppc64", "7ComputeNode:libcurl-devel-0:7.29.0-25.el7.ppc64le", "7ComputeNode:libcurl-devel-0:7.29.0-25.el7.s390", "7ComputeNode:libcurl-devel-0:7.29.0-25.el7.s390x", "7ComputeNode:libcurl-devel-0:7.29.0-25.el7.x86_64", "7Server:curl-0:7.29.0-25.el7.aarch64", "7Server:curl-0:7.29.0-25.el7.ppc64", "7Server:curl-0:7.29.0-25.el7.ppc64le", "7Server:curl-0:7.29.0-25.el7.s390x", "7Server:curl-0:7.29.0-25.el7.src", "7Server:curl-0:7.29.0-25.el7.x86_64", "7Server:curl-debuginfo-0:7.29.0-25.el7.aarch64", "7Server:curl-debuginfo-0:7.29.0-25.el7.i686", "7Server:curl-debuginfo-0:7.29.0-25.el7.ppc", "7Server:curl-debuginfo-0:7.29.0-25.el7.ppc64", "7Server:curl-debuginfo-0:7.29.0-25.el7.ppc64le", "7Server:curl-debuginfo-0:7.29.0-25.el7.s390", "7Server:curl-debuginfo-0:7.29.0-25.el7.s390x", "7Server:curl-debuginfo-0:7.29.0-25.el7.x86_64", "7Server:libcurl-0:7.29.0-25.el7.aarch64", "7Server:libcurl-0:7.29.0-25.el7.i686", "7Server:libcurl-0:7.29.0-25.el7.ppc", "7Server:libcurl-0:7.29.0-25.el7.ppc64", "7Server:libcurl-0:7.29.0-25.el7.ppc64le", "7Server:libcurl-0:7.29.0-25.el7.s390", "7Server:libcurl-0:7.29.0-25.el7.s390x", "7Server:libcurl-0:7.29.0-25.el7.x86_64", "7Server:libcurl-devel-0:7.29.0-25.el7.aarch64", "7Server:libcurl-devel-0:7.29.0-25.el7.i686", "7Server:libcurl-devel-0:7.29.0-25.el7.ppc", "7Server:libcurl-devel-0:7.29.0-25.el7.ppc64", "7Server:libcurl-devel-0:7.29.0-25.el7.ppc64le", "7Server:libcurl-devel-0:7.29.0-25.el7.s390", "7Server:libcurl-devel-0:7.29.0-25.el7.s390x", "7Server:libcurl-devel-0:7.29.0-25.el7.x86_64", "7Workstation:curl-0:7.29.0-25.el7.aarch64", "7Workstation:curl-0:7.29.0-25.el7.ppc64", "7Workstation:curl-0:7.29.0-25.el7.ppc64le", "7Workstation:curl-0:7.29.0-25.el7.s390x", "7Workstation:curl-0:7.29.0-25.el7.src", "7Workstation:curl-0:7.29.0-25.el7.x86_64", "7Workstation:curl-debuginfo-0:7.29.0-25.el7.aarch64", "7Workstation:curl-debuginfo-0:7.29.0-25.el7.i686", "7Workstation:curl-debuginfo-0:7.29.0-25.el7.ppc", "7Workstation:curl-debuginfo-0:7.29.0-25.el7.ppc64", "7Workstation:curl-debuginfo-0:7.29.0-25.el7.ppc64le", "7Workstation:curl-debuginfo-0:7.29.0-25.el7.s390", "7Workstation:curl-debuginfo-0:7.29.0-25.el7.s390x", "7Workstation:curl-debuginfo-0:7.29.0-25.el7.x86_64", "7Workstation:libcurl-0:7.29.0-25.el7.aarch64", "7Workstation:libcurl-0:7.29.0-25.el7.i686", "7Workstation:libcurl-0:7.29.0-25.el7.ppc", "7Workstation:libcurl-0:7.29.0-25.el7.ppc64", "7Workstation:libcurl-0:7.29.0-25.el7.ppc64le", "7Workstation:libcurl-0:7.29.0-25.el7.s390", "7Workstation:libcurl-0:7.29.0-25.el7.s390x", "7Workstation:libcurl-0:7.29.0-25.el7.x86_64", "7Workstation:libcurl-devel-0:7.29.0-25.el7.aarch64", "7Workstation:libcurl-devel-0:7.29.0-25.el7.i686", "7Workstation:libcurl-devel-0:7.29.0-25.el7.ppc", "7Workstation:libcurl-devel-0:7.29.0-25.el7.ppc64", "7Workstation:libcurl-devel-0:7.29.0-25.el7.ppc64le", "7Workstation:libcurl-devel-0:7.29.0-25.el7.s390", "7Workstation:libcurl-devel-0:7.29.0-25.el7.s390x", "7Workstation:libcurl-devel-0:7.29.0-25.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2014-8150" }, { "category": "external", "summary": "RHBZ#1178692", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1178692" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2014-8150", "url": "https://www.cve.org/CVERecord?id=CVE-2014-8150" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-8150", "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-8150" }, { "category": "external", "summary": "http://curl.haxx.se/docs/adv_20150108B.html", "url": "http://curl.haxx.se/docs/adv_20150108B.html" } ], "release_date": "2015-01-08T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2015-11-19T03:26:18+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Client-optional:curl-0:7.29.0-25.el7.aarch64", "7Client-optional:curl-0:7.29.0-25.el7.ppc64", "7Client-optional:curl-0:7.29.0-25.el7.ppc64le", "7Client-optional:curl-0:7.29.0-25.el7.s390x", "7Client-optional:curl-0:7.29.0-25.el7.src", "7Client-optional:curl-0:7.29.0-25.el7.x86_64", "7Client-optional:curl-debuginfo-0:7.29.0-25.el7.aarch64", "7Client-optional:curl-debuginfo-0:7.29.0-25.el7.i686", "7Client-optional:curl-debuginfo-0:7.29.0-25.el7.ppc", "7Client-optional:curl-debuginfo-0:7.29.0-25.el7.ppc64", "7Client-optional:curl-debuginfo-0:7.29.0-25.el7.ppc64le", "7Client-optional:curl-debuginfo-0:7.29.0-25.el7.s390", "7Client-optional:curl-debuginfo-0:7.29.0-25.el7.s390x", "7Client-optional:curl-debuginfo-0:7.29.0-25.el7.x86_64", "7Client-optional:libcurl-0:7.29.0-25.el7.aarch64", "7Client-optional:libcurl-0:7.29.0-25.el7.i686", "7Client-optional:libcurl-0:7.29.0-25.el7.ppc", "7Client-optional:libcurl-0:7.29.0-25.el7.ppc64", "7Client-optional:libcurl-0:7.29.0-25.el7.ppc64le", "7Client-optional:libcurl-0:7.29.0-25.el7.s390", "7Client-optional:libcurl-0:7.29.0-25.el7.s390x", "7Client-optional:libcurl-0:7.29.0-25.el7.x86_64", "7Client-optional:libcurl-devel-0:7.29.0-25.el7.aarch64", "7Client-optional:libcurl-devel-0:7.29.0-25.el7.i686", "7Client-optional:libcurl-devel-0:7.29.0-25.el7.ppc", "7Client-optional:libcurl-devel-0:7.29.0-25.el7.ppc64", "7Client-optional:libcurl-devel-0:7.29.0-25.el7.ppc64le", "7Client-optional:libcurl-devel-0:7.29.0-25.el7.s390", "7Client-optional:libcurl-devel-0:7.29.0-25.el7.s390x", "7Client-optional:libcurl-devel-0:7.29.0-25.el7.x86_64", "7Client:curl-0:7.29.0-25.el7.aarch64", "7Client:curl-0:7.29.0-25.el7.ppc64", "7Client:curl-0:7.29.0-25.el7.ppc64le", "7Client:curl-0:7.29.0-25.el7.s390x", "7Client:curl-0:7.29.0-25.el7.src", "7Client:curl-0:7.29.0-25.el7.x86_64", "7Client:curl-debuginfo-0:7.29.0-25.el7.aarch64", "7Client:curl-debuginfo-0:7.29.0-25.el7.i686", "7Client:curl-debuginfo-0:7.29.0-25.el7.ppc", "7Client:curl-debuginfo-0:7.29.0-25.el7.ppc64", "7Client:curl-debuginfo-0:7.29.0-25.el7.ppc64le", "7Client:curl-debuginfo-0:7.29.0-25.el7.s390", "7Client:curl-debuginfo-0:7.29.0-25.el7.s390x", "7Client:curl-debuginfo-0:7.29.0-25.el7.x86_64", "7Client:libcurl-0:7.29.0-25.el7.aarch64", "7Client:libcurl-0:7.29.0-25.el7.i686", "7Client:libcurl-0:7.29.0-25.el7.ppc", "7Client:libcurl-0:7.29.0-25.el7.ppc64", "7Client:libcurl-0:7.29.0-25.el7.ppc64le", "7Client:libcurl-0:7.29.0-25.el7.s390", "7Client:libcurl-0:7.29.0-25.el7.s390x", "7Client:libcurl-0:7.29.0-25.el7.x86_64", "7Client:libcurl-devel-0:7.29.0-25.el7.aarch64", "7Client:libcurl-devel-0:7.29.0-25.el7.i686", "7Client:libcurl-devel-0:7.29.0-25.el7.ppc", "7Client:libcurl-devel-0:7.29.0-25.el7.ppc64", "7Client:libcurl-devel-0:7.29.0-25.el7.ppc64le", "7Client:libcurl-devel-0:7.29.0-25.el7.s390", "7Client:libcurl-devel-0:7.29.0-25.el7.s390x", "7Client:libcurl-devel-0:7.29.0-25.el7.x86_64", "7ComputeNode-optional:curl-0:7.29.0-25.el7.aarch64", "7ComputeNode-optional:curl-0:7.29.0-25.el7.ppc64", "7ComputeNode-optional:curl-0:7.29.0-25.el7.ppc64le", "7ComputeNode-optional:curl-0:7.29.0-25.el7.s390x", "7ComputeNode-optional:curl-0:7.29.0-25.el7.src", "7ComputeNode-optional:curl-0:7.29.0-25.el7.x86_64", "7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.aarch64", "7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.i686", "7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.ppc", "7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.ppc64", "7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.ppc64le", "7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.s390", "7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.s390x", "7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.x86_64", "7ComputeNode-optional:libcurl-0:7.29.0-25.el7.aarch64", "7ComputeNode-optional:libcurl-0:7.29.0-25.el7.i686", "7ComputeNode-optional:libcurl-0:7.29.0-25.el7.ppc", "7ComputeNode-optional:libcurl-0:7.29.0-25.el7.ppc64", "7ComputeNode-optional:libcurl-0:7.29.0-25.el7.ppc64le", "7ComputeNode-optional:libcurl-0:7.29.0-25.el7.s390", "7ComputeNode-optional:libcurl-0:7.29.0-25.el7.s390x", "7ComputeNode-optional:libcurl-0:7.29.0-25.el7.x86_64", "7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.aarch64", "7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.i686", "7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.ppc", "7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.ppc64", "7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.ppc64le", "7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.s390", "7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.s390x", "7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.x86_64", "7ComputeNode:curl-0:7.29.0-25.el7.aarch64", "7ComputeNode:curl-0:7.29.0-25.el7.ppc64", "7ComputeNode:curl-0:7.29.0-25.el7.ppc64le", "7ComputeNode:curl-0:7.29.0-25.el7.s390x", "7ComputeNode:curl-0:7.29.0-25.el7.src", "7ComputeNode:curl-0:7.29.0-25.el7.x86_64", "7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.aarch64", "7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.i686", "7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.ppc", "7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.ppc64", "7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.ppc64le", "7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.s390", "7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.s390x", "7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.x86_64", "7ComputeNode:libcurl-0:7.29.0-25.el7.aarch64", "7ComputeNode:libcurl-0:7.29.0-25.el7.i686", "7ComputeNode:libcurl-0:7.29.0-25.el7.ppc", "7ComputeNode:libcurl-0:7.29.0-25.el7.ppc64", "7ComputeNode:libcurl-0:7.29.0-25.el7.ppc64le", "7ComputeNode:libcurl-0:7.29.0-25.el7.s390", "7ComputeNode:libcurl-0:7.29.0-25.el7.s390x", "7ComputeNode:libcurl-0:7.29.0-25.el7.x86_64", "7ComputeNode:libcurl-devel-0:7.29.0-25.el7.aarch64", "7ComputeNode:libcurl-devel-0:7.29.0-25.el7.i686", "7ComputeNode:libcurl-devel-0:7.29.0-25.el7.ppc", "7ComputeNode:libcurl-devel-0:7.29.0-25.el7.ppc64", "7ComputeNode:libcurl-devel-0:7.29.0-25.el7.ppc64le", "7ComputeNode:libcurl-devel-0:7.29.0-25.el7.s390", "7ComputeNode:libcurl-devel-0:7.29.0-25.el7.s390x", "7ComputeNode:libcurl-devel-0:7.29.0-25.el7.x86_64", "7Server:curl-0:7.29.0-25.el7.aarch64", "7Server:curl-0:7.29.0-25.el7.ppc64", "7Server:curl-0:7.29.0-25.el7.ppc64le", "7Server:curl-0:7.29.0-25.el7.s390x", "7Server:curl-0:7.29.0-25.el7.src", "7Server:curl-0:7.29.0-25.el7.x86_64", "7Server:curl-debuginfo-0:7.29.0-25.el7.aarch64", "7Server:curl-debuginfo-0:7.29.0-25.el7.i686", "7Server:curl-debuginfo-0:7.29.0-25.el7.ppc", "7Server:curl-debuginfo-0:7.29.0-25.el7.ppc64", "7Server:curl-debuginfo-0:7.29.0-25.el7.ppc64le", "7Server:curl-debuginfo-0:7.29.0-25.el7.s390", "7Server:curl-debuginfo-0:7.29.0-25.el7.s390x", "7Server:curl-debuginfo-0:7.29.0-25.el7.x86_64", "7Server:libcurl-0:7.29.0-25.el7.aarch64", "7Server:libcurl-0:7.29.0-25.el7.i686", "7Server:libcurl-0:7.29.0-25.el7.ppc", "7Server:libcurl-0:7.29.0-25.el7.ppc64", "7Server:libcurl-0:7.29.0-25.el7.ppc64le", "7Server:libcurl-0:7.29.0-25.el7.s390", "7Server:libcurl-0:7.29.0-25.el7.s390x", "7Server:libcurl-0:7.29.0-25.el7.x86_64", "7Server:libcurl-devel-0:7.29.0-25.el7.aarch64", "7Server:libcurl-devel-0:7.29.0-25.el7.i686", "7Server:libcurl-devel-0:7.29.0-25.el7.ppc", "7Server:libcurl-devel-0:7.29.0-25.el7.ppc64", "7Server:libcurl-devel-0:7.29.0-25.el7.ppc64le", "7Server:libcurl-devel-0:7.29.0-25.el7.s390", "7Server:libcurl-devel-0:7.29.0-25.el7.s390x", "7Server:libcurl-devel-0:7.29.0-25.el7.x86_64", "7Workstation:curl-0:7.29.0-25.el7.aarch64", "7Workstation:curl-0:7.29.0-25.el7.ppc64", "7Workstation:curl-0:7.29.0-25.el7.ppc64le", "7Workstation:curl-0:7.29.0-25.el7.s390x", "7Workstation:curl-0:7.29.0-25.el7.src", "7Workstation:curl-0:7.29.0-25.el7.x86_64", "7Workstation:curl-debuginfo-0:7.29.0-25.el7.aarch64", "7Workstation:curl-debuginfo-0:7.29.0-25.el7.i686", "7Workstation:curl-debuginfo-0:7.29.0-25.el7.ppc", "7Workstation:curl-debuginfo-0:7.29.0-25.el7.ppc64", "7Workstation:curl-debuginfo-0:7.29.0-25.el7.ppc64le", "7Workstation:curl-debuginfo-0:7.29.0-25.el7.s390", "7Workstation:curl-debuginfo-0:7.29.0-25.el7.s390x", "7Workstation:curl-debuginfo-0:7.29.0-25.el7.x86_64", "7Workstation:libcurl-0:7.29.0-25.el7.aarch64", "7Workstation:libcurl-0:7.29.0-25.el7.i686", "7Workstation:libcurl-0:7.29.0-25.el7.ppc", "7Workstation:libcurl-0:7.29.0-25.el7.ppc64", "7Workstation:libcurl-0:7.29.0-25.el7.ppc64le", "7Workstation:libcurl-0:7.29.0-25.el7.s390", "7Workstation:libcurl-0:7.29.0-25.el7.s390x", "7Workstation:libcurl-0:7.29.0-25.el7.x86_64", "7Workstation:libcurl-devel-0:7.29.0-25.el7.aarch64", "7Workstation:libcurl-devel-0:7.29.0-25.el7.i686", "7Workstation:libcurl-devel-0:7.29.0-25.el7.ppc", "7Workstation:libcurl-devel-0:7.29.0-25.el7.ppc64", "7Workstation:libcurl-devel-0:7.29.0-25.el7.ppc64le", "7Workstation:libcurl-devel-0:7.29.0-25.el7.s390", "7Workstation:libcurl-devel-0:7.29.0-25.el7.s390x", "7Workstation:libcurl-devel-0:7.29.0-25.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2015:2159" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0" }, "products": [ "7Client-optional:curl-0:7.29.0-25.el7.aarch64", "7Client-optional:curl-0:7.29.0-25.el7.ppc64", "7Client-optional:curl-0:7.29.0-25.el7.ppc64le", "7Client-optional:curl-0:7.29.0-25.el7.s390x", "7Client-optional:curl-0:7.29.0-25.el7.src", "7Client-optional:curl-0:7.29.0-25.el7.x86_64", "7Client-optional:curl-debuginfo-0:7.29.0-25.el7.aarch64", "7Client-optional:curl-debuginfo-0:7.29.0-25.el7.i686", "7Client-optional:curl-debuginfo-0:7.29.0-25.el7.ppc", "7Client-optional:curl-debuginfo-0:7.29.0-25.el7.ppc64", "7Client-optional:curl-debuginfo-0:7.29.0-25.el7.ppc64le", "7Client-optional:curl-debuginfo-0:7.29.0-25.el7.s390", "7Client-optional:curl-debuginfo-0:7.29.0-25.el7.s390x", "7Client-optional:curl-debuginfo-0:7.29.0-25.el7.x86_64", "7Client-optional:libcurl-0:7.29.0-25.el7.aarch64", "7Client-optional:libcurl-0:7.29.0-25.el7.i686", "7Client-optional:libcurl-0:7.29.0-25.el7.ppc", "7Client-optional:libcurl-0:7.29.0-25.el7.ppc64", "7Client-optional:libcurl-0:7.29.0-25.el7.ppc64le", "7Client-optional:libcurl-0:7.29.0-25.el7.s390", "7Client-optional:libcurl-0:7.29.0-25.el7.s390x", "7Client-optional:libcurl-0:7.29.0-25.el7.x86_64", "7Client-optional:libcurl-devel-0:7.29.0-25.el7.aarch64", "7Client-optional:libcurl-devel-0:7.29.0-25.el7.i686", "7Client-optional:libcurl-devel-0:7.29.0-25.el7.ppc", "7Client-optional:libcurl-devel-0:7.29.0-25.el7.ppc64", "7Client-optional:libcurl-devel-0:7.29.0-25.el7.ppc64le", "7Client-optional:libcurl-devel-0:7.29.0-25.el7.s390", "7Client-optional:libcurl-devel-0:7.29.0-25.el7.s390x", "7Client-optional:libcurl-devel-0:7.29.0-25.el7.x86_64", "7Client:curl-0:7.29.0-25.el7.aarch64", "7Client:curl-0:7.29.0-25.el7.ppc64", "7Client:curl-0:7.29.0-25.el7.ppc64le", "7Client:curl-0:7.29.0-25.el7.s390x", "7Client:curl-0:7.29.0-25.el7.src", "7Client:curl-0:7.29.0-25.el7.x86_64", "7Client:curl-debuginfo-0:7.29.0-25.el7.aarch64", "7Client:curl-debuginfo-0:7.29.0-25.el7.i686", "7Client:curl-debuginfo-0:7.29.0-25.el7.ppc", "7Client:curl-debuginfo-0:7.29.0-25.el7.ppc64", "7Client:curl-debuginfo-0:7.29.0-25.el7.ppc64le", "7Client:curl-debuginfo-0:7.29.0-25.el7.s390", "7Client:curl-debuginfo-0:7.29.0-25.el7.s390x", "7Client:curl-debuginfo-0:7.29.0-25.el7.x86_64", "7Client:libcurl-0:7.29.0-25.el7.aarch64", "7Client:libcurl-0:7.29.0-25.el7.i686", "7Client:libcurl-0:7.29.0-25.el7.ppc", "7Client:libcurl-0:7.29.0-25.el7.ppc64", "7Client:libcurl-0:7.29.0-25.el7.ppc64le", "7Client:libcurl-0:7.29.0-25.el7.s390", "7Client:libcurl-0:7.29.0-25.el7.s390x", "7Client:libcurl-0:7.29.0-25.el7.x86_64", "7Client:libcurl-devel-0:7.29.0-25.el7.aarch64", "7Client:libcurl-devel-0:7.29.0-25.el7.i686", "7Client:libcurl-devel-0:7.29.0-25.el7.ppc", "7Client:libcurl-devel-0:7.29.0-25.el7.ppc64", "7Client:libcurl-devel-0:7.29.0-25.el7.ppc64le", "7Client:libcurl-devel-0:7.29.0-25.el7.s390", "7Client:libcurl-devel-0:7.29.0-25.el7.s390x", "7Client:libcurl-devel-0:7.29.0-25.el7.x86_64", "7ComputeNode-optional:curl-0:7.29.0-25.el7.aarch64", "7ComputeNode-optional:curl-0:7.29.0-25.el7.ppc64", "7ComputeNode-optional:curl-0:7.29.0-25.el7.ppc64le", "7ComputeNode-optional:curl-0:7.29.0-25.el7.s390x", "7ComputeNode-optional:curl-0:7.29.0-25.el7.src", "7ComputeNode-optional:curl-0:7.29.0-25.el7.x86_64", "7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.aarch64", "7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.i686", "7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.ppc", "7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.ppc64", "7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.ppc64le", "7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.s390", "7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.s390x", "7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.x86_64", "7ComputeNode-optional:libcurl-0:7.29.0-25.el7.aarch64", "7ComputeNode-optional:libcurl-0:7.29.0-25.el7.i686", "7ComputeNode-optional:libcurl-0:7.29.0-25.el7.ppc", "7ComputeNode-optional:libcurl-0:7.29.0-25.el7.ppc64", "7ComputeNode-optional:libcurl-0:7.29.0-25.el7.ppc64le", "7ComputeNode-optional:libcurl-0:7.29.0-25.el7.s390", "7ComputeNode-optional:libcurl-0:7.29.0-25.el7.s390x", "7ComputeNode-optional:libcurl-0:7.29.0-25.el7.x86_64", "7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.aarch64", "7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.i686", "7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.ppc", "7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.ppc64", "7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.ppc64le", "7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.s390", "7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.s390x", "7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.x86_64", "7ComputeNode:curl-0:7.29.0-25.el7.aarch64", "7ComputeNode:curl-0:7.29.0-25.el7.ppc64", "7ComputeNode:curl-0:7.29.0-25.el7.ppc64le", "7ComputeNode:curl-0:7.29.0-25.el7.s390x", "7ComputeNode:curl-0:7.29.0-25.el7.src", "7ComputeNode:curl-0:7.29.0-25.el7.x86_64", "7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.aarch64", "7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.i686", "7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.ppc", "7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.ppc64", "7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.ppc64le", "7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.s390", "7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.s390x", "7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.x86_64", "7ComputeNode:libcurl-0:7.29.0-25.el7.aarch64", "7ComputeNode:libcurl-0:7.29.0-25.el7.i686", "7ComputeNode:libcurl-0:7.29.0-25.el7.ppc", "7ComputeNode:libcurl-0:7.29.0-25.el7.ppc64", "7ComputeNode:libcurl-0:7.29.0-25.el7.ppc64le", "7ComputeNode:libcurl-0:7.29.0-25.el7.s390", "7ComputeNode:libcurl-0:7.29.0-25.el7.s390x", "7ComputeNode:libcurl-0:7.29.0-25.el7.x86_64", "7ComputeNode:libcurl-devel-0:7.29.0-25.el7.aarch64", "7ComputeNode:libcurl-devel-0:7.29.0-25.el7.i686", "7ComputeNode:libcurl-devel-0:7.29.0-25.el7.ppc", "7ComputeNode:libcurl-devel-0:7.29.0-25.el7.ppc64", "7ComputeNode:libcurl-devel-0:7.29.0-25.el7.ppc64le", "7ComputeNode:libcurl-devel-0:7.29.0-25.el7.s390", "7ComputeNode:libcurl-devel-0:7.29.0-25.el7.s390x", "7ComputeNode:libcurl-devel-0:7.29.0-25.el7.x86_64", "7Server:curl-0:7.29.0-25.el7.aarch64", "7Server:curl-0:7.29.0-25.el7.ppc64", "7Server:curl-0:7.29.0-25.el7.ppc64le", "7Server:curl-0:7.29.0-25.el7.s390x", "7Server:curl-0:7.29.0-25.el7.src", "7Server:curl-0:7.29.0-25.el7.x86_64", "7Server:curl-debuginfo-0:7.29.0-25.el7.aarch64", "7Server:curl-debuginfo-0:7.29.0-25.el7.i686", "7Server:curl-debuginfo-0:7.29.0-25.el7.ppc", "7Server:curl-debuginfo-0:7.29.0-25.el7.ppc64", "7Server:curl-debuginfo-0:7.29.0-25.el7.ppc64le", "7Server:curl-debuginfo-0:7.29.0-25.el7.s390", "7Server:curl-debuginfo-0:7.29.0-25.el7.s390x", "7Server:curl-debuginfo-0:7.29.0-25.el7.x86_64", "7Server:libcurl-0:7.29.0-25.el7.aarch64", "7Server:libcurl-0:7.29.0-25.el7.i686", "7Server:libcurl-0:7.29.0-25.el7.ppc", "7Server:libcurl-0:7.29.0-25.el7.ppc64", "7Server:libcurl-0:7.29.0-25.el7.ppc64le", "7Server:libcurl-0:7.29.0-25.el7.s390", "7Server:libcurl-0:7.29.0-25.el7.s390x", "7Server:libcurl-0:7.29.0-25.el7.x86_64", "7Server:libcurl-devel-0:7.29.0-25.el7.aarch64", "7Server:libcurl-devel-0:7.29.0-25.el7.i686", "7Server:libcurl-devel-0:7.29.0-25.el7.ppc", "7Server:libcurl-devel-0:7.29.0-25.el7.ppc64", "7Server:libcurl-devel-0:7.29.0-25.el7.ppc64le", "7Server:libcurl-devel-0:7.29.0-25.el7.s390", "7Server:libcurl-devel-0:7.29.0-25.el7.s390x", "7Server:libcurl-devel-0:7.29.0-25.el7.x86_64", "7Workstation:curl-0:7.29.0-25.el7.aarch64", "7Workstation:curl-0:7.29.0-25.el7.ppc64", "7Workstation:curl-0:7.29.0-25.el7.ppc64le", "7Workstation:curl-0:7.29.0-25.el7.s390x", "7Workstation:curl-0:7.29.0-25.el7.src", "7Workstation:curl-0:7.29.0-25.el7.x86_64", "7Workstation:curl-debuginfo-0:7.29.0-25.el7.aarch64", "7Workstation:curl-debuginfo-0:7.29.0-25.el7.i686", "7Workstation:curl-debuginfo-0:7.29.0-25.el7.ppc", "7Workstation:curl-debuginfo-0:7.29.0-25.el7.ppc64", "7Workstation:curl-debuginfo-0:7.29.0-25.el7.ppc64le", "7Workstation:curl-debuginfo-0:7.29.0-25.el7.s390", "7Workstation:curl-debuginfo-0:7.29.0-25.el7.s390x", "7Workstation:curl-debuginfo-0:7.29.0-25.el7.x86_64", "7Workstation:libcurl-0:7.29.0-25.el7.aarch64", "7Workstation:libcurl-0:7.29.0-25.el7.i686", "7Workstation:libcurl-0:7.29.0-25.el7.ppc", "7Workstation:libcurl-0:7.29.0-25.el7.ppc64", "7Workstation:libcurl-0:7.29.0-25.el7.ppc64le", "7Workstation:libcurl-0:7.29.0-25.el7.s390", "7Workstation:libcurl-0:7.29.0-25.el7.s390x", "7Workstation:libcurl-0:7.29.0-25.el7.x86_64", "7Workstation:libcurl-devel-0:7.29.0-25.el7.aarch64", "7Workstation:libcurl-devel-0:7.29.0-25.el7.i686", "7Workstation:libcurl-devel-0:7.29.0-25.el7.ppc", "7Workstation:libcurl-devel-0:7.29.0-25.el7.ppc64", "7Workstation:libcurl-devel-0:7.29.0-25.el7.ppc64le", "7Workstation:libcurl-devel-0:7.29.0-25.el7.s390", "7Workstation:libcurl-devel-0:7.29.0-25.el7.s390x", "7Workstation:libcurl-devel-0:7.29.0-25.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "curl: URL request injection vulnerability in parseurlandfillconn()" }, { "acknowledgments": [ { "names": [ "Daniel Stenberg" ], "organization": "curl upstream" }, { "names": [ "Paras Sethia" ], "summary": "Acknowledged by upstream." } ], "cve": "CVE-2015-3143", "cwe": { "id": "CWE-287", "name": "Improper Authentication" }, "discovery_date": "2015-04-16T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1213306" } ], "notes": [ { "category": "description", "text": "It was discovered that libcurl could incorrectly reuse NTLM-authenticated connections for subsequent unauthenticated requests to the same host. If an application using libcurl established an NTLM-authenticated connection to a server, and sent subsequent unauthenticated requests to the same server, the unauthenticated requests could be sent over the NTLM-authenticated connection, appearing as if they were sent by the NTLM authenticated user.", "title": "Vulnerability description" }, { "category": "summary", "text": "curl: re-using authenticated connection when unauthenticated", "title": "Vulnerability summary" }, { "category": "other", "text": "This issue affects the version of curl package as shipped with Red Hat Enterprise Linux 5. Red Hat Enterprise Linux 5 is now in Production 3 Phase of the support and maintenance life cycle. This issue is not planned to be addressed in a future update for Red Hat Enterprise Linux 5.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Client-optional:curl-0:7.29.0-25.el7.aarch64", "7Client-optional:curl-0:7.29.0-25.el7.ppc64", "7Client-optional:curl-0:7.29.0-25.el7.ppc64le", "7Client-optional:curl-0:7.29.0-25.el7.s390x", "7Client-optional:curl-0:7.29.0-25.el7.src", "7Client-optional:curl-0:7.29.0-25.el7.x86_64", "7Client-optional:curl-debuginfo-0:7.29.0-25.el7.aarch64", "7Client-optional:curl-debuginfo-0:7.29.0-25.el7.i686", "7Client-optional:curl-debuginfo-0:7.29.0-25.el7.ppc", "7Client-optional:curl-debuginfo-0:7.29.0-25.el7.ppc64", "7Client-optional:curl-debuginfo-0:7.29.0-25.el7.ppc64le", "7Client-optional:curl-debuginfo-0:7.29.0-25.el7.s390", "7Client-optional:curl-debuginfo-0:7.29.0-25.el7.s390x", "7Client-optional:curl-debuginfo-0:7.29.0-25.el7.x86_64", "7Client-optional:libcurl-0:7.29.0-25.el7.aarch64", "7Client-optional:libcurl-0:7.29.0-25.el7.i686", "7Client-optional:libcurl-0:7.29.0-25.el7.ppc", "7Client-optional:libcurl-0:7.29.0-25.el7.ppc64", "7Client-optional:libcurl-0:7.29.0-25.el7.ppc64le", "7Client-optional:libcurl-0:7.29.0-25.el7.s390", "7Client-optional:libcurl-0:7.29.0-25.el7.s390x", "7Client-optional:libcurl-0:7.29.0-25.el7.x86_64", "7Client-optional:libcurl-devel-0:7.29.0-25.el7.aarch64", "7Client-optional:libcurl-devel-0:7.29.0-25.el7.i686", "7Client-optional:libcurl-devel-0:7.29.0-25.el7.ppc", "7Client-optional:libcurl-devel-0:7.29.0-25.el7.ppc64", "7Client-optional:libcurl-devel-0:7.29.0-25.el7.ppc64le", "7Client-optional:libcurl-devel-0:7.29.0-25.el7.s390", "7Client-optional:libcurl-devel-0:7.29.0-25.el7.s390x", "7Client-optional:libcurl-devel-0:7.29.0-25.el7.x86_64", "7Client:curl-0:7.29.0-25.el7.aarch64", "7Client:curl-0:7.29.0-25.el7.ppc64", "7Client:curl-0:7.29.0-25.el7.ppc64le", "7Client:curl-0:7.29.0-25.el7.s390x", "7Client:curl-0:7.29.0-25.el7.src", "7Client:curl-0:7.29.0-25.el7.x86_64", "7Client:curl-debuginfo-0:7.29.0-25.el7.aarch64", "7Client:curl-debuginfo-0:7.29.0-25.el7.i686", "7Client:curl-debuginfo-0:7.29.0-25.el7.ppc", "7Client:curl-debuginfo-0:7.29.0-25.el7.ppc64", "7Client:curl-debuginfo-0:7.29.0-25.el7.ppc64le", "7Client:curl-debuginfo-0:7.29.0-25.el7.s390", "7Client:curl-debuginfo-0:7.29.0-25.el7.s390x", "7Client:curl-debuginfo-0:7.29.0-25.el7.x86_64", "7Client:libcurl-0:7.29.0-25.el7.aarch64", "7Client:libcurl-0:7.29.0-25.el7.i686", "7Client:libcurl-0:7.29.0-25.el7.ppc", "7Client:libcurl-0:7.29.0-25.el7.ppc64", "7Client:libcurl-0:7.29.0-25.el7.ppc64le", "7Client:libcurl-0:7.29.0-25.el7.s390", "7Client:libcurl-0:7.29.0-25.el7.s390x", "7Client:libcurl-0:7.29.0-25.el7.x86_64", "7Client:libcurl-devel-0:7.29.0-25.el7.aarch64", "7Client:libcurl-devel-0:7.29.0-25.el7.i686", "7Client:libcurl-devel-0:7.29.0-25.el7.ppc", "7Client:libcurl-devel-0:7.29.0-25.el7.ppc64", "7Client:libcurl-devel-0:7.29.0-25.el7.ppc64le", "7Client:libcurl-devel-0:7.29.0-25.el7.s390", "7Client:libcurl-devel-0:7.29.0-25.el7.s390x", "7Client:libcurl-devel-0:7.29.0-25.el7.x86_64", "7ComputeNode-optional:curl-0:7.29.0-25.el7.aarch64", "7ComputeNode-optional:curl-0:7.29.0-25.el7.ppc64", "7ComputeNode-optional:curl-0:7.29.0-25.el7.ppc64le", "7ComputeNode-optional:curl-0:7.29.0-25.el7.s390x", "7ComputeNode-optional:curl-0:7.29.0-25.el7.src", "7ComputeNode-optional:curl-0:7.29.0-25.el7.x86_64", "7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.aarch64", "7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.i686", "7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.ppc", "7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.ppc64", "7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.ppc64le", "7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.s390", "7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.s390x", "7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.x86_64", "7ComputeNode-optional:libcurl-0:7.29.0-25.el7.aarch64", "7ComputeNode-optional:libcurl-0:7.29.0-25.el7.i686", "7ComputeNode-optional:libcurl-0:7.29.0-25.el7.ppc", "7ComputeNode-optional:libcurl-0:7.29.0-25.el7.ppc64", "7ComputeNode-optional:libcurl-0:7.29.0-25.el7.ppc64le", "7ComputeNode-optional:libcurl-0:7.29.0-25.el7.s390", "7ComputeNode-optional:libcurl-0:7.29.0-25.el7.s390x", "7ComputeNode-optional:libcurl-0:7.29.0-25.el7.x86_64", "7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.aarch64", "7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.i686", "7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.ppc", "7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.ppc64", "7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.ppc64le", "7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.s390", "7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.s390x", "7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.x86_64", "7ComputeNode:curl-0:7.29.0-25.el7.aarch64", "7ComputeNode:curl-0:7.29.0-25.el7.ppc64", "7ComputeNode:curl-0:7.29.0-25.el7.ppc64le", "7ComputeNode:curl-0:7.29.0-25.el7.s390x", "7ComputeNode:curl-0:7.29.0-25.el7.src", "7ComputeNode:curl-0:7.29.0-25.el7.x86_64", "7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.aarch64", "7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.i686", "7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.ppc", "7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.ppc64", "7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.ppc64le", "7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.s390", "7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.s390x", "7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.x86_64", "7ComputeNode:libcurl-0:7.29.0-25.el7.aarch64", "7ComputeNode:libcurl-0:7.29.0-25.el7.i686", "7ComputeNode:libcurl-0:7.29.0-25.el7.ppc", "7ComputeNode:libcurl-0:7.29.0-25.el7.ppc64", "7ComputeNode:libcurl-0:7.29.0-25.el7.ppc64le", "7ComputeNode:libcurl-0:7.29.0-25.el7.s390", "7ComputeNode:libcurl-0:7.29.0-25.el7.s390x", "7ComputeNode:libcurl-0:7.29.0-25.el7.x86_64", "7ComputeNode:libcurl-devel-0:7.29.0-25.el7.aarch64", "7ComputeNode:libcurl-devel-0:7.29.0-25.el7.i686", "7ComputeNode:libcurl-devel-0:7.29.0-25.el7.ppc", "7ComputeNode:libcurl-devel-0:7.29.0-25.el7.ppc64", "7ComputeNode:libcurl-devel-0:7.29.0-25.el7.ppc64le", "7ComputeNode:libcurl-devel-0:7.29.0-25.el7.s390", "7ComputeNode:libcurl-devel-0:7.29.0-25.el7.s390x", "7ComputeNode:libcurl-devel-0:7.29.0-25.el7.x86_64", "7Server:curl-0:7.29.0-25.el7.aarch64", "7Server:curl-0:7.29.0-25.el7.ppc64", "7Server:curl-0:7.29.0-25.el7.ppc64le", "7Server:curl-0:7.29.0-25.el7.s390x", "7Server:curl-0:7.29.0-25.el7.src", "7Server:curl-0:7.29.0-25.el7.x86_64", "7Server:curl-debuginfo-0:7.29.0-25.el7.aarch64", "7Server:curl-debuginfo-0:7.29.0-25.el7.i686", "7Server:curl-debuginfo-0:7.29.0-25.el7.ppc", "7Server:curl-debuginfo-0:7.29.0-25.el7.ppc64", "7Server:curl-debuginfo-0:7.29.0-25.el7.ppc64le", "7Server:curl-debuginfo-0:7.29.0-25.el7.s390", "7Server:curl-debuginfo-0:7.29.0-25.el7.s390x", "7Server:curl-debuginfo-0:7.29.0-25.el7.x86_64", "7Server:libcurl-0:7.29.0-25.el7.aarch64", "7Server:libcurl-0:7.29.0-25.el7.i686", "7Server:libcurl-0:7.29.0-25.el7.ppc", "7Server:libcurl-0:7.29.0-25.el7.ppc64", "7Server:libcurl-0:7.29.0-25.el7.ppc64le", "7Server:libcurl-0:7.29.0-25.el7.s390", "7Server:libcurl-0:7.29.0-25.el7.s390x", "7Server:libcurl-0:7.29.0-25.el7.x86_64", "7Server:libcurl-devel-0:7.29.0-25.el7.aarch64", "7Server:libcurl-devel-0:7.29.0-25.el7.i686", "7Server:libcurl-devel-0:7.29.0-25.el7.ppc", "7Server:libcurl-devel-0:7.29.0-25.el7.ppc64", "7Server:libcurl-devel-0:7.29.0-25.el7.ppc64le", "7Server:libcurl-devel-0:7.29.0-25.el7.s390", "7Server:libcurl-devel-0:7.29.0-25.el7.s390x", "7Server:libcurl-devel-0:7.29.0-25.el7.x86_64", "7Workstation:curl-0:7.29.0-25.el7.aarch64", "7Workstation:curl-0:7.29.0-25.el7.ppc64", "7Workstation:curl-0:7.29.0-25.el7.ppc64le", "7Workstation:curl-0:7.29.0-25.el7.s390x", "7Workstation:curl-0:7.29.0-25.el7.src", "7Workstation:curl-0:7.29.0-25.el7.x86_64", "7Workstation:curl-debuginfo-0:7.29.0-25.el7.aarch64", "7Workstation:curl-debuginfo-0:7.29.0-25.el7.i686", "7Workstation:curl-debuginfo-0:7.29.0-25.el7.ppc", "7Workstation:curl-debuginfo-0:7.29.0-25.el7.ppc64", "7Workstation:curl-debuginfo-0:7.29.0-25.el7.ppc64le", "7Workstation:curl-debuginfo-0:7.29.0-25.el7.s390", "7Workstation:curl-debuginfo-0:7.29.0-25.el7.s390x", "7Workstation:curl-debuginfo-0:7.29.0-25.el7.x86_64", "7Workstation:libcurl-0:7.29.0-25.el7.aarch64", "7Workstation:libcurl-0:7.29.0-25.el7.i686", "7Workstation:libcurl-0:7.29.0-25.el7.ppc", "7Workstation:libcurl-0:7.29.0-25.el7.ppc64", "7Workstation:libcurl-0:7.29.0-25.el7.ppc64le", "7Workstation:libcurl-0:7.29.0-25.el7.s390", "7Workstation:libcurl-0:7.29.0-25.el7.s390x", "7Workstation:libcurl-0:7.29.0-25.el7.x86_64", "7Workstation:libcurl-devel-0:7.29.0-25.el7.aarch64", "7Workstation:libcurl-devel-0:7.29.0-25.el7.i686", "7Workstation:libcurl-devel-0:7.29.0-25.el7.ppc", "7Workstation:libcurl-devel-0:7.29.0-25.el7.ppc64", "7Workstation:libcurl-devel-0:7.29.0-25.el7.ppc64le", "7Workstation:libcurl-devel-0:7.29.0-25.el7.s390", "7Workstation:libcurl-devel-0:7.29.0-25.el7.s390x", "7Workstation:libcurl-devel-0:7.29.0-25.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2015-3143" }, { "category": "external", "summary": "RHBZ#1213306", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1213306" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2015-3143", "url": "https://www.cve.org/CVERecord?id=CVE-2015-3143" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-3143", "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-3143" }, { "category": "external", "summary": "http://curl.haxx.se/docs/adv_20150422A.html", "url": "http://curl.haxx.se/docs/adv_20150422A.html" } ], "release_date": "2015-04-22T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2015-11-19T03:26:18+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Client-optional:curl-0:7.29.0-25.el7.aarch64", "7Client-optional:curl-0:7.29.0-25.el7.ppc64", "7Client-optional:curl-0:7.29.0-25.el7.ppc64le", "7Client-optional:curl-0:7.29.0-25.el7.s390x", "7Client-optional:curl-0:7.29.0-25.el7.src", "7Client-optional:curl-0:7.29.0-25.el7.x86_64", "7Client-optional:curl-debuginfo-0:7.29.0-25.el7.aarch64", "7Client-optional:curl-debuginfo-0:7.29.0-25.el7.i686", "7Client-optional:curl-debuginfo-0:7.29.0-25.el7.ppc", "7Client-optional:curl-debuginfo-0:7.29.0-25.el7.ppc64", "7Client-optional:curl-debuginfo-0:7.29.0-25.el7.ppc64le", "7Client-optional:curl-debuginfo-0:7.29.0-25.el7.s390", "7Client-optional:curl-debuginfo-0:7.29.0-25.el7.s390x", "7Client-optional:curl-debuginfo-0:7.29.0-25.el7.x86_64", "7Client-optional:libcurl-0:7.29.0-25.el7.aarch64", "7Client-optional:libcurl-0:7.29.0-25.el7.i686", "7Client-optional:libcurl-0:7.29.0-25.el7.ppc", "7Client-optional:libcurl-0:7.29.0-25.el7.ppc64", "7Client-optional:libcurl-0:7.29.0-25.el7.ppc64le", "7Client-optional:libcurl-0:7.29.0-25.el7.s390", "7Client-optional:libcurl-0:7.29.0-25.el7.s390x", "7Client-optional:libcurl-0:7.29.0-25.el7.x86_64", "7Client-optional:libcurl-devel-0:7.29.0-25.el7.aarch64", "7Client-optional:libcurl-devel-0:7.29.0-25.el7.i686", "7Client-optional:libcurl-devel-0:7.29.0-25.el7.ppc", "7Client-optional:libcurl-devel-0:7.29.0-25.el7.ppc64", "7Client-optional:libcurl-devel-0:7.29.0-25.el7.ppc64le", "7Client-optional:libcurl-devel-0:7.29.0-25.el7.s390", "7Client-optional:libcurl-devel-0:7.29.0-25.el7.s390x", "7Client-optional:libcurl-devel-0:7.29.0-25.el7.x86_64", "7Client:curl-0:7.29.0-25.el7.aarch64", "7Client:curl-0:7.29.0-25.el7.ppc64", "7Client:curl-0:7.29.0-25.el7.ppc64le", "7Client:curl-0:7.29.0-25.el7.s390x", "7Client:curl-0:7.29.0-25.el7.src", "7Client:curl-0:7.29.0-25.el7.x86_64", "7Client:curl-debuginfo-0:7.29.0-25.el7.aarch64", "7Client:curl-debuginfo-0:7.29.0-25.el7.i686", "7Client:curl-debuginfo-0:7.29.0-25.el7.ppc", "7Client:curl-debuginfo-0:7.29.0-25.el7.ppc64", "7Client:curl-debuginfo-0:7.29.0-25.el7.ppc64le", "7Client:curl-debuginfo-0:7.29.0-25.el7.s390", "7Client:curl-debuginfo-0:7.29.0-25.el7.s390x", "7Client:curl-debuginfo-0:7.29.0-25.el7.x86_64", "7Client:libcurl-0:7.29.0-25.el7.aarch64", "7Client:libcurl-0:7.29.0-25.el7.i686", "7Client:libcurl-0:7.29.0-25.el7.ppc", "7Client:libcurl-0:7.29.0-25.el7.ppc64", "7Client:libcurl-0:7.29.0-25.el7.ppc64le", "7Client:libcurl-0:7.29.0-25.el7.s390", "7Client:libcurl-0:7.29.0-25.el7.s390x", "7Client:libcurl-0:7.29.0-25.el7.x86_64", "7Client:libcurl-devel-0:7.29.0-25.el7.aarch64", "7Client:libcurl-devel-0:7.29.0-25.el7.i686", "7Client:libcurl-devel-0:7.29.0-25.el7.ppc", "7Client:libcurl-devel-0:7.29.0-25.el7.ppc64", "7Client:libcurl-devel-0:7.29.0-25.el7.ppc64le", "7Client:libcurl-devel-0:7.29.0-25.el7.s390", "7Client:libcurl-devel-0:7.29.0-25.el7.s390x", "7Client:libcurl-devel-0:7.29.0-25.el7.x86_64", "7ComputeNode-optional:curl-0:7.29.0-25.el7.aarch64", "7ComputeNode-optional:curl-0:7.29.0-25.el7.ppc64", "7ComputeNode-optional:curl-0:7.29.0-25.el7.ppc64le", "7ComputeNode-optional:curl-0:7.29.0-25.el7.s390x", "7ComputeNode-optional:curl-0:7.29.0-25.el7.src", "7ComputeNode-optional:curl-0:7.29.0-25.el7.x86_64", "7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.aarch64", "7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.i686", "7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.ppc", "7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.ppc64", "7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.ppc64le", "7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.s390", "7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.s390x", "7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.x86_64", "7ComputeNode-optional:libcurl-0:7.29.0-25.el7.aarch64", "7ComputeNode-optional:libcurl-0:7.29.0-25.el7.i686", "7ComputeNode-optional:libcurl-0:7.29.0-25.el7.ppc", "7ComputeNode-optional:libcurl-0:7.29.0-25.el7.ppc64", "7ComputeNode-optional:libcurl-0:7.29.0-25.el7.ppc64le", "7ComputeNode-optional:libcurl-0:7.29.0-25.el7.s390", "7ComputeNode-optional:libcurl-0:7.29.0-25.el7.s390x", "7ComputeNode-optional:libcurl-0:7.29.0-25.el7.x86_64", "7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.aarch64", "7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.i686", "7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.ppc", "7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.ppc64", "7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.ppc64le", "7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.s390", "7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.s390x", "7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.x86_64", "7ComputeNode:curl-0:7.29.0-25.el7.aarch64", "7ComputeNode:curl-0:7.29.0-25.el7.ppc64", "7ComputeNode:curl-0:7.29.0-25.el7.ppc64le", "7ComputeNode:curl-0:7.29.0-25.el7.s390x", "7ComputeNode:curl-0:7.29.0-25.el7.src", "7ComputeNode:curl-0:7.29.0-25.el7.x86_64", "7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.aarch64", "7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.i686", "7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.ppc", "7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.ppc64", "7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.ppc64le", "7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.s390", "7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.s390x", "7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.x86_64", "7ComputeNode:libcurl-0:7.29.0-25.el7.aarch64", "7ComputeNode:libcurl-0:7.29.0-25.el7.i686", "7ComputeNode:libcurl-0:7.29.0-25.el7.ppc", "7ComputeNode:libcurl-0:7.29.0-25.el7.ppc64", "7ComputeNode:libcurl-0:7.29.0-25.el7.ppc64le", "7ComputeNode:libcurl-0:7.29.0-25.el7.s390", "7ComputeNode:libcurl-0:7.29.0-25.el7.s390x", "7ComputeNode:libcurl-0:7.29.0-25.el7.x86_64", "7ComputeNode:libcurl-devel-0:7.29.0-25.el7.aarch64", "7ComputeNode:libcurl-devel-0:7.29.0-25.el7.i686", "7ComputeNode:libcurl-devel-0:7.29.0-25.el7.ppc", "7ComputeNode:libcurl-devel-0:7.29.0-25.el7.ppc64", "7ComputeNode:libcurl-devel-0:7.29.0-25.el7.ppc64le", "7ComputeNode:libcurl-devel-0:7.29.0-25.el7.s390", "7ComputeNode:libcurl-devel-0:7.29.0-25.el7.s390x", "7ComputeNode:libcurl-devel-0:7.29.0-25.el7.x86_64", "7Server:curl-0:7.29.0-25.el7.aarch64", "7Server:curl-0:7.29.0-25.el7.ppc64", "7Server:curl-0:7.29.0-25.el7.ppc64le", "7Server:curl-0:7.29.0-25.el7.s390x", "7Server:curl-0:7.29.0-25.el7.src", "7Server:curl-0:7.29.0-25.el7.x86_64", "7Server:curl-debuginfo-0:7.29.0-25.el7.aarch64", "7Server:curl-debuginfo-0:7.29.0-25.el7.i686", "7Server:curl-debuginfo-0:7.29.0-25.el7.ppc", "7Server:curl-debuginfo-0:7.29.0-25.el7.ppc64", "7Server:curl-debuginfo-0:7.29.0-25.el7.ppc64le", "7Server:curl-debuginfo-0:7.29.0-25.el7.s390", "7Server:curl-debuginfo-0:7.29.0-25.el7.s390x", "7Server:curl-debuginfo-0:7.29.0-25.el7.x86_64", "7Server:libcurl-0:7.29.0-25.el7.aarch64", "7Server:libcurl-0:7.29.0-25.el7.i686", "7Server:libcurl-0:7.29.0-25.el7.ppc", "7Server:libcurl-0:7.29.0-25.el7.ppc64", "7Server:libcurl-0:7.29.0-25.el7.ppc64le", "7Server:libcurl-0:7.29.0-25.el7.s390", "7Server:libcurl-0:7.29.0-25.el7.s390x", "7Server:libcurl-0:7.29.0-25.el7.x86_64", "7Server:libcurl-devel-0:7.29.0-25.el7.aarch64", "7Server:libcurl-devel-0:7.29.0-25.el7.i686", "7Server:libcurl-devel-0:7.29.0-25.el7.ppc", "7Server:libcurl-devel-0:7.29.0-25.el7.ppc64", "7Server:libcurl-devel-0:7.29.0-25.el7.ppc64le", "7Server:libcurl-devel-0:7.29.0-25.el7.s390", "7Server:libcurl-devel-0:7.29.0-25.el7.s390x", "7Server:libcurl-devel-0:7.29.0-25.el7.x86_64", "7Workstation:curl-0:7.29.0-25.el7.aarch64", "7Workstation:curl-0:7.29.0-25.el7.ppc64", "7Workstation:curl-0:7.29.0-25.el7.ppc64le", "7Workstation:curl-0:7.29.0-25.el7.s390x", "7Workstation:curl-0:7.29.0-25.el7.src", "7Workstation:curl-0:7.29.0-25.el7.x86_64", "7Workstation:curl-debuginfo-0:7.29.0-25.el7.aarch64", "7Workstation:curl-debuginfo-0:7.29.0-25.el7.i686", "7Workstation:curl-debuginfo-0:7.29.0-25.el7.ppc", "7Workstation:curl-debuginfo-0:7.29.0-25.el7.ppc64", "7Workstation:curl-debuginfo-0:7.29.0-25.el7.ppc64le", "7Workstation:curl-debuginfo-0:7.29.0-25.el7.s390", "7Workstation:curl-debuginfo-0:7.29.0-25.el7.s390x", "7Workstation:curl-debuginfo-0:7.29.0-25.el7.x86_64", "7Workstation:libcurl-0:7.29.0-25.el7.aarch64", "7Workstation:libcurl-0:7.29.0-25.el7.i686", "7Workstation:libcurl-0:7.29.0-25.el7.ppc", "7Workstation:libcurl-0:7.29.0-25.el7.ppc64", "7Workstation:libcurl-0:7.29.0-25.el7.ppc64le", "7Workstation:libcurl-0:7.29.0-25.el7.s390", "7Workstation:libcurl-0:7.29.0-25.el7.s390x", "7Workstation:libcurl-0:7.29.0-25.el7.x86_64", "7Workstation:libcurl-devel-0:7.29.0-25.el7.aarch64", "7Workstation:libcurl-devel-0:7.29.0-25.el7.i686", "7Workstation:libcurl-devel-0:7.29.0-25.el7.ppc", "7Workstation:libcurl-devel-0:7.29.0-25.el7.ppc64", "7Workstation:libcurl-devel-0:7.29.0-25.el7.ppc64le", "7Workstation:libcurl-devel-0:7.29.0-25.el7.s390", "7Workstation:libcurl-devel-0:7.29.0-25.el7.s390x", "7Workstation:libcurl-devel-0:7.29.0-25.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2015:2159" } ], "scores": [ { "cvss_v2": { "accessComplexity": "HIGH", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:N", "version": "2.0" }, "products": [ "7Client-optional:curl-0:7.29.0-25.el7.aarch64", "7Client-optional:curl-0:7.29.0-25.el7.ppc64", "7Client-optional:curl-0:7.29.0-25.el7.ppc64le", "7Client-optional:curl-0:7.29.0-25.el7.s390x", "7Client-optional:curl-0:7.29.0-25.el7.src", "7Client-optional:curl-0:7.29.0-25.el7.x86_64", "7Client-optional:curl-debuginfo-0:7.29.0-25.el7.aarch64", "7Client-optional:curl-debuginfo-0:7.29.0-25.el7.i686", "7Client-optional:curl-debuginfo-0:7.29.0-25.el7.ppc", "7Client-optional:curl-debuginfo-0:7.29.0-25.el7.ppc64", "7Client-optional:curl-debuginfo-0:7.29.0-25.el7.ppc64le", "7Client-optional:curl-debuginfo-0:7.29.0-25.el7.s390", "7Client-optional:curl-debuginfo-0:7.29.0-25.el7.s390x", "7Client-optional:curl-debuginfo-0:7.29.0-25.el7.x86_64", "7Client-optional:libcurl-0:7.29.0-25.el7.aarch64", "7Client-optional:libcurl-0:7.29.0-25.el7.i686", "7Client-optional:libcurl-0:7.29.0-25.el7.ppc", "7Client-optional:libcurl-0:7.29.0-25.el7.ppc64", "7Client-optional:libcurl-0:7.29.0-25.el7.ppc64le", "7Client-optional:libcurl-0:7.29.0-25.el7.s390", "7Client-optional:libcurl-0:7.29.0-25.el7.s390x", "7Client-optional:libcurl-0:7.29.0-25.el7.x86_64", "7Client-optional:libcurl-devel-0:7.29.0-25.el7.aarch64", "7Client-optional:libcurl-devel-0:7.29.0-25.el7.i686", "7Client-optional:libcurl-devel-0:7.29.0-25.el7.ppc", "7Client-optional:libcurl-devel-0:7.29.0-25.el7.ppc64", "7Client-optional:libcurl-devel-0:7.29.0-25.el7.ppc64le", "7Client-optional:libcurl-devel-0:7.29.0-25.el7.s390", "7Client-optional:libcurl-devel-0:7.29.0-25.el7.s390x", "7Client-optional:libcurl-devel-0:7.29.0-25.el7.x86_64", "7Client:curl-0:7.29.0-25.el7.aarch64", "7Client:curl-0:7.29.0-25.el7.ppc64", "7Client:curl-0:7.29.0-25.el7.ppc64le", "7Client:curl-0:7.29.0-25.el7.s390x", "7Client:curl-0:7.29.0-25.el7.src", "7Client:curl-0:7.29.0-25.el7.x86_64", "7Client:curl-debuginfo-0:7.29.0-25.el7.aarch64", "7Client:curl-debuginfo-0:7.29.0-25.el7.i686", "7Client:curl-debuginfo-0:7.29.0-25.el7.ppc", "7Client:curl-debuginfo-0:7.29.0-25.el7.ppc64", "7Client:curl-debuginfo-0:7.29.0-25.el7.ppc64le", "7Client:curl-debuginfo-0:7.29.0-25.el7.s390", "7Client:curl-debuginfo-0:7.29.0-25.el7.s390x", "7Client:curl-debuginfo-0:7.29.0-25.el7.x86_64", "7Client:libcurl-0:7.29.0-25.el7.aarch64", "7Client:libcurl-0:7.29.0-25.el7.i686", "7Client:libcurl-0:7.29.0-25.el7.ppc", "7Client:libcurl-0:7.29.0-25.el7.ppc64", "7Client:libcurl-0:7.29.0-25.el7.ppc64le", "7Client:libcurl-0:7.29.0-25.el7.s390", "7Client:libcurl-0:7.29.0-25.el7.s390x", "7Client:libcurl-0:7.29.0-25.el7.x86_64", "7Client:libcurl-devel-0:7.29.0-25.el7.aarch64", "7Client:libcurl-devel-0:7.29.0-25.el7.i686", "7Client:libcurl-devel-0:7.29.0-25.el7.ppc", "7Client:libcurl-devel-0:7.29.0-25.el7.ppc64", "7Client:libcurl-devel-0:7.29.0-25.el7.ppc64le", "7Client:libcurl-devel-0:7.29.0-25.el7.s390", "7Client:libcurl-devel-0:7.29.0-25.el7.s390x", "7Client:libcurl-devel-0:7.29.0-25.el7.x86_64", "7ComputeNode-optional:curl-0:7.29.0-25.el7.aarch64", "7ComputeNode-optional:curl-0:7.29.0-25.el7.ppc64", "7ComputeNode-optional:curl-0:7.29.0-25.el7.ppc64le", "7ComputeNode-optional:curl-0:7.29.0-25.el7.s390x", "7ComputeNode-optional:curl-0:7.29.0-25.el7.src", "7ComputeNode-optional:curl-0:7.29.0-25.el7.x86_64", "7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.aarch64", "7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.i686", "7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.ppc", "7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.ppc64", "7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.ppc64le", "7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.s390", "7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.s390x", "7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.x86_64", "7ComputeNode-optional:libcurl-0:7.29.0-25.el7.aarch64", "7ComputeNode-optional:libcurl-0:7.29.0-25.el7.i686", "7ComputeNode-optional:libcurl-0:7.29.0-25.el7.ppc", "7ComputeNode-optional:libcurl-0:7.29.0-25.el7.ppc64", "7ComputeNode-optional:libcurl-0:7.29.0-25.el7.ppc64le", "7ComputeNode-optional:libcurl-0:7.29.0-25.el7.s390", "7ComputeNode-optional:libcurl-0:7.29.0-25.el7.s390x", "7ComputeNode-optional:libcurl-0:7.29.0-25.el7.x86_64", "7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.aarch64", "7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.i686", "7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.ppc", "7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.ppc64", "7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.ppc64le", "7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.s390", "7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.s390x", "7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.x86_64", "7ComputeNode:curl-0:7.29.0-25.el7.aarch64", "7ComputeNode:curl-0:7.29.0-25.el7.ppc64", "7ComputeNode:curl-0:7.29.0-25.el7.ppc64le", "7ComputeNode:curl-0:7.29.0-25.el7.s390x", "7ComputeNode:curl-0:7.29.0-25.el7.src", "7ComputeNode:curl-0:7.29.0-25.el7.x86_64", "7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.aarch64", "7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.i686", "7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.ppc", "7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.ppc64", "7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.ppc64le", "7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.s390", "7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.s390x", "7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.x86_64", "7ComputeNode:libcurl-0:7.29.0-25.el7.aarch64", "7ComputeNode:libcurl-0:7.29.0-25.el7.i686", "7ComputeNode:libcurl-0:7.29.0-25.el7.ppc", "7ComputeNode:libcurl-0:7.29.0-25.el7.ppc64", "7ComputeNode:libcurl-0:7.29.0-25.el7.ppc64le", "7ComputeNode:libcurl-0:7.29.0-25.el7.s390", "7ComputeNode:libcurl-0:7.29.0-25.el7.s390x", "7ComputeNode:libcurl-0:7.29.0-25.el7.x86_64", "7ComputeNode:libcurl-devel-0:7.29.0-25.el7.aarch64", "7ComputeNode:libcurl-devel-0:7.29.0-25.el7.i686", "7ComputeNode:libcurl-devel-0:7.29.0-25.el7.ppc", "7ComputeNode:libcurl-devel-0:7.29.0-25.el7.ppc64", "7ComputeNode:libcurl-devel-0:7.29.0-25.el7.ppc64le", "7ComputeNode:libcurl-devel-0:7.29.0-25.el7.s390", "7ComputeNode:libcurl-devel-0:7.29.0-25.el7.s390x", "7ComputeNode:libcurl-devel-0:7.29.0-25.el7.x86_64", "7Server:curl-0:7.29.0-25.el7.aarch64", "7Server:curl-0:7.29.0-25.el7.ppc64", "7Server:curl-0:7.29.0-25.el7.ppc64le", "7Server:curl-0:7.29.0-25.el7.s390x", "7Server:curl-0:7.29.0-25.el7.src", "7Server:curl-0:7.29.0-25.el7.x86_64", "7Server:curl-debuginfo-0:7.29.0-25.el7.aarch64", "7Server:curl-debuginfo-0:7.29.0-25.el7.i686", "7Server:curl-debuginfo-0:7.29.0-25.el7.ppc", "7Server:curl-debuginfo-0:7.29.0-25.el7.ppc64", "7Server:curl-debuginfo-0:7.29.0-25.el7.ppc64le", "7Server:curl-debuginfo-0:7.29.0-25.el7.s390", "7Server:curl-debuginfo-0:7.29.0-25.el7.s390x", "7Server:curl-debuginfo-0:7.29.0-25.el7.x86_64", "7Server:libcurl-0:7.29.0-25.el7.aarch64", "7Server:libcurl-0:7.29.0-25.el7.i686", "7Server:libcurl-0:7.29.0-25.el7.ppc", "7Server:libcurl-0:7.29.0-25.el7.ppc64", "7Server:libcurl-0:7.29.0-25.el7.ppc64le", "7Server:libcurl-0:7.29.0-25.el7.s390", "7Server:libcurl-0:7.29.0-25.el7.s390x", "7Server:libcurl-0:7.29.0-25.el7.x86_64", "7Server:libcurl-devel-0:7.29.0-25.el7.aarch64", "7Server:libcurl-devel-0:7.29.0-25.el7.i686", "7Server:libcurl-devel-0:7.29.0-25.el7.ppc", "7Server:libcurl-devel-0:7.29.0-25.el7.ppc64", "7Server:libcurl-devel-0:7.29.0-25.el7.ppc64le", "7Server:libcurl-devel-0:7.29.0-25.el7.s390", "7Server:libcurl-devel-0:7.29.0-25.el7.s390x", "7Server:libcurl-devel-0:7.29.0-25.el7.x86_64", "7Workstation:curl-0:7.29.0-25.el7.aarch64", "7Workstation:curl-0:7.29.0-25.el7.ppc64", "7Workstation:curl-0:7.29.0-25.el7.ppc64le", "7Workstation:curl-0:7.29.0-25.el7.s390x", "7Workstation:curl-0:7.29.0-25.el7.src", "7Workstation:curl-0:7.29.0-25.el7.x86_64", "7Workstation:curl-debuginfo-0:7.29.0-25.el7.aarch64", "7Workstation:curl-debuginfo-0:7.29.0-25.el7.i686", "7Workstation:curl-debuginfo-0:7.29.0-25.el7.ppc", "7Workstation:curl-debuginfo-0:7.29.0-25.el7.ppc64", "7Workstation:curl-debuginfo-0:7.29.0-25.el7.ppc64le", "7Workstation:curl-debuginfo-0:7.29.0-25.el7.s390", "7Workstation:curl-debuginfo-0:7.29.0-25.el7.s390x", "7Workstation:curl-debuginfo-0:7.29.0-25.el7.x86_64", "7Workstation:libcurl-0:7.29.0-25.el7.aarch64", "7Workstation:libcurl-0:7.29.0-25.el7.i686", "7Workstation:libcurl-0:7.29.0-25.el7.ppc", "7Workstation:libcurl-0:7.29.0-25.el7.ppc64", "7Workstation:libcurl-0:7.29.0-25.el7.ppc64le", "7Workstation:libcurl-0:7.29.0-25.el7.s390", "7Workstation:libcurl-0:7.29.0-25.el7.s390x", "7Workstation:libcurl-0:7.29.0-25.el7.x86_64", "7Workstation:libcurl-devel-0:7.29.0-25.el7.aarch64", "7Workstation:libcurl-devel-0:7.29.0-25.el7.i686", "7Workstation:libcurl-devel-0:7.29.0-25.el7.ppc", "7Workstation:libcurl-devel-0:7.29.0-25.el7.ppc64", "7Workstation:libcurl-devel-0:7.29.0-25.el7.ppc64le", "7Workstation:libcurl-devel-0:7.29.0-25.el7.s390", "7Workstation:libcurl-devel-0:7.29.0-25.el7.s390x", "7Workstation:libcurl-devel-0:7.29.0-25.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "curl: re-using authenticated connection when unauthenticated" }, { "acknowledgments": [ { "names": [ "Daniel Stenberg" ], "organization": "curl upstream" }, { "names": [ "Isaac Boukris" ], "summary": "Acknowledged by upstream." } ], "cve": "CVE-2015-3148", "cwe": { "id": "CWE-287", "name": "Improper Authentication" }, "discovery_date": "2015-04-16T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1213351" } ], "notes": [ { "category": "description", "text": "It was discovered that libcurl could incorrectly reuse Negotiate authenticated HTTP connections for subsequent requests. If an application using libcurl established a Negotiate authenticated HTTP connection to a server and sent subsequent requests with different credentials, the connection could be re-used with the initial set of credentials instead of using the new ones.", "title": "Vulnerability description" }, { "category": "summary", "text": "curl: Negotiate not treated as connection-oriented", "title": "Vulnerability summary" }, { "category": "other", "text": "This issue affects the version of curl package as shipped with Red Hat Enterprise Linux 5. Red Hat Enterprise Linux 5 is now in Production 3 Phase of the support and maintenance life cycle. This issue is not planned to be addressed in a future update for Red Hat Enterprise Linux 5.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Client-optional:curl-0:7.29.0-25.el7.aarch64", "7Client-optional:curl-0:7.29.0-25.el7.ppc64", "7Client-optional:curl-0:7.29.0-25.el7.ppc64le", "7Client-optional:curl-0:7.29.0-25.el7.s390x", "7Client-optional:curl-0:7.29.0-25.el7.src", "7Client-optional:curl-0:7.29.0-25.el7.x86_64", "7Client-optional:curl-debuginfo-0:7.29.0-25.el7.aarch64", "7Client-optional:curl-debuginfo-0:7.29.0-25.el7.i686", "7Client-optional:curl-debuginfo-0:7.29.0-25.el7.ppc", "7Client-optional:curl-debuginfo-0:7.29.0-25.el7.ppc64", "7Client-optional:curl-debuginfo-0:7.29.0-25.el7.ppc64le", "7Client-optional:curl-debuginfo-0:7.29.0-25.el7.s390", "7Client-optional:curl-debuginfo-0:7.29.0-25.el7.s390x", "7Client-optional:curl-debuginfo-0:7.29.0-25.el7.x86_64", "7Client-optional:libcurl-0:7.29.0-25.el7.aarch64", "7Client-optional:libcurl-0:7.29.0-25.el7.i686", "7Client-optional:libcurl-0:7.29.0-25.el7.ppc", "7Client-optional:libcurl-0:7.29.0-25.el7.ppc64", "7Client-optional:libcurl-0:7.29.0-25.el7.ppc64le", "7Client-optional:libcurl-0:7.29.0-25.el7.s390", "7Client-optional:libcurl-0:7.29.0-25.el7.s390x", "7Client-optional:libcurl-0:7.29.0-25.el7.x86_64", "7Client-optional:libcurl-devel-0:7.29.0-25.el7.aarch64", "7Client-optional:libcurl-devel-0:7.29.0-25.el7.i686", "7Client-optional:libcurl-devel-0:7.29.0-25.el7.ppc", "7Client-optional:libcurl-devel-0:7.29.0-25.el7.ppc64", "7Client-optional:libcurl-devel-0:7.29.0-25.el7.ppc64le", "7Client-optional:libcurl-devel-0:7.29.0-25.el7.s390", "7Client-optional:libcurl-devel-0:7.29.0-25.el7.s390x", "7Client-optional:libcurl-devel-0:7.29.0-25.el7.x86_64", "7Client:curl-0:7.29.0-25.el7.aarch64", "7Client:curl-0:7.29.0-25.el7.ppc64", "7Client:curl-0:7.29.0-25.el7.ppc64le", "7Client:curl-0:7.29.0-25.el7.s390x", "7Client:curl-0:7.29.0-25.el7.src", "7Client:curl-0:7.29.0-25.el7.x86_64", "7Client:curl-debuginfo-0:7.29.0-25.el7.aarch64", "7Client:curl-debuginfo-0:7.29.0-25.el7.i686", "7Client:curl-debuginfo-0:7.29.0-25.el7.ppc", "7Client:curl-debuginfo-0:7.29.0-25.el7.ppc64", "7Client:curl-debuginfo-0:7.29.0-25.el7.ppc64le", "7Client:curl-debuginfo-0:7.29.0-25.el7.s390", "7Client:curl-debuginfo-0:7.29.0-25.el7.s390x", "7Client:curl-debuginfo-0:7.29.0-25.el7.x86_64", "7Client:libcurl-0:7.29.0-25.el7.aarch64", "7Client:libcurl-0:7.29.0-25.el7.i686", "7Client:libcurl-0:7.29.0-25.el7.ppc", "7Client:libcurl-0:7.29.0-25.el7.ppc64", "7Client:libcurl-0:7.29.0-25.el7.ppc64le", "7Client:libcurl-0:7.29.0-25.el7.s390", "7Client:libcurl-0:7.29.0-25.el7.s390x", "7Client:libcurl-0:7.29.0-25.el7.x86_64", "7Client:libcurl-devel-0:7.29.0-25.el7.aarch64", "7Client:libcurl-devel-0:7.29.0-25.el7.i686", "7Client:libcurl-devel-0:7.29.0-25.el7.ppc", "7Client:libcurl-devel-0:7.29.0-25.el7.ppc64", "7Client:libcurl-devel-0:7.29.0-25.el7.ppc64le", "7Client:libcurl-devel-0:7.29.0-25.el7.s390", "7Client:libcurl-devel-0:7.29.0-25.el7.s390x", "7Client:libcurl-devel-0:7.29.0-25.el7.x86_64", "7ComputeNode-optional:curl-0:7.29.0-25.el7.aarch64", "7ComputeNode-optional:curl-0:7.29.0-25.el7.ppc64", "7ComputeNode-optional:curl-0:7.29.0-25.el7.ppc64le", "7ComputeNode-optional:curl-0:7.29.0-25.el7.s390x", "7ComputeNode-optional:curl-0:7.29.0-25.el7.src", "7ComputeNode-optional:curl-0:7.29.0-25.el7.x86_64", "7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.aarch64", "7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.i686", "7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.ppc", "7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.ppc64", "7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.ppc64le", "7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.s390", "7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.s390x", "7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.x86_64", "7ComputeNode-optional:libcurl-0:7.29.0-25.el7.aarch64", "7ComputeNode-optional:libcurl-0:7.29.0-25.el7.i686", "7ComputeNode-optional:libcurl-0:7.29.0-25.el7.ppc", "7ComputeNode-optional:libcurl-0:7.29.0-25.el7.ppc64", "7ComputeNode-optional:libcurl-0:7.29.0-25.el7.ppc64le", "7ComputeNode-optional:libcurl-0:7.29.0-25.el7.s390", "7ComputeNode-optional:libcurl-0:7.29.0-25.el7.s390x", "7ComputeNode-optional:libcurl-0:7.29.0-25.el7.x86_64", "7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.aarch64", "7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.i686", "7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.ppc", "7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.ppc64", "7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.ppc64le", "7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.s390", "7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.s390x", "7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.x86_64", "7ComputeNode:curl-0:7.29.0-25.el7.aarch64", "7ComputeNode:curl-0:7.29.0-25.el7.ppc64", "7ComputeNode:curl-0:7.29.0-25.el7.ppc64le", "7ComputeNode:curl-0:7.29.0-25.el7.s390x", "7ComputeNode:curl-0:7.29.0-25.el7.src", "7ComputeNode:curl-0:7.29.0-25.el7.x86_64", "7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.aarch64", "7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.i686", "7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.ppc", "7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.ppc64", "7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.ppc64le", "7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.s390", "7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.s390x", "7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.x86_64", "7ComputeNode:libcurl-0:7.29.0-25.el7.aarch64", "7ComputeNode:libcurl-0:7.29.0-25.el7.i686", "7ComputeNode:libcurl-0:7.29.0-25.el7.ppc", "7ComputeNode:libcurl-0:7.29.0-25.el7.ppc64", "7ComputeNode:libcurl-0:7.29.0-25.el7.ppc64le", "7ComputeNode:libcurl-0:7.29.0-25.el7.s390", "7ComputeNode:libcurl-0:7.29.0-25.el7.s390x", "7ComputeNode:libcurl-0:7.29.0-25.el7.x86_64", "7ComputeNode:libcurl-devel-0:7.29.0-25.el7.aarch64", "7ComputeNode:libcurl-devel-0:7.29.0-25.el7.i686", "7ComputeNode:libcurl-devel-0:7.29.0-25.el7.ppc", "7ComputeNode:libcurl-devel-0:7.29.0-25.el7.ppc64", "7ComputeNode:libcurl-devel-0:7.29.0-25.el7.ppc64le", "7ComputeNode:libcurl-devel-0:7.29.0-25.el7.s390", "7ComputeNode:libcurl-devel-0:7.29.0-25.el7.s390x", "7ComputeNode:libcurl-devel-0:7.29.0-25.el7.x86_64", "7Server:curl-0:7.29.0-25.el7.aarch64", "7Server:curl-0:7.29.0-25.el7.ppc64", "7Server:curl-0:7.29.0-25.el7.ppc64le", "7Server:curl-0:7.29.0-25.el7.s390x", "7Server:curl-0:7.29.0-25.el7.src", "7Server:curl-0:7.29.0-25.el7.x86_64", "7Server:curl-debuginfo-0:7.29.0-25.el7.aarch64", "7Server:curl-debuginfo-0:7.29.0-25.el7.i686", "7Server:curl-debuginfo-0:7.29.0-25.el7.ppc", "7Server:curl-debuginfo-0:7.29.0-25.el7.ppc64", "7Server:curl-debuginfo-0:7.29.0-25.el7.ppc64le", "7Server:curl-debuginfo-0:7.29.0-25.el7.s390", "7Server:curl-debuginfo-0:7.29.0-25.el7.s390x", "7Server:curl-debuginfo-0:7.29.0-25.el7.x86_64", "7Server:libcurl-0:7.29.0-25.el7.aarch64", "7Server:libcurl-0:7.29.0-25.el7.i686", "7Server:libcurl-0:7.29.0-25.el7.ppc", "7Server:libcurl-0:7.29.0-25.el7.ppc64", "7Server:libcurl-0:7.29.0-25.el7.ppc64le", "7Server:libcurl-0:7.29.0-25.el7.s390", "7Server:libcurl-0:7.29.0-25.el7.s390x", "7Server:libcurl-0:7.29.0-25.el7.x86_64", "7Server:libcurl-devel-0:7.29.0-25.el7.aarch64", "7Server:libcurl-devel-0:7.29.0-25.el7.i686", "7Server:libcurl-devel-0:7.29.0-25.el7.ppc", "7Server:libcurl-devel-0:7.29.0-25.el7.ppc64", "7Server:libcurl-devel-0:7.29.0-25.el7.ppc64le", "7Server:libcurl-devel-0:7.29.0-25.el7.s390", "7Server:libcurl-devel-0:7.29.0-25.el7.s390x", "7Server:libcurl-devel-0:7.29.0-25.el7.x86_64", "7Workstation:curl-0:7.29.0-25.el7.aarch64", "7Workstation:curl-0:7.29.0-25.el7.ppc64", "7Workstation:curl-0:7.29.0-25.el7.ppc64le", "7Workstation:curl-0:7.29.0-25.el7.s390x", "7Workstation:curl-0:7.29.0-25.el7.src", "7Workstation:curl-0:7.29.0-25.el7.x86_64", "7Workstation:curl-debuginfo-0:7.29.0-25.el7.aarch64", "7Workstation:curl-debuginfo-0:7.29.0-25.el7.i686", "7Workstation:curl-debuginfo-0:7.29.0-25.el7.ppc", "7Workstation:curl-debuginfo-0:7.29.0-25.el7.ppc64", "7Workstation:curl-debuginfo-0:7.29.0-25.el7.ppc64le", "7Workstation:curl-debuginfo-0:7.29.0-25.el7.s390", "7Workstation:curl-debuginfo-0:7.29.0-25.el7.s390x", "7Workstation:curl-debuginfo-0:7.29.0-25.el7.x86_64", "7Workstation:libcurl-0:7.29.0-25.el7.aarch64", "7Workstation:libcurl-0:7.29.0-25.el7.i686", "7Workstation:libcurl-0:7.29.0-25.el7.ppc", "7Workstation:libcurl-0:7.29.0-25.el7.ppc64", "7Workstation:libcurl-0:7.29.0-25.el7.ppc64le", "7Workstation:libcurl-0:7.29.0-25.el7.s390", "7Workstation:libcurl-0:7.29.0-25.el7.s390x", "7Workstation:libcurl-0:7.29.0-25.el7.x86_64", "7Workstation:libcurl-devel-0:7.29.0-25.el7.aarch64", "7Workstation:libcurl-devel-0:7.29.0-25.el7.i686", "7Workstation:libcurl-devel-0:7.29.0-25.el7.ppc", "7Workstation:libcurl-devel-0:7.29.0-25.el7.ppc64", "7Workstation:libcurl-devel-0:7.29.0-25.el7.ppc64le", "7Workstation:libcurl-devel-0:7.29.0-25.el7.s390", "7Workstation:libcurl-devel-0:7.29.0-25.el7.s390x", "7Workstation:libcurl-devel-0:7.29.0-25.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2015-3148" }, { "category": "external", "summary": "RHBZ#1213351", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1213351" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2015-3148", "url": "https://www.cve.org/CVERecord?id=CVE-2015-3148" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-3148", "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-3148" }, { "category": "external", "summary": "http://curl.haxx.se/docs/adv_20150422B.html", "url": "http://curl.haxx.se/docs/adv_20150422B.html" } ], "release_date": "2015-04-22T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2015-11-19T03:26:18+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Client-optional:curl-0:7.29.0-25.el7.aarch64", "7Client-optional:curl-0:7.29.0-25.el7.ppc64", "7Client-optional:curl-0:7.29.0-25.el7.ppc64le", "7Client-optional:curl-0:7.29.0-25.el7.s390x", "7Client-optional:curl-0:7.29.0-25.el7.src", "7Client-optional:curl-0:7.29.0-25.el7.x86_64", "7Client-optional:curl-debuginfo-0:7.29.0-25.el7.aarch64", "7Client-optional:curl-debuginfo-0:7.29.0-25.el7.i686", "7Client-optional:curl-debuginfo-0:7.29.0-25.el7.ppc", "7Client-optional:curl-debuginfo-0:7.29.0-25.el7.ppc64", "7Client-optional:curl-debuginfo-0:7.29.0-25.el7.ppc64le", "7Client-optional:curl-debuginfo-0:7.29.0-25.el7.s390", "7Client-optional:curl-debuginfo-0:7.29.0-25.el7.s390x", "7Client-optional:curl-debuginfo-0:7.29.0-25.el7.x86_64", "7Client-optional:libcurl-0:7.29.0-25.el7.aarch64", "7Client-optional:libcurl-0:7.29.0-25.el7.i686", "7Client-optional:libcurl-0:7.29.0-25.el7.ppc", "7Client-optional:libcurl-0:7.29.0-25.el7.ppc64", "7Client-optional:libcurl-0:7.29.0-25.el7.ppc64le", "7Client-optional:libcurl-0:7.29.0-25.el7.s390", "7Client-optional:libcurl-0:7.29.0-25.el7.s390x", "7Client-optional:libcurl-0:7.29.0-25.el7.x86_64", "7Client-optional:libcurl-devel-0:7.29.0-25.el7.aarch64", "7Client-optional:libcurl-devel-0:7.29.0-25.el7.i686", "7Client-optional:libcurl-devel-0:7.29.0-25.el7.ppc", "7Client-optional:libcurl-devel-0:7.29.0-25.el7.ppc64", "7Client-optional:libcurl-devel-0:7.29.0-25.el7.ppc64le", "7Client-optional:libcurl-devel-0:7.29.0-25.el7.s390", "7Client-optional:libcurl-devel-0:7.29.0-25.el7.s390x", "7Client-optional:libcurl-devel-0:7.29.0-25.el7.x86_64", "7Client:curl-0:7.29.0-25.el7.aarch64", "7Client:curl-0:7.29.0-25.el7.ppc64", "7Client:curl-0:7.29.0-25.el7.ppc64le", "7Client:curl-0:7.29.0-25.el7.s390x", "7Client:curl-0:7.29.0-25.el7.src", "7Client:curl-0:7.29.0-25.el7.x86_64", "7Client:curl-debuginfo-0:7.29.0-25.el7.aarch64", "7Client:curl-debuginfo-0:7.29.0-25.el7.i686", "7Client:curl-debuginfo-0:7.29.0-25.el7.ppc", "7Client:curl-debuginfo-0:7.29.0-25.el7.ppc64", "7Client:curl-debuginfo-0:7.29.0-25.el7.ppc64le", "7Client:curl-debuginfo-0:7.29.0-25.el7.s390", "7Client:curl-debuginfo-0:7.29.0-25.el7.s390x", "7Client:curl-debuginfo-0:7.29.0-25.el7.x86_64", "7Client:libcurl-0:7.29.0-25.el7.aarch64", "7Client:libcurl-0:7.29.0-25.el7.i686", "7Client:libcurl-0:7.29.0-25.el7.ppc", "7Client:libcurl-0:7.29.0-25.el7.ppc64", "7Client:libcurl-0:7.29.0-25.el7.ppc64le", "7Client:libcurl-0:7.29.0-25.el7.s390", "7Client:libcurl-0:7.29.0-25.el7.s390x", "7Client:libcurl-0:7.29.0-25.el7.x86_64", "7Client:libcurl-devel-0:7.29.0-25.el7.aarch64", "7Client:libcurl-devel-0:7.29.0-25.el7.i686", "7Client:libcurl-devel-0:7.29.0-25.el7.ppc", "7Client:libcurl-devel-0:7.29.0-25.el7.ppc64", "7Client:libcurl-devel-0:7.29.0-25.el7.ppc64le", "7Client:libcurl-devel-0:7.29.0-25.el7.s390", "7Client:libcurl-devel-0:7.29.0-25.el7.s390x", "7Client:libcurl-devel-0:7.29.0-25.el7.x86_64", "7ComputeNode-optional:curl-0:7.29.0-25.el7.aarch64", "7ComputeNode-optional:curl-0:7.29.0-25.el7.ppc64", "7ComputeNode-optional:curl-0:7.29.0-25.el7.ppc64le", "7ComputeNode-optional:curl-0:7.29.0-25.el7.s390x", "7ComputeNode-optional:curl-0:7.29.0-25.el7.src", "7ComputeNode-optional:curl-0:7.29.0-25.el7.x86_64", "7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.aarch64", "7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.i686", "7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.ppc", "7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.ppc64", "7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.ppc64le", "7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.s390", "7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.s390x", "7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.x86_64", "7ComputeNode-optional:libcurl-0:7.29.0-25.el7.aarch64", "7ComputeNode-optional:libcurl-0:7.29.0-25.el7.i686", "7ComputeNode-optional:libcurl-0:7.29.0-25.el7.ppc", "7ComputeNode-optional:libcurl-0:7.29.0-25.el7.ppc64", "7ComputeNode-optional:libcurl-0:7.29.0-25.el7.ppc64le", "7ComputeNode-optional:libcurl-0:7.29.0-25.el7.s390", "7ComputeNode-optional:libcurl-0:7.29.0-25.el7.s390x", "7ComputeNode-optional:libcurl-0:7.29.0-25.el7.x86_64", "7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.aarch64", "7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.i686", "7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.ppc", "7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.ppc64", "7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.ppc64le", "7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.s390", "7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.s390x", "7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.x86_64", "7ComputeNode:curl-0:7.29.0-25.el7.aarch64", "7ComputeNode:curl-0:7.29.0-25.el7.ppc64", "7ComputeNode:curl-0:7.29.0-25.el7.ppc64le", "7ComputeNode:curl-0:7.29.0-25.el7.s390x", "7ComputeNode:curl-0:7.29.0-25.el7.src", "7ComputeNode:curl-0:7.29.0-25.el7.x86_64", "7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.aarch64", "7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.i686", "7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.ppc", "7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.ppc64", "7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.ppc64le", "7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.s390", "7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.s390x", "7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.x86_64", "7ComputeNode:libcurl-0:7.29.0-25.el7.aarch64", "7ComputeNode:libcurl-0:7.29.0-25.el7.i686", "7ComputeNode:libcurl-0:7.29.0-25.el7.ppc", "7ComputeNode:libcurl-0:7.29.0-25.el7.ppc64", "7ComputeNode:libcurl-0:7.29.0-25.el7.ppc64le", "7ComputeNode:libcurl-0:7.29.0-25.el7.s390", "7ComputeNode:libcurl-0:7.29.0-25.el7.s390x", "7ComputeNode:libcurl-0:7.29.0-25.el7.x86_64", "7ComputeNode:libcurl-devel-0:7.29.0-25.el7.aarch64", "7ComputeNode:libcurl-devel-0:7.29.0-25.el7.i686", "7ComputeNode:libcurl-devel-0:7.29.0-25.el7.ppc", "7ComputeNode:libcurl-devel-0:7.29.0-25.el7.ppc64", "7ComputeNode:libcurl-devel-0:7.29.0-25.el7.ppc64le", "7ComputeNode:libcurl-devel-0:7.29.0-25.el7.s390", "7ComputeNode:libcurl-devel-0:7.29.0-25.el7.s390x", "7ComputeNode:libcurl-devel-0:7.29.0-25.el7.x86_64", "7Server:curl-0:7.29.0-25.el7.aarch64", "7Server:curl-0:7.29.0-25.el7.ppc64", "7Server:curl-0:7.29.0-25.el7.ppc64le", "7Server:curl-0:7.29.0-25.el7.s390x", "7Server:curl-0:7.29.0-25.el7.src", "7Server:curl-0:7.29.0-25.el7.x86_64", "7Server:curl-debuginfo-0:7.29.0-25.el7.aarch64", "7Server:curl-debuginfo-0:7.29.0-25.el7.i686", "7Server:curl-debuginfo-0:7.29.0-25.el7.ppc", "7Server:curl-debuginfo-0:7.29.0-25.el7.ppc64", "7Server:curl-debuginfo-0:7.29.0-25.el7.ppc64le", "7Server:curl-debuginfo-0:7.29.0-25.el7.s390", "7Server:curl-debuginfo-0:7.29.0-25.el7.s390x", "7Server:curl-debuginfo-0:7.29.0-25.el7.x86_64", "7Server:libcurl-0:7.29.0-25.el7.aarch64", "7Server:libcurl-0:7.29.0-25.el7.i686", "7Server:libcurl-0:7.29.0-25.el7.ppc", "7Server:libcurl-0:7.29.0-25.el7.ppc64", "7Server:libcurl-0:7.29.0-25.el7.ppc64le", "7Server:libcurl-0:7.29.0-25.el7.s390", "7Server:libcurl-0:7.29.0-25.el7.s390x", "7Server:libcurl-0:7.29.0-25.el7.x86_64", "7Server:libcurl-devel-0:7.29.0-25.el7.aarch64", "7Server:libcurl-devel-0:7.29.0-25.el7.i686", "7Server:libcurl-devel-0:7.29.0-25.el7.ppc", "7Server:libcurl-devel-0:7.29.0-25.el7.ppc64", "7Server:libcurl-devel-0:7.29.0-25.el7.ppc64le", "7Server:libcurl-devel-0:7.29.0-25.el7.s390", "7Server:libcurl-devel-0:7.29.0-25.el7.s390x", "7Server:libcurl-devel-0:7.29.0-25.el7.x86_64", "7Workstation:curl-0:7.29.0-25.el7.aarch64", "7Workstation:curl-0:7.29.0-25.el7.ppc64", "7Workstation:curl-0:7.29.0-25.el7.ppc64le", "7Workstation:curl-0:7.29.0-25.el7.s390x", "7Workstation:curl-0:7.29.0-25.el7.src", "7Workstation:curl-0:7.29.0-25.el7.x86_64", "7Workstation:curl-debuginfo-0:7.29.0-25.el7.aarch64", "7Workstation:curl-debuginfo-0:7.29.0-25.el7.i686", "7Workstation:curl-debuginfo-0:7.29.0-25.el7.ppc", "7Workstation:curl-debuginfo-0:7.29.0-25.el7.ppc64", "7Workstation:curl-debuginfo-0:7.29.0-25.el7.ppc64le", "7Workstation:curl-debuginfo-0:7.29.0-25.el7.s390", "7Workstation:curl-debuginfo-0:7.29.0-25.el7.s390x", "7Workstation:curl-debuginfo-0:7.29.0-25.el7.x86_64", "7Workstation:libcurl-0:7.29.0-25.el7.aarch64", "7Workstation:libcurl-0:7.29.0-25.el7.i686", "7Workstation:libcurl-0:7.29.0-25.el7.ppc", "7Workstation:libcurl-0:7.29.0-25.el7.ppc64", "7Workstation:libcurl-0:7.29.0-25.el7.ppc64le", "7Workstation:libcurl-0:7.29.0-25.el7.s390", "7Workstation:libcurl-0:7.29.0-25.el7.s390x", "7Workstation:libcurl-0:7.29.0-25.el7.x86_64", "7Workstation:libcurl-devel-0:7.29.0-25.el7.aarch64", "7Workstation:libcurl-devel-0:7.29.0-25.el7.i686", "7Workstation:libcurl-devel-0:7.29.0-25.el7.ppc", "7Workstation:libcurl-devel-0:7.29.0-25.el7.ppc64", "7Workstation:libcurl-devel-0:7.29.0-25.el7.ppc64le", "7Workstation:libcurl-devel-0:7.29.0-25.el7.s390", "7Workstation:libcurl-devel-0:7.29.0-25.el7.s390x", "7Workstation:libcurl-devel-0:7.29.0-25.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2015:2159" } ], "scores": [ { "cvss_v2": { "accessComplexity": "HIGH", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:N", "version": "2.0" }, "products": [ "7Client-optional:curl-0:7.29.0-25.el7.aarch64", "7Client-optional:curl-0:7.29.0-25.el7.ppc64", "7Client-optional:curl-0:7.29.0-25.el7.ppc64le", "7Client-optional:curl-0:7.29.0-25.el7.s390x", "7Client-optional:curl-0:7.29.0-25.el7.src", "7Client-optional:curl-0:7.29.0-25.el7.x86_64", "7Client-optional:curl-debuginfo-0:7.29.0-25.el7.aarch64", "7Client-optional:curl-debuginfo-0:7.29.0-25.el7.i686", "7Client-optional:curl-debuginfo-0:7.29.0-25.el7.ppc", "7Client-optional:curl-debuginfo-0:7.29.0-25.el7.ppc64", "7Client-optional:curl-debuginfo-0:7.29.0-25.el7.ppc64le", "7Client-optional:curl-debuginfo-0:7.29.0-25.el7.s390", "7Client-optional:curl-debuginfo-0:7.29.0-25.el7.s390x", "7Client-optional:curl-debuginfo-0:7.29.0-25.el7.x86_64", "7Client-optional:libcurl-0:7.29.0-25.el7.aarch64", "7Client-optional:libcurl-0:7.29.0-25.el7.i686", "7Client-optional:libcurl-0:7.29.0-25.el7.ppc", "7Client-optional:libcurl-0:7.29.0-25.el7.ppc64", "7Client-optional:libcurl-0:7.29.0-25.el7.ppc64le", "7Client-optional:libcurl-0:7.29.0-25.el7.s390", "7Client-optional:libcurl-0:7.29.0-25.el7.s390x", "7Client-optional:libcurl-0:7.29.0-25.el7.x86_64", "7Client-optional:libcurl-devel-0:7.29.0-25.el7.aarch64", "7Client-optional:libcurl-devel-0:7.29.0-25.el7.i686", "7Client-optional:libcurl-devel-0:7.29.0-25.el7.ppc", "7Client-optional:libcurl-devel-0:7.29.0-25.el7.ppc64", "7Client-optional:libcurl-devel-0:7.29.0-25.el7.ppc64le", "7Client-optional:libcurl-devel-0:7.29.0-25.el7.s390", "7Client-optional:libcurl-devel-0:7.29.0-25.el7.s390x", "7Client-optional:libcurl-devel-0:7.29.0-25.el7.x86_64", "7Client:curl-0:7.29.0-25.el7.aarch64", "7Client:curl-0:7.29.0-25.el7.ppc64", "7Client:curl-0:7.29.0-25.el7.ppc64le", "7Client:curl-0:7.29.0-25.el7.s390x", "7Client:curl-0:7.29.0-25.el7.src", "7Client:curl-0:7.29.0-25.el7.x86_64", "7Client:curl-debuginfo-0:7.29.0-25.el7.aarch64", "7Client:curl-debuginfo-0:7.29.0-25.el7.i686", "7Client:curl-debuginfo-0:7.29.0-25.el7.ppc", "7Client:curl-debuginfo-0:7.29.0-25.el7.ppc64", "7Client:curl-debuginfo-0:7.29.0-25.el7.ppc64le", "7Client:curl-debuginfo-0:7.29.0-25.el7.s390", "7Client:curl-debuginfo-0:7.29.0-25.el7.s390x", "7Client:curl-debuginfo-0:7.29.0-25.el7.x86_64", "7Client:libcurl-0:7.29.0-25.el7.aarch64", "7Client:libcurl-0:7.29.0-25.el7.i686", "7Client:libcurl-0:7.29.0-25.el7.ppc", "7Client:libcurl-0:7.29.0-25.el7.ppc64", "7Client:libcurl-0:7.29.0-25.el7.ppc64le", "7Client:libcurl-0:7.29.0-25.el7.s390", "7Client:libcurl-0:7.29.0-25.el7.s390x", "7Client:libcurl-0:7.29.0-25.el7.x86_64", "7Client:libcurl-devel-0:7.29.0-25.el7.aarch64", "7Client:libcurl-devel-0:7.29.0-25.el7.i686", "7Client:libcurl-devel-0:7.29.0-25.el7.ppc", "7Client:libcurl-devel-0:7.29.0-25.el7.ppc64", "7Client:libcurl-devel-0:7.29.0-25.el7.ppc64le", "7Client:libcurl-devel-0:7.29.0-25.el7.s390", "7Client:libcurl-devel-0:7.29.0-25.el7.s390x", "7Client:libcurl-devel-0:7.29.0-25.el7.x86_64", "7ComputeNode-optional:curl-0:7.29.0-25.el7.aarch64", "7ComputeNode-optional:curl-0:7.29.0-25.el7.ppc64", "7ComputeNode-optional:curl-0:7.29.0-25.el7.ppc64le", "7ComputeNode-optional:curl-0:7.29.0-25.el7.s390x", "7ComputeNode-optional:curl-0:7.29.0-25.el7.src", "7ComputeNode-optional:curl-0:7.29.0-25.el7.x86_64", "7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.aarch64", "7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.i686", "7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.ppc", "7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.ppc64", "7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.ppc64le", "7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.s390", "7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.s390x", "7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.x86_64", "7ComputeNode-optional:libcurl-0:7.29.0-25.el7.aarch64", "7ComputeNode-optional:libcurl-0:7.29.0-25.el7.i686", "7ComputeNode-optional:libcurl-0:7.29.0-25.el7.ppc", "7ComputeNode-optional:libcurl-0:7.29.0-25.el7.ppc64", "7ComputeNode-optional:libcurl-0:7.29.0-25.el7.ppc64le", "7ComputeNode-optional:libcurl-0:7.29.0-25.el7.s390", "7ComputeNode-optional:libcurl-0:7.29.0-25.el7.s390x", "7ComputeNode-optional:libcurl-0:7.29.0-25.el7.x86_64", "7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.aarch64", "7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.i686", "7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.ppc", "7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.ppc64", "7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.ppc64le", "7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.s390", "7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.s390x", "7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.x86_64", "7ComputeNode:curl-0:7.29.0-25.el7.aarch64", "7ComputeNode:curl-0:7.29.0-25.el7.ppc64", "7ComputeNode:curl-0:7.29.0-25.el7.ppc64le", "7ComputeNode:curl-0:7.29.0-25.el7.s390x", "7ComputeNode:curl-0:7.29.0-25.el7.src", "7ComputeNode:curl-0:7.29.0-25.el7.x86_64", "7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.aarch64", "7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.i686", "7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.ppc", "7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.ppc64", "7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.ppc64le", "7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.s390", "7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.s390x", "7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.x86_64", "7ComputeNode:libcurl-0:7.29.0-25.el7.aarch64", "7ComputeNode:libcurl-0:7.29.0-25.el7.i686", "7ComputeNode:libcurl-0:7.29.0-25.el7.ppc", "7ComputeNode:libcurl-0:7.29.0-25.el7.ppc64", "7ComputeNode:libcurl-0:7.29.0-25.el7.ppc64le", "7ComputeNode:libcurl-0:7.29.0-25.el7.s390", "7ComputeNode:libcurl-0:7.29.0-25.el7.s390x", "7ComputeNode:libcurl-0:7.29.0-25.el7.x86_64", "7ComputeNode:libcurl-devel-0:7.29.0-25.el7.aarch64", "7ComputeNode:libcurl-devel-0:7.29.0-25.el7.i686", "7ComputeNode:libcurl-devel-0:7.29.0-25.el7.ppc", "7ComputeNode:libcurl-devel-0:7.29.0-25.el7.ppc64", "7ComputeNode:libcurl-devel-0:7.29.0-25.el7.ppc64le", "7ComputeNode:libcurl-devel-0:7.29.0-25.el7.s390", "7ComputeNode:libcurl-devel-0:7.29.0-25.el7.s390x", "7ComputeNode:libcurl-devel-0:7.29.0-25.el7.x86_64", "7Server:curl-0:7.29.0-25.el7.aarch64", "7Server:curl-0:7.29.0-25.el7.ppc64", "7Server:curl-0:7.29.0-25.el7.ppc64le", "7Server:curl-0:7.29.0-25.el7.s390x", "7Server:curl-0:7.29.0-25.el7.src", "7Server:curl-0:7.29.0-25.el7.x86_64", "7Server:curl-debuginfo-0:7.29.0-25.el7.aarch64", "7Server:curl-debuginfo-0:7.29.0-25.el7.i686", "7Server:curl-debuginfo-0:7.29.0-25.el7.ppc", "7Server:curl-debuginfo-0:7.29.0-25.el7.ppc64", "7Server:curl-debuginfo-0:7.29.0-25.el7.ppc64le", "7Server:curl-debuginfo-0:7.29.0-25.el7.s390", "7Server:curl-debuginfo-0:7.29.0-25.el7.s390x", "7Server:curl-debuginfo-0:7.29.0-25.el7.x86_64", "7Server:libcurl-0:7.29.0-25.el7.aarch64", "7Server:libcurl-0:7.29.0-25.el7.i686", "7Server:libcurl-0:7.29.0-25.el7.ppc", "7Server:libcurl-0:7.29.0-25.el7.ppc64", "7Server:libcurl-0:7.29.0-25.el7.ppc64le", "7Server:libcurl-0:7.29.0-25.el7.s390", "7Server:libcurl-0:7.29.0-25.el7.s390x", "7Server:libcurl-0:7.29.0-25.el7.x86_64", "7Server:libcurl-devel-0:7.29.0-25.el7.aarch64", "7Server:libcurl-devel-0:7.29.0-25.el7.i686", "7Server:libcurl-devel-0:7.29.0-25.el7.ppc", "7Server:libcurl-devel-0:7.29.0-25.el7.ppc64", "7Server:libcurl-devel-0:7.29.0-25.el7.ppc64le", "7Server:libcurl-devel-0:7.29.0-25.el7.s390", "7Server:libcurl-devel-0:7.29.0-25.el7.s390x", "7Server:libcurl-devel-0:7.29.0-25.el7.x86_64", "7Workstation:curl-0:7.29.0-25.el7.aarch64", "7Workstation:curl-0:7.29.0-25.el7.ppc64", "7Workstation:curl-0:7.29.0-25.el7.ppc64le", "7Workstation:curl-0:7.29.0-25.el7.s390x", "7Workstation:curl-0:7.29.0-25.el7.src", "7Workstation:curl-0:7.29.0-25.el7.x86_64", "7Workstation:curl-debuginfo-0:7.29.0-25.el7.aarch64", "7Workstation:curl-debuginfo-0:7.29.0-25.el7.i686", "7Workstation:curl-debuginfo-0:7.29.0-25.el7.ppc", "7Workstation:curl-debuginfo-0:7.29.0-25.el7.ppc64", "7Workstation:curl-debuginfo-0:7.29.0-25.el7.ppc64le", "7Workstation:curl-debuginfo-0:7.29.0-25.el7.s390", "7Workstation:curl-debuginfo-0:7.29.0-25.el7.s390x", "7Workstation:curl-debuginfo-0:7.29.0-25.el7.x86_64", "7Workstation:libcurl-0:7.29.0-25.el7.aarch64", "7Workstation:libcurl-0:7.29.0-25.el7.i686", "7Workstation:libcurl-0:7.29.0-25.el7.ppc", "7Workstation:libcurl-0:7.29.0-25.el7.ppc64", "7Workstation:libcurl-0:7.29.0-25.el7.ppc64le", "7Workstation:libcurl-0:7.29.0-25.el7.s390", "7Workstation:libcurl-0:7.29.0-25.el7.s390x", "7Workstation:libcurl-0:7.29.0-25.el7.x86_64", "7Workstation:libcurl-devel-0:7.29.0-25.el7.aarch64", "7Workstation:libcurl-devel-0:7.29.0-25.el7.i686", "7Workstation:libcurl-devel-0:7.29.0-25.el7.ppc", "7Workstation:libcurl-devel-0:7.29.0-25.el7.ppc64", "7Workstation:libcurl-devel-0:7.29.0-25.el7.ppc64le", "7Workstation:libcurl-devel-0:7.29.0-25.el7.s390", "7Workstation:libcurl-devel-0:7.29.0-25.el7.s390x", "7Workstation:libcurl-devel-0:7.29.0-25.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "curl: Negotiate not treated as connection-oriented" } ] }
rhsa-2015_1254
Vulnerability from csaf_redhat
Published
2015-07-20 13:50
Modified
2024-11-22 08:47
Summary
Red Hat Security Advisory: curl security, bug fix, and enhancement update
Notes
Topic
Updated curl packages that fix multiple security issues, several bugs, and
add two enhancements are now available for Red Hat Enterprise Linux 6.
Red Hat Product Security has rated this update as having Moderate security
impact. Common Vulnerability Scoring System (CVSS) base scores, which give
detailed severity ratings, are available for each vulnerability from the
CVE links in the References section.
Details
The curl packages provide the libcurl library and the curl utility for
downloading files from servers using various protocols, including HTTP,
FTP, and LDAP.
It was found that the libcurl library did not correctly handle partial
literal IP addresses when parsing received HTTP cookies. An attacker able
to trick a user into connecting to a malicious server could use this flaw
to set the user's cookie to a crafted domain, making other cookie-related
issues easier to exploit. (CVE-2014-3613)
A flaw was found in the way the libcurl library performed the duplication
of connection handles. If an application set the CURLOPT_COPYPOSTFIELDS
option for a handle, using the handle's duplicate could cause the
application to crash or disclose a portion of its memory. (CVE-2014-3707)
It was discovered that the libcurl library failed to properly handle URLs
with embedded end-of-line characters. An attacker able to make an
application using libcurl to access a specially crafted URL via an HTTP
proxy could use this flaw to inject additional headers to the request or
construct additional requests. (CVE-2014-8150)
It was discovered that libcurl implemented aspects of the NTLM and
Negotatiate authentication incorrectly. If an application uses libcurl
and the affected mechanisms in a specifc way, certain requests to a
previously NTLM-authenticated server could appears as sent by the wrong
authenticated user. Additionally, the initial set of credentials for HTTP
Negotiate-authenticated requests could be reused in subsequent requests,
although a different set of credentials was specified. (CVE-2015-3143,
CVE-2015-3148)
Red Hat would like to thank the cURL project for reporting these issues.
Bug fixes:
* An out-of-protocol fallback to SSL version 3.0 (SSLv3.0) was available
with libcurl. Attackers could abuse the fallback to force downgrade of the
SSL version. The fallback has been removed from libcurl. Users requiring
this functionality can explicitly enable SSLv3.0 through the libcurl API.
(BZ#1154059)
* A single upload transfer through the FILE protocol opened the destination
file twice. If the inotify kernel subsystem monitored the file, two events
were produced unnecessarily. The file is now opened only once per upload.
(BZ#883002)
* Utilities using libcurl for SCP/SFTP transfers could terminate
unexpectedly when the system was running in FIPS mode. (BZ#1008178)
* Using the "--retry" option with the curl utility could cause curl to
terminate unexpectedly with a segmentation fault. Now, adding "--retry" no
longer causes curl to crash. (BZ#1009455)
* The "curl --trace-time" command did not use the correct local time when
printing timestamps. Now, "curl --trace-time" works as expected.
(BZ#1120196)
* The valgrind utility could report dynamically allocated memory leaks on
curl exit. Now, curl performs a global shutdown of the NetScape Portable
Runtime (NSPR) library on exit, and valgrind no longer reports the memory
leaks. (BZ#1146528)
* Previously, libcurl returned an incorrect value of the
CURLINFO_HEADER_SIZE field when a proxy server appended its own headers to
the HTTP response. Now, the returned value is valid. (BZ#1161163)
Enhancements:
* The "--tlsv1.0", "--tlsv1.1", and "--tlsv1.2" options are available for
specifying the minor version of the TLS protocol to be negotiated by NSS.
The "--tlsv1" option now negotiates the highest version of the TLS protocol
supported by both the client and the server. (BZ#1012136)
* It is now possible to explicitly enable or disable the ECC and the new
AES cipher suites to be used for TLS. (BZ#1058767, BZ#1156422)
All curl users are advised to upgrade to these updated packages, which
contain backported patches to correct these issues and add these
enhancements.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Moderate" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "Updated curl packages that fix multiple security issues, several bugs, and\nadd two enhancements are now available for Red Hat Enterprise Linux 6.\n\nRed Hat Product Security has rated this update as having Moderate security\nimpact. Common Vulnerability Scoring System (CVSS) base scores, which give\ndetailed severity ratings, are available for each vulnerability from the\nCVE links in the References section.", "title": "Topic" }, { "category": "general", "text": "The curl packages provide the libcurl library and the curl utility for\ndownloading files from servers using various protocols, including HTTP,\nFTP, and LDAP.\n\nIt was found that the libcurl library did not correctly handle partial\nliteral IP addresses when parsing received HTTP cookies. An attacker able\nto trick a user into connecting to a malicious server could use this flaw\nto set the user\u0027s cookie to a crafted domain, making other cookie-related\nissues easier to exploit. (CVE-2014-3613)\n\nA flaw was found in the way the libcurl library performed the duplication\nof connection handles. If an application set the CURLOPT_COPYPOSTFIELDS\noption for a handle, using the handle\u0027s duplicate could cause the\napplication to crash or disclose a portion of its memory. (CVE-2014-3707)\n\nIt was discovered that the libcurl library failed to properly handle URLs\nwith embedded end-of-line characters. An attacker able to make an\napplication using libcurl to access a specially crafted URL via an HTTP\nproxy could use this flaw to inject additional headers to the request or\nconstruct additional requests. (CVE-2014-8150)\n\nIt was discovered that libcurl implemented aspects of the NTLM and\nNegotatiate authentication incorrectly. If an application uses libcurl\nand the affected mechanisms in a specifc way, certain requests to a\npreviously NTLM-authenticated server could appears as sent by the wrong\nauthenticated user. Additionally, the initial set of credentials for HTTP\nNegotiate-authenticated requests could be reused in subsequent requests,\nalthough a different set of credentials was specified. (CVE-2015-3143,\nCVE-2015-3148)\n\nRed Hat would like to thank the cURL project for reporting these issues.\n\nBug fixes:\n\n* An out-of-protocol fallback to SSL version 3.0 (SSLv3.0) was available\nwith libcurl. Attackers could abuse the fallback to force downgrade of the\nSSL version. The fallback has been removed from libcurl. Users requiring\nthis functionality can explicitly enable SSLv3.0 through the libcurl API.\n(BZ#1154059)\n\n* A single upload transfer through the FILE protocol opened the destination\nfile twice. If the inotify kernel subsystem monitored the file, two events\nwere produced unnecessarily. The file is now opened only once per upload.\n(BZ#883002)\n\n* Utilities using libcurl for SCP/SFTP transfers could terminate\nunexpectedly when the system was running in FIPS mode. (BZ#1008178)\n\n* Using the \"--retry\" option with the curl utility could cause curl to\nterminate unexpectedly with a segmentation fault. Now, adding \"--retry\" no\nlonger causes curl to crash. (BZ#1009455)\n\n* The \"curl --trace-time\" command did not use the correct local time when\nprinting timestamps. Now, \"curl --trace-time\" works as expected.\n(BZ#1120196)\n\n* The valgrind utility could report dynamically allocated memory leaks on\ncurl exit. Now, curl performs a global shutdown of the NetScape Portable\nRuntime (NSPR) library on exit, and valgrind no longer reports the memory\nleaks. (BZ#1146528)\n\n* Previously, libcurl returned an incorrect value of the\nCURLINFO_HEADER_SIZE field when a proxy server appended its own headers to\nthe HTTP response. Now, the returned value is valid. (BZ#1161163)\n\nEnhancements:\n\n* The \"--tlsv1.0\", \"--tlsv1.1\", and \"--tlsv1.2\" options are available for\nspecifying the minor version of the TLS protocol to be negotiated by NSS.\nThe \"--tlsv1\" option now negotiates the highest version of the TLS protocol\nsupported by both the client and the server. (BZ#1012136)\n\n* It is now possible to explicitly enable or disable the ECC and the new\nAES cipher suites to be used for TLS. (BZ#1058767, BZ#1156422)\n\nAll curl users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues and add these\nenhancements.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2015:1254", "url": "https://access.redhat.com/errata/RHSA-2015:1254" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#moderate", "url": "https://access.redhat.com/security/updates/classification/#moderate" }, { "category": "external", "summary": "835898", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=835898" }, { "category": "external", "summary": "883002", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=883002" }, { "category": "external", "summary": "997185", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=997185" }, { "category": "external", "summary": "1008178", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1008178" }, { "category": "external", "summary": "1011083", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1011083" }, { "category": "external", "summary": "1011101", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1011101" }, { "category": "external", "summary": "1058767", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1058767" }, { "category": "external", "summary": "1104160", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1104160" }, { "category": "external", "summary": "1136154", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1136154" }, { "category": "external", "summary": "1154059", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1154059" }, { "category": "external", "summary": "1154747", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1154747" }, { "category": "external", "summary": "1154941", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1154941" }, { "category": "external", "summary": "1156422", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1156422" }, { "category": "external", "summary": "1161163", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1161163" }, { "category": "external", "summary": "1168137", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1168137" }, { "category": "external", "summary": "1178692", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1178692" }, { "category": "external", "summary": "1213306", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1213306" }, { "category": "external", "summary": "1213351", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1213351" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2015/rhsa-2015_1254.json" } ], "title": "Red Hat Security Advisory: curl security, bug fix, and enhancement update", "tracking": { "current_release_date": "2024-11-22T08:47:34+00:00", "generator": { "date": "2024-11-22T08:47:34+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.1" } }, "id": "RHSA-2015:1254", "initial_release_date": "2015-07-20T13:50:03+00:00", "revision_history": [ { "date": "2015-07-20T13:50:03+00:00", "number": "1", "summary": "Initial version" }, { "date": "2015-07-20T13:50:03+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-22T08:47:34+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat Enterprise Linux Desktop (v. 6)", "product": { "name": "Red Hat Enterprise Linux Desktop (v. 6)", "product_id": "6Client", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:6::client" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux Desktop Optional (v. 6)", "product": { "name": "Red Hat Enterprise Linux Desktop Optional (v. 6)", "product_id": "6Client-optional", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:6::client" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux HPC Node (v. 6)", "product": { "name": "Red Hat Enterprise Linux HPC Node (v. 6)", "product_id": "6ComputeNode", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:6::computenode" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux HPC Node Optional (v. 6)", "product": { "name": "Red Hat Enterprise Linux HPC Node Optional (v. 6)", "product_id": "6ComputeNode-optional", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:6::computenode" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux Server (v. 6)", "product": { "name": "Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:6::server" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux Workstation (v. 6)", "product": { "name": "Red Hat Enterprise Linux Workstation (v. 6)", "product_id": "6Workstation", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:6::workstation" } } } ], "category": "product_family", "name": "Red Hat Enterprise Linux" }, { "branches": [ { "category": "product_version", "name": "libcurl-devel-0:7.19.7-46.el6.i686", "product": { "name": "libcurl-devel-0:7.19.7-46.el6.i686", "product_id": "libcurl-devel-0:7.19.7-46.el6.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/libcurl-devel@7.19.7-46.el6?arch=i686" } } }, { "category": "product_version", "name": "libcurl-0:7.19.7-46.el6.i686", "product": { "name": "libcurl-0:7.19.7-46.el6.i686", "product_id": "libcurl-0:7.19.7-46.el6.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/libcurl@7.19.7-46.el6?arch=i686" } } }, { "category": "product_version", "name": "curl-debuginfo-0:7.19.7-46.el6.i686", "product": { "name": "curl-debuginfo-0:7.19.7-46.el6.i686", "product_id": "curl-debuginfo-0:7.19.7-46.el6.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/curl-debuginfo@7.19.7-46.el6?arch=i686" } } }, { "category": "product_version", "name": "curl-0:7.19.7-46.el6.i686", "product": { "name": "curl-0:7.19.7-46.el6.i686", "product_id": "curl-0:7.19.7-46.el6.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/curl@7.19.7-46.el6?arch=i686" } } } ], "category": "architecture", "name": "i686" }, { "branches": [ { "category": "product_version", "name": "curl-debuginfo-0:7.19.7-46.el6.x86_64", "product": { "name": "curl-debuginfo-0:7.19.7-46.el6.x86_64", "product_id": "curl-debuginfo-0:7.19.7-46.el6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/curl-debuginfo@7.19.7-46.el6?arch=x86_64" } } }, { "category": "product_version", "name": "curl-0:7.19.7-46.el6.x86_64", "product": { "name": "curl-0:7.19.7-46.el6.x86_64", "product_id": "curl-0:7.19.7-46.el6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/curl@7.19.7-46.el6?arch=x86_64" } } }, { "category": "product_version", "name": "libcurl-0:7.19.7-46.el6.x86_64", "product": { "name": "libcurl-0:7.19.7-46.el6.x86_64", "product_id": "libcurl-0:7.19.7-46.el6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/libcurl@7.19.7-46.el6?arch=x86_64" } } }, { "category": "product_version", "name": "libcurl-devel-0:7.19.7-46.el6.x86_64", "product": { "name": "libcurl-devel-0:7.19.7-46.el6.x86_64", "product_id": "libcurl-devel-0:7.19.7-46.el6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/libcurl-devel@7.19.7-46.el6?arch=x86_64" } } } ], "category": "architecture", "name": "x86_64" }, { "branches": [ { "category": "product_version", "name": "curl-0:7.19.7-46.el6.src", "product": { "name": "curl-0:7.19.7-46.el6.src", "product_id": "curl-0:7.19.7-46.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/curl@7.19.7-46.el6?arch=src" } } } ], "category": "architecture", "name": "src" }, { "branches": [ { "category": "product_version", "name": "curl-debuginfo-0:7.19.7-46.el6.s390", "product": { "name": "curl-debuginfo-0:7.19.7-46.el6.s390", "product_id": "curl-debuginfo-0:7.19.7-46.el6.s390", "product_identification_helper": { "purl": "pkg:rpm/redhat/curl-debuginfo@7.19.7-46.el6?arch=s390" } } }, { "category": "product_version", "name": "libcurl-0:7.19.7-46.el6.s390", "product": { "name": "libcurl-0:7.19.7-46.el6.s390", "product_id": "libcurl-0:7.19.7-46.el6.s390", "product_identification_helper": { "purl": "pkg:rpm/redhat/libcurl@7.19.7-46.el6?arch=s390" } } }, { "category": "product_version", "name": "libcurl-devel-0:7.19.7-46.el6.s390", "product": { "name": "libcurl-devel-0:7.19.7-46.el6.s390", "product_id": "libcurl-devel-0:7.19.7-46.el6.s390", "product_identification_helper": { "purl": "pkg:rpm/redhat/libcurl-devel@7.19.7-46.el6?arch=s390" } } } ], "category": "architecture", "name": "s390" }, { "branches": [ { "category": "product_version", "name": "libcurl-devel-0:7.19.7-46.el6.s390x", "product": { "name": "libcurl-devel-0:7.19.7-46.el6.s390x", "product_id": "libcurl-devel-0:7.19.7-46.el6.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/libcurl-devel@7.19.7-46.el6?arch=s390x" } } }, { "category": "product_version", "name": "curl-debuginfo-0:7.19.7-46.el6.s390x", "product": { "name": "curl-debuginfo-0:7.19.7-46.el6.s390x", "product_id": "curl-debuginfo-0:7.19.7-46.el6.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/curl-debuginfo@7.19.7-46.el6?arch=s390x" } } }, { "category": "product_version", "name": "curl-0:7.19.7-46.el6.s390x", "product": { "name": "curl-0:7.19.7-46.el6.s390x", "product_id": "curl-0:7.19.7-46.el6.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/curl@7.19.7-46.el6?arch=s390x" } } }, { "category": "product_version", "name": "libcurl-0:7.19.7-46.el6.s390x", "product": { "name": "libcurl-0:7.19.7-46.el6.s390x", "product_id": "libcurl-0:7.19.7-46.el6.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/libcurl@7.19.7-46.el6?arch=s390x" } } } ], "category": "architecture", "name": "s390x" }, { "branches": [ { "category": "product_version", "name": "curl-debuginfo-0:7.19.7-46.el6.ppc", "product": { "name": "curl-debuginfo-0:7.19.7-46.el6.ppc", "product_id": "curl-debuginfo-0:7.19.7-46.el6.ppc", "product_identification_helper": { "purl": "pkg:rpm/redhat/curl-debuginfo@7.19.7-46.el6?arch=ppc" } } }, { "category": "product_version", "name": "libcurl-devel-0:7.19.7-46.el6.ppc", "product": { "name": "libcurl-devel-0:7.19.7-46.el6.ppc", "product_id": "libcurl-devel-0:7.19.7-46.el6.ppc", "product_identification_helper": { "purl": "pkg:rpm/redhat/libcurl-devel@7.19.7-46.el6?arch=ppc" } } }, { "category": "product_version", "name": "libcurl-0:7.19.7-46.el6.ppc", "product": { "name": "libcurl-0:7.19.7-46.el6.ppc", "product_id": "libcurl-0:7.19.7-46.el6.ppc", "product_identification_helper": { "purl": "pkg:rpm/redhat/libcurl@7.19.7-46.el6?arch=ppc" } } } ], "category": "architecture", "name": "ppc" }, { "branches": [ { "category": "product_version", "name": "curl-debuginfo-0:7.19.7-46.el6.ppc64", "product": { "name": "curl-debuginfo-0:7.19.7-46.el6.ppc64", "product_id": "curl-debuginfo-0:7.19.7-46.el6.ppc64", "product_identification_helper": { "purl": "pkg:rpm/redhat/curl-debuginfo@7.19.7-46.el6?arch=ppc64" } } }, { "category": "product_version", "name": "curl-0:7.19.7-46.el6.ppc64", "product": { "name": "curl-0:7.19.7-46.el6.ppc64", "product_id": "curl-0:7.19.7-46.el6.ppc64", "product_identification_helper": { "purl": "pkg:rpm/redhat/curl@7.19.7-46.el6?arch=ppc64" } } }, { "category": "product_version", "name": "libcurl-devel-0:7.19.7-46.el6.ppc64", "product": { "name": "libcurl-devel-0:7.19.7-46.el6.ppc64", "product_id": "libcurl-devel-0:7.19.7-46.el6.ppc64", "product_identification_helper": { "purl": "pkg:rpm/redhat/libcurl-devel@7.19.7-46.el6?arch=ppc64" } } }, { "category": "product_version", "name": "libcurl-0:7.19.7-46.el6.ppc64", "product": { "name": "libcurl-0:7.19.7-46.el6.ppc64", "product_id": "libcurl-0:7.19.7-46.el6.ppc64", "product_identification_helper": { "purl": "pkg:rpm/redhat/libcurl@7.19.7-46.el6?arch=ppc64" } } } ], "category": "architecture", "name": "ppc64" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "curl-0:7.19.7-46.el6.i686 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", "product_id": "6Client-optional:curl-0:7.19.7-46.el6.i686" }, "product_reference": "curl-0:7.19.7-46.el6.i686", "relates_to_product_reference": "6Client-optional" }, { "category": "default_component_of", "full_product_name": { "name": "curl-0:7.19.7-46.el6.ppc64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", "product_id": "6Client-optional:curl-0:7.19.7-46.el6.ppc64" }, "product_reference": "curl-0:7.19.7-46.el6.ppc64", "relates_to_product_reference": "6Client-optional" }, { "category": "default_component_of", "full_product_name": { "name": "curl-0:7.19.7-46.el6.s390x as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", "product_id": "6Client-optional:curl-0:7.19.7-46.el6.s390x" }, "product_reference": "curl-0:7.19.7-46.el6.s390x", "relates_to_product_reference": "6Client-optional" }, { "category": "default_component_of", "full_product_name": { "name": "curl-0:7.19.7-46.el6.src as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", "product_id": "6Client-optional:curl-0:7.19.7-46.el6.src" }, "product_reference": "curl-0:7.19.7-46.el6.src", "relates_to_product_reference": "6Client-optional" }, { "category": "default_component_of", "full_product_name": { "name": "curl-0:7.19.7-46.el6.x86_64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", "product_id": "6Client-optional:curl-0:7.19.7-46.el6.x86_64" }, "product_reference": "curl-0:7.19.7-46.el6.x86_64", "relates_to_product_reference": "6Client-optional" }, { "category": "default_component_of", "full_product_name": { "name": "curl-debuginfo-0:7.19.7-46.el6.i686 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", "product_id": "6Client-optional:curl-debuginfo-0:7.19.7-46.el6.i686" }, "product_reference": "curl-debuginfo-0:7.19.7-46.el6.i686", "relates_to_product_reference": "6Client-optional" }, { "category": "default_component_of", "full_product_name": { "name": "curl-debuginfo-0:7.19.7-46.el6.ppc as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", "product_id": "6Client-optional:curl-debuginfo-0:7.19.7-46.el6.ppc" }, "product_reference": "curl-debuginfo-0:7.19.7-46.el6.ppc", "relates_to_product_reference": "6Client-optional" }, { "category": "default_component_of", "full_product_name": { "name": "curl-debuginfo-0:7.19.7-46.el6.ppc64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", "product_id": "6Client-optional:curl-debuginfo-0:7.19.7-46.el6.ppc64" }, "product_reference": "curl-debuginfo-0:7.19.7-46.el6.ppc64", "relates_to_product_reference": "6Client-optional" }, { "category": "default_component_of", "full_product_name": { "name": "curl-debuginfo-0:7.19.7-46.el6.s390 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", "product_id": "6Client-optional:curl-debuginfo-0:7.19.7-46.el6.s390" }, "product_reference": "curl-debuginfo-0:7.19.7-46.el6.s390", "relates_to_product_reference": "6Client-optional" }, { "category": "default_component_of", "full_product_name": { "name": "curl-debuginfo-0:7.19.7-46.el6.s390x as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", "product_id": "6Client-optional:curl-debuginfo-0:7.19.7-46.el6.s390x" }, "product_reference": "curl-debuginfo-0:7.19.7-46.el6.s390x", "relates_to_product_reference": "6Client-optional" }, { "category": "default_component_of", "full_product_name": { "name": "curl-debuginfo-0:7.19.7-46.el6.x86_64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", "product_id": "6Client-optional:curl-debuginfo-0:7.19.7-46.el6.x86_64" }, "product_reference": "curl-debuginfo-0:7.19.7-46.el6.x86_64", "relates_to_product_reference": "6Client-optional" }, { "category": "default_component_of", "full_product_name": { "name": "libcurl-0:7.19.7-46.el6.i686 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", "product_id": "6Client-optional:libcurl-0:7.19.7-46.el6.i686" }, "product_reference": "libcurl-0:7.19.7-46.el6.i686", "relates_to_product_reference": "6Client-optional" }, { "category": "default_component_of", "full_product_name": { "name": "libcurl-0:7.19.7-46.el6.ppc as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", "product_id": "6Client-optional:libcurl-0:7.19.7-46.el6.ppc" }, "product_reference": "libcurl-0:7.19.7-46.el6.ppc", "relates_to_product_reference": "6Client-optional" }, { "category": "default_component_of", "full_product_name": { "name": "libcurl-0:7.19.7-46.el6.ppc64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", "product_id": "6Client-optional:libcurl-0:7.19.7-46.el6.ppc64" }, "product_reference": "libcurl-0:7.19.7-46.el6.ppc64", "relates_to_product_reference": "6Client-optional" }, { "category": "default_component_of", "full_product_name": { "name": "libcurl-0:7.19.7-46.el6.s390 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", "product_id": "6Client-optional:libcurl-0:7.19.7-46.el6.s390" }, "product_reference": "libcurl-0:7.19.7-46.el6.s390", "relates_to_product_reference": "6Client-optional" }, { "category": "default_component_of", "full_product_name": { "name": "libcurl-0:7.19.7-46.el6.s390x as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", "product_id": "6Client-optional:libcurl-0:7.19.7-46.el6.s390x" }, "product_reference": "libcurl-0:7.19.7-46.el6.s390x", "relates_to_product_reference": "6Client-optional" }, { "category": "default_component_of", "full_product_name": { "name": "libcurl-0:7.19.7-46.el6.x86_64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", "product_id": "6Client-optional:libcurl-0:7.19.7-46.el6.x86_64" }, "product_reference": "libcurl-0:7.19.7-46.el6.x86_64", "relates_to_product_reference": "6Client-optional" }, { "category": "default_component_of", "full_product_name": { "name": "libcurl-devel-0:7.19.7-46.el6.i686 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", "product_id": "6Client-optional:libcurl-devel-0:7.19.7-46.el6.i686" }, "product_reference": "libcurl-devel-0:7.19.7-46.el6.i686", "relates_to_product_reference": "6Client-optional" }, { "category": "default_component_of", "full_product_name": { "name": "libcurl-devel-0:7.19.7-46.el6.ppc as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", "product_id": "6Client-optional:libcurl-devel-0:7.19.7-46.el6.ppc" }, "product_reference": "libcurl-devel-0:7.19.7-46.el6.ppc", "relates_to_product_reference": "6Client-optional" }, { "category": "default_component_of", "full_product_name": { "name": "libcurl-devel-0:7.19.7-46.el6.ppc64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", "product_id": "6Client-optional:libcurl-devel-0:7.19.7-46.el6.ppc64" }, "product_reference": "libcurl-devel-0:7.19.7-46.el6.ppc64", "relates_to_product_reference": "6Client-optional" }, { "category": "default_component_of", "full_product_name": { "name": "libcurl-devel-0:7.19.7-46.el6.s390 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", "product_id": "6Client-optional:libcurl-devel-0:7.19.7-46.el6.s390" }, "product_reference": "libcurl-devel-0:7.19.7-46.el6.s390", "relates_to_product_reference": "6Client-optional" }, { "category": "default_component_of", "full_product_name": { "name": "libcurl-devel-0:7.19.7-46.el6.s390x as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", "product_id": "6Client-optional:libcurl-devel-0:7.19.7-46.el6.s390x" }, "product_reference": "libcurl-devel-0:7.19.7-46.el6.s390x", "relates_to_product_reference": "6Client-optional" }, { "category": "default_component_of", "full_product_name": { "name": "libcurl-devel-0:7.19.7-46.el6.x86_64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", "product_id": "6Client-optional:libcurl-devel-0:7.19.7-46.el6.x86_64" }, "product_reference": "libcurl-devel-0:7.19.7-46.el6.x86_64", "relates_to_product_reference": "6Client-optional" }, { "category": "default_component_of", "full_product_name": { "name": "curl-0:7.19.7-46.el6.i686 as a component of Red Hat Enterprise Linux Desktop (v. 6)", "product_id": "6Client:curl-0:7.19.7-46.el6.i686" }, "product_reference": "curl-0:7.19.7-46.el6.i686", "relates_to_product_reference": "6Client" }, { "category": "default_component_of", "full_product_name": { "name": "curl-0:7.19.7-46.el6.ppc64 as a component of Red Hat Enterprise Linux Desktop (v. 6)", "product_id": "6Client:curl-0:7.19.7-46.el6.ppc64" }, "product_reference": "curl-0:7.19.7-46.el6.ppc64", "relates_to_product_reference": "6Client" }, { "category": "default_component_of", "full_product_name": { "name": "curl-0:7.19.7-46.el6.s390x as a component of Red Hat Enterprise Linux Desktop (v. 6)", "product_id": "6Client:curl-0:7.19.7-46.el6.s390x" }, "product_reference": "curl-0:7.19.7-46.el6.s390x", "relates_to_product_reference": "6Client" }, { "category": "default_component_of", "full_product_name": { "name": "curl-0:7.19.7-46.el6.src as a component of Red Hat Enterprise Linux Desktop (v. 6)", "product_id": "6Client:curl-0:7.19.7-46.el6.src" }, "product_reference": "curl-0:7.19.7-46.el6.src", "relates_to_product_reference": "6Client" }, { "category": "default_component_of", "full_product_name": { "name": "curl-0:7.19.7-46.el6.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 6)", "product_id": "6Client:curl-0:7.19.7-46.el6.x86_64" }, "product_reference": "curl-0:7.19.7-46.el6.x86_64", "relates_to_product_reference": "6Client" }, { "category": "default_component_of", "full_product_name": { "name": "curl-debuginfo-0:7.19.7-46.el6.i686 as a component of Red Hat Enterprise Linux Desktop (v. 6)", "product_id": "6Client:curl-debuginfo-0:7.19.7-46.el6.i686" }, "product_reference": "curl-debuginfo-0:7.19.7-46.el6.i686", "relates_to_product_reference": "6Client" }, { "category": "default_component_of", "full_product_name": { "name": "curl-debuginfo-0:7.19.7-46.el6.ppc as a component of Red Hat Enterprise Linux Desktop (v. 6)", "product_id": "6Client:curl-debuginfo-0:7.19.7-46.el6.ppc" }, "product_reference": "curl-debuginfo-0:7.19.7-46.el6.ppc", "relates_to_product_reference": "6Client" }, { "category": "default_component_of", "full_product_name": { "name": "curl-debuginfo-0:7.19.7-46.el6.ppc64 as a component of Red Hat Enterprise Linux Desktop (v. 6)", "product_id": "6Client:curl-debuginfo-0:7.19.7-46.el6.ppc64" }, "product_reference": "curl-debuginfo-0:7.19.7-46.el6.ppc64", "relates_to_product_reference": "6Client" }, { "category": "default_component_of", "full_product_name": { "name": "curl-debuginfo-0:7.19.7-46.el6.s390 as a component of Red Hat Enterprise Linux Desktop (v. 6)", "product_id": "6Client:curl-debuginfo-0:7.19.7-46.el6.s390" }, "product_reference": "curl-debuginfo-0:7.19.7-46.el6.s390", "relates_to_product_reference": "6Client" }, { "category": "default_component_of", "full_product_name": { "name": "curl-debuginfo-0:7.19.7-46.el6.s390x as a component of Red Hat Enterprise Linux Desktop (v. 6)", "product_id": "6Client:curl-debuginfo-0:7.19.7-46.el6.s390x" }, "product_reference": "curl-debuginfo-0:7.19.7-46.el6.s390x", "relates_to_product_reference": "6Client" }, { "category": "default_component_of", "full_product_name": { "name": "curl-debuginfo-0:7.19.7-46.el6.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 6)", "product_id": "6Client:curl-debuginfo-0:7.19.7-46.el6.x86_64" }, "product_reference": "curl-debuginfo-0:7.19.7-46.el6.x86_64", "relates_to_product_reference": "6Client" }, { "category": "default_component_of", "full_product_name": { "name": "libcurl-0:7.19.7-46.el6.i686 as a component of Red Hat Enterprise Linux Desktop (v. 6)", "product_id": "6Client:libcurl-0:7.19.7-46.el6.i686" }, "product_reference": "libcurl-0:7.19.7-46.el6.i686", "relates_to_product_reference": "6Client" }, { "category": "default_component_of", "full_product_name": { "name": "libcurl-0:7.19.7-46.el6.ppc as a component of Red Hat Enterprise Linux Desktop (v. 6)", "product_id": "6Client:libcurl-0:7.19.7-46.el6.ppc" }, "product_reference": "libcurl-0:7.19.7-46.el6.ppc", "relates_to_product_reference": "6Client" }, { "category": "default_component_of", "full_product_name": { "name": "libcurl-0:7.19.7-46.el6.ppc64 as a component of Red Hat Enterprise Linux Desktop (v. 6)", "product_id": "6Client:libcurl-0:7.19.7-46.el6.ppc64" }, "product_reference": "libcurl-0:7.19.7-46.el6.ppc64", "relates_to_product_reference": "6Client" }, { "category": "default_component_of", "full_product_name": { "name": "libcurl-0:7.19.7-46.el6.s390 as a component of Red Hat Enterprise Linux Desktop (v. 6)", "product_id": "6Client:libcurl-0:7.19.7-46.el6.s390" }, "product_reference": "libcurl-0:7.19.7-46.el6.s390", "relates_to_product_reference": "6Client" }, { "category": "default_component_of", "full_product_name": { "name": "libcurl-0:7.19.7-46.el6.s390x as a component of Red Hat Enterprise Linux Desktop (v. 6)", "product_id": "6Client:libcurl-0:7.19.7-46.el6.s390x" }, "product_reference": "libcurl-0:7.19.7-46.el6.s390x", "relates_to_product_reference": "6Client" }, { "category": "default_component_of", "full_product_name": { "name": "libcurl-0:7.19.7-46.el6.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 6)", "product_id": "6Client:libcurl-0:7.19.7-46.el6.x86_64" }, "product_reference": "libcurl-0:7.19.7-46.el6.x86_64", "relates_to_product_reference": "6Client" }, { "category": "default_component_of", "full_product_name": { "name": "libcurl-devel-0:7.19.7-46.el6.i686 as a component of Red Hat Enterprise Linux Desktop (v. 6)", "product_id": "6Client:libcurl-devel-0:7.19.7-46.el6.i686" }, "product_reference": "libcurl-devel-0:7.19.7-46.el6.i686", "relates_to_product_reference": "6Client" }, { "category": "default_component_of", "full_product_name": { "name": "libcurl-devel-0:7.19.7-46.el6.ppc as a component of Red Hat Enterprise Linux Desktop (v. 6)", "product_id": "6Client:libcurl-devel-0:7.19.7-46.el6.ppc" }, "product_reference": "libcurl-devel-0:7.19.7-46.el6.ppc", "relates_to_product_reference": "6Client" }, { "category": "default_component_of", "full_product_name": { "name": "libcurl-devel-0:7.19.7-46.el6.ppc64 as a component of Red Hat Enterprise Linux Desktop (v. 6)", "product_id": "6Client:libcurl-devel-0:7.19.7-46.el6.ppc64" }, "product_reference": "libcurl-devel-0:7.19.7-46.el6.ppc64", "relates_to_product_reference": "6Client" }, { "category": "default_component_of", "full_product_name": { "name": "libcurl-devel-0:7.19.7-46.el6.s390 as a component of Red Hat Enterprise Linux Desktop (v. 6)", "product_id": "6Client:libcurl-devel-0:7.19.7-46.el6.s390" }, "product_reference": "libcurl-devel-0:7.19.7-46.el6.s390", "relates_to_product_reference": "6Client" }, { "category": "default_component_of", "full_product_name": { "name": "libcurl-devel-0:7.19.7-46.el6.s390x as a component of Red Hat Enterprise Linux Desktop (v. 6)", "product_id": "6Client:libcurl-devel-0:7.19.7-46.el6.s390x" }, "product_reference": "libcurl-devel-0:7.19.7-46.el6.s390x", "relates_to_product_reference": "6Client" }, { "category": "default_component_of", "full_product_name": { "name": "libcurl-devel-0:7.19.7-46.el6.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 6)", "product_id": "6Client:libcurl-devel-0:7.19.7-46.el6.x86_64" }, "product_reference": "libcurl-devel-0:7.19.7-46.el6.x86_64", "relates_to_product_reference": "6Client" }, { "category": "default_component_of", "full_product_name": { "name": "curl-0:7.19.7-46.el6.i686 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", "product_id": "6ComputeNode-optional:curl-0:7.19.7-46.el6.i686" }, "product_reference": "curl-0:7.19.7-46.el6.i686", "relates_to_product_reference": "6ComputeNode-optional" }, { "category": "default_component_of", "full_product_name": { "name": "curl-0:7.19.7-46.el6.ppc64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", "product_id": "6ComputeNode-optional:curl-0:7.19.7-46.el6.ppc64" }, "product_reference": "curl-0:7.19.7-46.el6.ppc64", "relates_to_product_reference": "6ComputeNode-optional" }, { "category": "default_component_of", "full_product_name": { "name": "curl-0:7.19.7-46.el6.s390x as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", "product_id": "6ComputeNode-optional:curl-0:7.19.7-46.el6.s390x" }, "product_reference": "curl-0:7.19.7-46.el6.s390x", "relates_to_product_reference": "6ComputeNode-optional" }, { "category": "default_component_of", "full_product_name": { "name": "curl-0:7.19.7-46.el6.src as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", "product_id": "6ComputeNode-optional:curl-0:7.19.7-46.el6.src" }, "product_reference": "curl-0:7.19.7-46.el6.src", "relates_to_product_reference": "6ComputeNode-optional" }, { "category": "default_component_of", "full_product_name": { "name": "curl-0:7.19.7-46.el6.x86_64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", "product_id": "6ComputeNode-optional:curl-0:7.19.7-46.el6.x86_64" }, "product_reference": "curl-0:7.19.7-46.el6.x86_64", "relates_to_product_reference": "6ComputeNode-optional" }, { "category": "default_component_of", "full_product_name": { "name": "curl-debuginfo-0:7.19.7-46.el6.i686 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", "product_id": "6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.i686" }, "product_reference": "curl-debuginfo-0:7.19.7-46.el6.i686", "relates_to_product_reference": "6ComputeNode-optional" }, { "category": "default_component_of", "full_product_name": { "name": "curl-debuginfo-0:7.19.7-46.el6.ppc as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", "product_id": "6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.ppc" }, "product_reference": "curl-debuginfo-0:7.19.7-46.el6.ppc", "relates_to_product_reference": "6ComputeNode-optional" }, { "category": "default_component_of", "full_product_name": { "name": "curl-debuginfo-0:7.19.7-46.el6.ppc64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", "product_id": "6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.ppc64" }, "product_reference": "curl-debuginfo-0:7.19.7-46.el6.ppc64", "relates_to_product_reference": "6ComputeNode-optional" }, { "category": "default_component_of", "full_product_name": { "name": "curl-debuginfo-0:7.19.7-46.el6.s390 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", "product_id": "6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.s390" }, "product_reference": "curl-debuginfo-0:7.19.7-46.el6.s390", "relates_to_product_reference": "6ComputeNode-optional" }, { "category": "default_component_of", "full_product_name": { "name": "curl-debuginfo-0:7.19.7-46.el6.s390x as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", "product_id": "6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.s390x" }, "product_reference": "curl-debuginfo-0:7.19.7-46.el6.s390x", "relates_to_product_reference": "6ComputeNode-optional" }, { "category": "default_component_of", "full_product_name": { "name": "curl-debuginfo-0:7.19.7-46.el6.x86_64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", "product_id": "6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.x86_64" }, "product_reference": "curl-debuginfo-0:7.19.7-46.el6.x86_64", "relates_to_product_reference": "6ComputeNode-optional" }, { "category": "default_component_of", "full_product_name": { "name": "libcurl-0:7.19.7-46.el6.i686 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", "product_id": "6ComputeNode-optional:libcurl-0:7.19.7-46.el6.i686" }, "product_reference": "libcurl-0:7.19.7-46.el6.i686", "relates_to_product_reference": "6ComputeNode-optional" }, { "category": "default_component_of", "full_product_name": { "name": "libcurl-0:7.19.7-46.el6.ppc as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", "product_id": "6ComputeNode-optional:libcurl-0:7.19.7-46.el6.ppc" }, "product_reference": "libcurl-0:7.19.7-46.el6.ppc", "relates_to_product_reference": "6ComputeNode-optional" }, { "category": "default_component_of", "full_product_name": { "name": "libcurl-0:7.19.7-46.el6.ppc64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", "product_id": "6ComputeNode-optional:libcurl-0:7.19.7-46.el6.ppc64" }, "product_reference": "libcurl-0:7.19.7-46.el6.ppc64", "relates_to_product_reference": "6ComputeNode-optional" }, { "category": "default_component_of", "full_product_name": { "name": "libcurl-0:7.19.7-46.el6.s390 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", "product_id": "6ComputeNode-optional:libcurl-0:7.19.7-46.el6.s390" }, "product_reference": "libcurl-0:7.19.7-46.el6.s390", "relates_to_product_reference": "6ComputeNode-optional" }, { "category": "default_component_of", "full_product_name": { "name": "libcurl-0:7.19.7-46.el6.s390x as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", "product_id": "6ComputeNode-optional:libcurl-0:7.19.7-46.el6.s390x" }, "product_reference": "libcurl-0:7.19.7-46.el6.s390x", "relates_to_product_reference": "6ComputeNode-optional" }, { "category": "default_component_of", "full_product_name": { "name": "libcurl-0:7.19.7-46.el6.x86_64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", "product_id": "6ComputeNode-optional:libcurl-0:7.19.7-46.el6.x86_64" }, "product_reference": "libcurl-0:7.19.7-46.el6.x86_64", "relates_to_product_reference": "6ComputeNode-optional" }, { "category": "default_component_of", "full_product_name": { "name": "libcurl-devel-0:7.19.7-46.el6.i686 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", "product_id": "6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.i686" }, "product_reference": "libcurl-devel-0:7.19.7-46.el6.i686", "relates_to_product_reference": "6ComputeNode-optional" }, { "category": "default_component_of", "full_product_name": { "name": "libcurl-devel-0:7.19.7-46.el6.ppc as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", "product_id": "6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.ppc" }, "product_reference": "libcurl-devel-0:7.19.7-46.el6.ppc", "relates_to_product_reference": "6ComputeNode-optional" }, { "category": "default_component_of", "full_product_name": { "name": "libcurl-devel-0:7.19.7-46.el6.ppc64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", "product_id": "6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.ppc64" }, "product_reference": "libcurl-devel-0:7.19.7-46.el6.ppc64", "relates_to_product_reference": "6ComputeNode-optional" }, { "category": "default_component_of", "full_product_name": { "name": "libcurl-devel-0:7.19.7-46.el6.s390 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", "product_id": "6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.s390" }, "product_reference": "libcurl-devel-0:7.19.7-46.el6.s390", "relates_to_product_reference": "6ComputeNode-optional" }, { "category": "default_component_of", "full_product_name": { "name": "libcurl-devel-0:7.19.7-46.el6.s390x as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", "product_id": "6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.s390x" }, "product_reference": "libcurl-devel-0:7.19.7-46.el6.s390x", "relates_to_product_reference": "6ComputeNode-optional" }, { "category": "default_component_of", "full_product_name": { "name": "libcurl-devel-0:7.19.7-46.el6.x86_64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", "product_id": "6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.x86_64" }, "product_reference": "libcurl-devel-0:7.19.7-46.el6.x86_64", "relates_to_product_reference": "6ComputeNode-optional" }, { "category": "default_component_of", "full_product_name": { "name": "curl-0:7.19.7-46.el6.i686 as a component of Red Hat Enterprise Linux HPC Node (v. 6)", "product_id": "6ComputeNode:curl-0:7.19.7-46.el6.i686" }, "product_reference": "curl-0:7.19.7-46.el6.i686", "relates_to_product_reference": "6ComputeNode" }, { "category": "default_component_of", "full_product_name": { "name": "curl-0:7.19.7-46.el6.ppc64 as a component of Red Hat Enterprise Linux HPC Node (v. 6)", "product_id": "6ComputeNode:curl-0:7.19.7-46.el6.ppc64" }, "product_reference": "curl-0:7.19.7-46.el6.ppc64", "relates_to_product_reference": "6ComputeNode" }, { "category": "default_component_of", "full_product_name": { "name": "curl-0:7.19.7-46.el6.s390x as a component of Red Hat Enterprise Linux HPC Node (v. 6)", "product_id": "6ComputeNode:curl-0:7.19.7-46.el6.s390x" }, "product_reference": "curl-0:7.19.7-46.el6.s390x", "relates_to_product_reference": "6ComputeNode" }, { "category": "default_component_of", "full_product_name": { "name": "curl-0:7.19.7-46.el6.src as a component of Red Hat Enterprise Linux HPC Node (v. 6)", "product_id": "6ComputeNode:curl-0:7.19.7-46.el6.src" }, "product_reference": "curl-0:7.19.7-46.el6.src", "relates_to_product_reference": "6ComputeNode" }, { "category": "default_component_of", "full_product_name": { "name": "curl-0:7.19.7-46.el6.x86_64 as a component of Red Hat Enterprise Linux HPC Node (v. 6)", "product_id": "6ComputeNode:curl-0:7.19.7-46.el6.x86_64" }, "product_reference": "curl-0:7.19.7-46.el6.x86_64", "relates_to_product_reference": "6ComputeNode" }, { "category": "default_component_of", "full_product_name": { "name": "curl-debuginfo-0:7.19.7-46.el6.i686 as a component of Red Hat Enterprise Linux HPC Node (v. 6)", "product_id": "6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.i686" }, "product_reference": "curl-debuginfo-0:7.19.7-46.el6.i686", "relates_to_product_reference": "6ComputeNode" }, { "category": "default_component_of", "full_product_name": { "name": "curl-debuginfo-0:7.19.7-46.el6.ppc as a component of Red Hat Enterprise Linux HPC Node (v. 6)", "product_id": "6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.ppc" }, "product_reference": "curl-debuginfo-0:7.19.7-46.el6.ppc", "relates_to_product_reference": "6ComputeNode" }, { "category": "default_component_of", "full_product_name": { "name": "curl-debuginfo-0:7.19.7-46.el6.ppc64 as a component of Red Hat Enterprise Linux HPC Node (v. 6)", "product_id": "6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.ppc64" }, "product_reference": "curl-debuginfo-0:7.19.7-46.el6.ppc64", "relates_to_product_reference": "6ComputeNode" }, { "category": "default_component_of", "full_product_name": { "name": "curl-debuginfo-0:7.19.7-46.el6.s390 as a component of Red Hat Enterprise Linux HPC Node (v. 6)", "product_id": "6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.s390" }, "product_reference": "curl-debuginfo-0:7.19.7-46.el6.s390", "relates_to_product_reference": "6ComputeNode" }, { "category": "default_component_of", "full_product_name": { "name": "curl-debuginfo-0:7.19.7-46.el6.s390x as a component of Red Hat Enterprise Linux HPC Node (v. 6)", "product_id": "6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.s390x" }, "product_reference": "curl-debuginfo-0:7.19.7-46.el6.s390x", "relates_to_product_reference": "6ComputeNode" }, { "category": "default_component_of", "full_product_name": { "name": "curl-debuginfo-0:7.19.7-46.el6.x86_64 as a component of Red Hat Enterprise Linux HPC Node (v. 6)", "product_id": "6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.x86_64" }, "product_reference": "curl-debuginfo-0:7.19.7-46.el6.x86_64", "relates_to_product_reference": "6ComputeNode" }, { "category": "default_component_of", "full_product_name": { "name": "libcurl-0:7.19.7-46.el6.i686 as a component of Red Hat Enterprise Linux HPC Node (v. 6)", "product_id": "6ComputeNode:libcurl-0:7.19.7-46.el6.i686" }, "product_reference": "libcurl-0:7.19.7-46.el6.i686", "relates_to_product_reference": "6ComputeNode" }, { "category": "default_component_of", "full_product_name": { "name": "libcurl-0:7.19.7-46.el6.ppc as a component of Red Hat Enterprise Linux HPC Node (v. 6)", "product_id": "6ComputeNode:libcurl-0:7.19.7-46.el6.ppc" }, "product_reference": "libcurl-0:7.19.7-46.el6.ppc", "relates_to_product_reference": "6ComputeNode" }, { "category": "default_component_of", "full_product_name": { "name": "libcurl-0:7.19.7-46.el6.ppc64 as a component of Red Hat Enterprise Linux HPC Node (v. 6)", "product_id": "6ComputeNode:libcurl-0:7.19.7-46.el6.ppc64" }, "product_reference": "libcurl-0:7.19.7-46.el6.ppc64", "relates_to_product_reference": "6ComputeNode" }, { "category": "default_component_of", "full_product_name": { "name": "libcurl-0:7.19.7-46.el6.s390 as a component of Red Hat Enterprise Linux HPC Node (v. 6)", "product_id": "6ComputeNode:libcurl-0:7.19.7-46.el6.s390" }, "product_reference": "libcurl-0:7.19.7-46.el6.s390", "relates_to_product_reference": "6ComputeNode" }, { "category": "default_component_of", "full_product_name": { "name": "libcurl-0:7.19.7-46.el6.s390x as a component of Red Hat Enterprise Linux HPC Node (v. 6)", "product_id": "6ComputeNode:libcurl-0:7.19.7-46.el6.s390x" }, "product_reference": "libcurl-0:7.19.7-46.el6.s390x", "relates_to_product_reference": "6ComputeNode" }, { "category": "default_component_of", "full_product_name": { "name": "libcurl-0:7.19.7-46.el6.x86_64 as a component of Red Hat Enterprise Linux HPC Node (v. 6)", "product_id": "6ComputeNode:libcurl-0:7.19.7-46.el6.x86_64" }, "product_reference": "libcurl-0:7.19.7-46.el6.x86_64", "relates_to_product_reference": "6ComputeNode" }, { "category": "default_component_of", "full_product_name": { "name": "libcurl-devel-0:7.19.7-46.el6.i686 as a component of Red Hat Enterprise Linux HPC Node (v. 6)", "product_id": "6ComputeNode:libcurl-devel-0:7.19.7-46.el6.i686" }, "product_reference": "libcurl-devel-0:7.19.7-46.el6.i686", "relates_to_product_reference": "6ComputeNode" }, { "category": "default_component_of", "full_product_name": { "name": "libcurl-devel-0:7.19.7-46.el6.ppc as a component of Red Hat Enterprise Linux HPC Node (v. 6)", "product_id": "6ComputeNode:libcurl-devel-0:7.19.7-46.el6.ppc" }, "product_reference": "libcurl-devel-0:7.19.7-46.el6.ppc", "relates_to_product_reference": "6ComputeNode" }, { "category": "default_component_of", "full_product_name": { "name": "libcurl-devel-0:7.19.7-46.el6.ppc64 as a component of Red Hat Enterprise Linux HPC Node (v. 6)", "product_id": "6ComputeNode:libcurl-devel-0:7.19.7-46.el6.ppc64" }, "product_reference": "libcurl-devel-0:7.19.7-46.el6.ppc64", "relates_to_product_reference": "6ComputeNode" }, { "category": "default_component_of", "full_product_name": { "name": "libcurl-devel-0:7.19.7-46.el6.s390 as a component of Red Hat Enterprise Linux HPC Node (v. 6)", "product_id": "6ComputeNode:libcurl-devel-0:7.19.7-46.el6.s390" }, "product_reference": "libcurl-devel-0:7.19.7-46.el6.s390", "relates_to_product_reference": "6ComputeNode" }, { "category": "default_component_of", "full_product_name": { "name": "libcurl-devel-0:7.19.7-46.el6.s390x as a component of Red Hat Enterprise Linux HPC Node (v. 6)", "product_id": "6ComputeNode:libcurl-devel-0:7.19.7-46.el6.s390x" }, "product_reference": "libcurl-devel-0:7.19.7-46.el6.s390x", "relates_to_product_reference": "6ComputeNode" }, { "category": "default_component_of", "full_product_name": { "name": "libcurl-devel-0:7.19.7-46.el6.x86_64 as a component of Red Hat Enterprise Linux HPC Node (v. 6)", "product_id": "6ComputeNode:libcurl-devel-0:7.19.7-46.el6.x86_64" }, "product_reference": "libcurl-devel-0:7.19.7-46.el6.x86_64", "relates_to_product_reference": "6ComputeNode" }, { "category": "default_component_of", "full_product_name": { "name": "curl-0:7.19.7-46.el6.i686 as a component of Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server:curl-0:7.19.7-46.el6.i686" }, "product_reference": "curl-0:7.19.7-46.el6.i686", "relates_to_product_reference": "6Server" }, { "category": "default_component_of", "full_product_name": { "name": "curl-0:7.19.7-46.el6.ppc64 as a component of Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server:curl-0:7.19.7-46.el6.ppc64" }, "product_reference": "curl-0:7.19.7-46.el6.ppc64", "relates_to_product_reference": "6Server" }, { "category": "default_component_of", "full_product_name": { "name": "curl-0:7.19.7-46.el6.s390x as a component of Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server:curl-0:7.19.7-46.el6.s390x" }, "product_reference": "curl-0:7.19.7-46.el6.s390x", "relates_to_product_reference": "6Server" }, { "category": "default_component_of", "full_product_name": { "name": "curl-0:7.19.7-46.el6.src as a component of Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server:curl-0:7.19.7-46.el6.src" }, "product_reference": "curl-0:7.19.7-46.el6.src", "relates_to_product_reference": "6Server" }, { "category": "default_component_of", "full_product_name": { "name": "curl-0:7.19.7-46.el6.x86_64 as a component of Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server:curl-0:7.19.7-46.el6.x86_64" }, "product_reference": "curl-0:7.19.7-46.el6.x86_64", "relates_to_product_reference": "6Server" }, { "category": "default_component_of", "full_product_name": { "name": "curl-debuginfo-0:7.19.7-46.el6.i686 as a component of Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server:curl-debuginfo-0:7.19.7-46.el6.i686" }, "product_reference": "curl-debuginfo-0:7.19.7-46.el6.i686", "relates_to_product_reference": "6Server" }, { "category": "default_component_of", "full_product_name": { "name": "curl-debuginfo-0:7.19.7-46.el6.ppc as a component of Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server:curl-debuginfo-0:7.19.7-46.el6.ppc" }, "product_reference": "curl-debuginfo-0:7.19.7-46.el6.ppc", "relates_to_product_reference": "6Server" }, { "category": "default_component_of", "full_product_name": { "name": "curl-debuginfo-0:7.19.7-46.el6.ppc64 as a component of Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server:curl-debuginfo-0:7.19.7-46.el6.ppc64" }, "product_reference": "curl-debuginfo-0:7.19.7-46.el6.ppc64", "relates_to_product_reference": "6Server" }, { "category": "default_component_of", "full_product_name": { "name": "curl-debuginfo-0:7.19.7-46.el6.s390 as a component of Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server:curl-debuginfo-0:7.19.7-46.el6.s390" }, "product_reference": "curl-debuginfo-0:7.19.7-46.el6.s390", "relates_to_product_reference": "6Server" }, { "category": "default_component_of", "full_product_name": { "name": "curl-debuginfo-0:7.19.7-46.el6.s390x as a component of Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server:curl-debuginfo-0:7.19.7-46.el6.s390x" }, "product_reference": "curl-debuginfo-0:7.19.7-46.el6.s390x", "relates_to_product_reference": "6Server" }, { "category": "default_component_of", "full_product_name": { "name": "curl-debuginfo-0:7.19.7-46.el6.x86_64 as a component of Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server:curl-debuginfo-0:7.19.7-46.el6.x86_64" }, "product_reference": "curl-debuginfo-0:7.19.7-46.el6.x86_64", "relates_to_product_reference": "6Server" }, { "category": "default_component_of", "full_product_name": { "name": "libcurl-0:7.19.7-46.el6.i686 as a component of Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server:libcurl-0:7.19.7-46.el6.i686" }, "product_reference": "libcurl-0:7.19.7-46.el6.i686", "relates_to_product_reference": "6Server" }, { "category": "default_component_of", "full_product_name": { "name": "libcurl-0:7.19.7-46.el6.ppc as a component of Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server:libcurl-0:7.19.7-46.el6.ppc" }, "product_reference": "libcurl-0:7.19.7-46.el6.ppc", "relates_to_product_reference": "6Server" }, { "category": "default_component_of", "full_product_name": { "name": "libcurl-0:7.19.7-46.el6.ppc64 as a component of Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server:libcurl-0:7.19.7-46.el6.ppc64" }, "product_reference": "libcurl-0:7.19.7-46.el6.ppc64", "relates_to_product_reference": "6Server" }, { "category": "default_component_of", "full_product_name": { "name": "libcurl-0:7.19.7-46.el6.s390 as a component of Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server:libcurl-0:7.19.7-46.el6.s390" }, "product_reference": "libcurl-0:7.19.7-46.el6.s390", "relates_to_product_reference": "6Server" }, { "category": "default_component_of", "full_product_name": { "name": "libcurl-0:7.19.7-46.el6.s390x as a component of Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server:libcurl-0:7.19.7-46.el6.s390x" }, "product_reference": "libcurl-0:7.19.7-46.el6.s390x", "relates_to_product_reference": "6Server" }, { "category": "default_component_of", "full_product_name": { "name": "libcurl-0:7.19.7-46.el6.x86_64 as a component of Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server:libcurl-0:7.19.7-46.el6.x86_64" }, "product_reference": "libcurl-0:7.19.7-46.el6.x86_64", "relates_to_product_reference": "6Server" }, { "category": "default_component_of", "full_product_name": { "name": "libcurl-devel-0:7.19.7-46.el6.i686 as a component of Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server:libcurl-devel-0:7.19.7-46.el6.i686" }, "product_reference": "libcurl-devel-0:7.19.7-46.el6.i686", "relates_to_product_reference": "6Server" }, { "category": "default_component_of", "full_product_name": { "name": "libcurl-devel-0:7.19.7-46.el6.ppc as a component of Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server:libcurl-devel-0:7.19.7-46.el6.ppc" }, "product_reference": "libcurl-devel-0:7.19.7-46.el6.ppc", "relates_to_product_reference": "6Server" }, { "category": "default_component_of", "full_product_name": { "name": "libcurl-devel-0:7.19.7-46.el6.ppc64 as a component of Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server:libcurl-devel-0:7.19.7-46.el6.ppc64" }, "product_reference": "libcurl-devel-0:7.19.7-46.el6.ppc64", "relates_to_product_reference": "6Server" }, { "category": "default_component_of", "full_product_name": { "name": "libcurl-devel-0:7.19.7-46.el6.s390 as a component of Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server:libcurl-devel-0:7.19.7-46.el6.s390" }, "product_reference": "libcurl-devel-0:7.19.7-46.el6.s390", "relates_to_product_reference": "6Server" }, { "category": "default_component_of", "full_product_name": { "name": "libcurl-devel-0:7.19.7-46.el6.s390x as a component of Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server:libcurl-devel-0:7.19.7-46.el6.s390x" }, "product_reference": "libcurl-devel-0:7.19.7-46.el6.s390x", "relates_to_product_reference": "6Server" }, { "category": "default_component_of", "full_product_name": { "name": "libcurl-devel-0:7.19.7-46.el6.x86_64 as a component of Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server:libcurl-devel-0:7.19.7-46.el6.x86_64" }, "product_reference": "libcurl-devel-0:7.19.7-46.el6.x86_64", "relates_to_product_reference": "6Server" }, { "category": "default_component_of", "full_product_name": { "name": "curl-0:7.19.7-46.el6.i686 as a component of Red Hat Enterprise Linux Workstation (v. 6)", "product_id": "6Workstation:curl-0:7.19.7-46.el6.i686" }, "product_reference": "curl-0:7.19.7-46.el6.i686", "relates_to_product_reference": "6Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "curl-0:7.19.7-46.el6.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 6)", "product_id": "6Workstation:curl-0:7.19.7-46.el6.ppc64" }, "product_reference": "curl-0:7.19.7-46.el6.ppc64", "relates_to_product_reference": "6Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "curl-0:7.19.7-46.el6.s390x as a component of Red Hat Enterprise Linux Workstation (v. 6)", "product_id": "6Workstation:curl-0:7.19.7-46.el6.s390x" }, "product_reference": "curl-0:7.19.7-46.el6.s390x", "relates_to_product_reference": "6Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "curl-0:7.19.7-46.el6.src as a component of Red Hat Enterprise Linux Workstation (v. 6)", "product_id": "6Workstation:curl-0:7.19.7-46.el6.src" }, "product_reference": "curl-0:7.19.7-46.el6.src", "relates_to_product_reference": "6Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "curl-0:7.19.7-46.el6.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 6)", "product_id": "6Workstation:curl-0:7.19.7-46.el6.x86_64" }, "product_reference": "curl-0:7.19.7-46.el6.x86_64", "relates_to_product_reference": "6Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "curl-debuginfo-0:7.19.7-46.el6.i686 as a component of Red Hat Enterprise Linux Workstation (v. 6)", "product_id": "6Workstation:curl-debuginfo-0:7.19.7-46.el6.i686" }, "product_reference": "curl-debuginfo-0:7.19.7-46.el6.i686", "relates_to_product_reference": "6Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "curl-debuginfo-0:7.19.7-46.el6.ppc as a component of Red Hat Enterprise Linux Workstation (v. 6)", "product_id": "6Workstation:curl-debuginfo-0:7.19.7-46.el6.ppc" }, "product_reference": "curl-debuginfo-0:7.19.7-46.el6.ppc", "relates_to_product_reference": "6Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "curl-debuginfo-0:7.19.7-46.el6.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 6)", "product_id": "6Workstation:curl-debuginfo-0:7.19.7-46.el6.ppc64" }, "product_reference": "curl-debuginfo-0:7.19.7-46.el6.ppc64", "relates_to_product_reference": "6Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "curl-debuginfo-0:7.19.7-46.el6.s390 as a component of Red Hat Enterprise Linux Workstation (v. 6)", "product_id": "6Workstation:curl-debuginfo-0:7.19.7-46.el6.s390" }, "product_reference": "curl-debuginfo-0:7.19.7-46.el6.s390", "relates_to_product_reference": "6Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "curl-debuginfo-0:7.19.7-46.el6.s390x as a component of Red Hat Enterprise Linux Workstation (v. 6)", "product_id": "6Workstation:curl-debuginfo-0:7.19.7-46.el6.s390x" }, "product_reference": "curl-debuginfo-0:7.19.7-46.el6.s390x", "relates_to_product_reference": "6Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "curl-debuginfo-0:7.19.7-46.el6.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 6)", "product_id": "6Workstation:curl-debuginfo-0:7.19.7-46.el6.x86_64" }, "product_reference": "curl-debuginfo-0:7.19.7-46.el6.x86_64", "relates_to_product_reference": "6Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "libcurl-0:7.19.7-46.el6.i686 as a component of Red Hat Enterprise Linux Workstation (v. 6)", "product_id": "6Workstation:libcurl-0:7.19.7-46.el6.i686" }, "product_reference": "libcurl-0:7.19.7-46.el6.i686", "relates_to_product_reference": "6Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "libcurl-0:7.19.7-46.el6.ppc as a component of Red Hat Enterprise Linux Workstation (v. 6)", "product_id": "6Workstation:libcurl-0:7.19.7-46.el6.ppc" }, "product_reference": "libcurl-0:7.19.7-46.el6.ppc", "relates_to_product_reference": "6Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "libcurl-0:7.19.7-46.el6.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 6)", "product_id": "6Workstation:libcurl-0:7.19.7-46.el6.ppc64" }, "product_reference": "libcurl-0:7.19.7-46.el6.ppc64", "relates_to_product_reference": "6Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "libcurl-0:7.19.7-46.el6.s390 as a component of Red Hat Enterprise Linux Workstation (v. 6)", "product_id": "6Workstation:libcurl-0:7.19.7-46.el6.s390" }, "product_reference": "libcurl-0:7.19.7-46.el6.s390", "relates_to_product_reference": "6Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "libcurl-0:7.19.7-46.el6.s390x as a component of Red Hat Enterprise Linux Workstation (v. 6)", "product_id": "6Workstation:libcurl-0:7.19.7-46.el6.s390x" }, "product_reference": "libcurl-0:7.19.7-46.el6.s390x", "relates_to_product_reference": "6Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "libcurl-0:7.19.7-46.el6.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 6)", "product_id": "6Workstation:libcurl-0:7.19.7-46.el6.x86_64" }, "product_reference": "libcurl-0:7.19.7-46.el6.x86_64", "relates_to_product_reference": "6Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "libcurl-devel-0:7.19.7-46.el6.i686 as a component of Red Hat Enterprise Linux Workstation (v. 6)", "product_id": "6Workstation:libcurl-devel-0:7.19.7-46.el6.i686" }, "product_reference": "libcurl-devel-0:7.19.7-46.el6.i686", "relates_to_product_reference": "6Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "libcurl-devel-0:7.19.7-46.el6.ppc as a component of Red Hat Enterprise Linux Workstation (v. 6)", "product_id": "6Workstation:libcurl-devel-0:7.19.7-46.el6.ppc" }, "product_reference": "libcurl-devel-0:7.19.7-46.el6.ppc", "relates_to_product_reference": "6Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "libcurl-devel-0:7.19.7-46.el6.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 6)", "product_id": "6Workstation:libcurl-devel-0:7.19.7-46.el6.ppc64" }, "product_reference": "libcurl-devel-0:7.19.7-46.el6.ppc64", "relates_to_product_reference": "6Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "libcurl-devel-0:7.19.7-46.el6.s390 as a component of Red Hat Enterprise Linux Workstation (v. 6)", "product_id": "6Workstation:libcurl-devel-0:7.19.7-46.el6.s390" }, "product_reference": "libcurl-devel-0:7.19.7-46.el6.s390", "relates_to_product_reference": "6Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "libcurl-devel-0:7.19.7-46.el6.s390x as a component of Red Hat Enterprise Linux Workstation (v. 6)", "product_id": "6Workstation:libcurl-devel-0:7.19.7-46.el6.s390x" }, "product_reference": "libcurl-devel-0:7.19.7-46.el6.s390x", "relates_to_product_reference": "6Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "libcurl-devel-0:7.19.7-46.el6.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 6)", "product_id": "6Workstation:libcurl-devel-0:7.19.7-46.el6.x86_64" }, "product_reference": "libcurl-devel-0:7.19.7-46.el6.x86_64", "relates_to_product_reference": "6Workstation" } ] }, "vulnerabilities": [ { "acknowledgments": [ { "names": [ "cURL project" ] }, { "names": [ "Tim Ruehsen" ], "summary": "Acknowledged by upstream." } ], "cve": "CVE-2014-3613", "cwe": { "id": "CWE-284", "name": "Improper Access Control" }, "discovery_date": "2014-09-02T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1136154" } ], "notes": [ { "category": "description", "text": "It was found that the libcurl library did not correctly handle partial literal IP addresses when parsing received HTTP cookies. An attacker able to trick a user into connecting to a malicious server could use this flaw to set the user\u0027s cookie to a crafted domain, making other cookie-related issues easier to exploit.", "title": "Vulnerability description" }, { "category": "summary", "text": "curl: incorrect handling of IP addresses in cookie domain", "title": "Vulnerability summary" }, { "category": "other", "text": "This issue affects the versions of curl as shipped with Red Hat Enterprise Linux 5 and is not planned to be corrected in future updates.\n\nInktank Ceph Enterprise 1.1 and 1.2 receives only qualified Important and Critical impact security fixes. This issue has been rated as having Moderate security impact and is not currently planned to be addressed in future updates. For additional information, refer to the Inktank Ceph Enterprise Support Matrix:\nhttp://www.inktank.com/enterprise/support/", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-optional:curl-0:7.19.7-46.el6.i686", "6Client-optional:curl-0:7.19.7-46.el6.ppc64", "6Client-optional:curl-0:7.19.7-46.el6.s390x", "6Client-optional:curl-0:7.19.7-46.el6.src", "6Client-optional:curl-0:7.19.7-46.el6.x86_64", "6Client-optional:curl-debuginfo-0:7.19.7-46.el6.i686", "6Client-optional:curl-debuginfo-0:7.19.7-46.el6.ppc", "6Client-optional:curl-debuginfo-0:7.19.7-46.el6.ppc64", "6Client-optional:curl-debuginfo-0:7.19.7-46.el6.s390", "6Client-optional:curl-debuginfo-0:7.19.7-46.el6.s390x", "6Client-optional:curl-debuginfo-0:7.19.7-46.el6.x86_64", "6Client-optional:libcurl-0:7.19.7-46.el6.i686", "6Client-optional:libcurl-0:7.19.7-46.el6.ppc", "6Client-optional:libcurl-0:7.19.7-46.el6.ppc64", "6Client-optional:libcurl-0:7.19.7-46.el6.s390", "6Client-optional:libcurl-0:7.19.7-46.el6.s390x", "6Client-optional:libcurl-0:7.19.7-46.el6.x86_64", "6Client-optional:libcurl-devel-0:7.19.7-46.el6.i686", "6Client-optional:libcurl-devel-0:7.19.7-46.el6.ppc", "6Client-optional:libcurl-devel-0:7.19.7-46.el6.ppc64", "6Client-optional:libcurl-devel-0:7.19.7-46.el6.s390", "6Client-optional:libcurl-devel-0:7.19.7-46.el6.s390x", "6Client-optional:libcurl-devel-0:7.19.7-46.el6.x86_64", "6Client:curl-0:7.19.7-46.el6.i686", "6Client:curl-0:7.19.7-46.el6.ppc64", "6Client:curl-0:7.19.7-46.el6.s390x", "6Client:curl-0:7.19.7-46.el6.src", "6Client:curl-0:7.19.7-46.el6.x86_64", "6Client:curl-debuginfo-0:7.19.7-46.el6.i686", "6Client:curl-debuginfo-0:7.19.7-46.el6.ppc", "6Client:curl-debuginfo-0:7.19.7-46.el6.ppc64", "6Client:curl-debuginfo-0:7.19.7-46.el6.s390", "6Client:curl-debuginfo-0:7.19.7-46.el6.s390x", "6Client:curl-debuginfo-0:7.19.7-46.el6.x86_64", "6Client:libcurl-0:7.19.7-46.el6.i686", "6Client:libcurl-0:7.19.7-46.el6.ppc", "6Client:libcurl-0:7.19.7-46.el6.ppc64", "6Client:libcurl-0:7.19.7-46.el6.s390", "6Client:libcurl-0:7.19.7-46.el6.s390x", "6Client:libcurl-0:7.19.7-46.el6.x86_64", "6Client:libcurl-devel-0:7.19.7-46.el6.i686", "6Client:libcurl-devel-0:7.19.7-46.el6.ppc", "6Client:libcurl-devel-0:7.19.7-46.el6.ppc64", "6Client:libcurl-devel-0:7.19.7-46.el6.s390", "6Client:libcurl-devel-0:7.19.7-46.el6.s390x", "6Client:libcurl-devel-0:7.19.7-46.el6.x86_64", "6ComputeNode-optional:curl-0:7.19.7-46.el6.i686", "6ComputeNode-optional:curl-0:7.19.7-46.el6.ppc64", "6ComputeNode-optional:curl-0:7.19.7-46.el6.s390x", "6ComputeNode-optional:curl-0:7.19.7-46.el6.src", "6ComputeNode-optional:curl-0:7.19.7-46.el6.x86_64", "6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.i686", "6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.ppc", "6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.ppc64", "6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.s390", "6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.s390x", "6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.x86_64", "6ComputeNode-optional:libcurl-0:7.19.7-46.el6.i686", "6ComputeNode-optional:libcurl-0:7.19.7-46.el6.ppc", "6ComputeNode-optional:libcurl-0:7.19.7-46.el6.ppc64", "6ComputeNode-optional:libcurl-0:7.19.7-46.el6.s390", "6ComputeNode-optional:libcurl-0:7.19.7-46.el6.s390x", "6ComputeNode-optional:libcurl-0:7.19.7-46.el6.x86_64", "6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.i686", "6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.ppc", "6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.ppc64", "6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.s390", "6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.s390x", "6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.x86_64", "6ComputeNode:curl-0:7.19.7-46.el6.i686", "6ComputeNode:curl-0:7.19.7-46.el6.ppc64", "6ComputeNode:curl-0:7.19.7-46.el6.s390x", "6ComputeNode:curl-0:7.19.7-46.el6.src", "6ComputeNode:curl-0:7.19.7-46.el6.x86_64", "6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.i686", "6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.ppc", "6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.ppc64", "6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.s390", "6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.s390x", "6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.x86_64", "6ComputeNode:libcurl-0:7.19.7-46.el6.i686", "6ComputeNode:libcurl-0:7.19.7-46.el6.ppc", "6ComputeNode:libcurl-0:7.19.7-46.el6.ppc64", "6ComputeNode:libcurl-0:7.19.7-46.el6.s390", "6ComputeNode:libcurl-0:7.19.7-46.el6.s390x", "6ComputeNode:libcurl-0:7.19.7-46.el6.x86_64", "6ComputeNode:libcurl-devel-0:7.19.7-46.el6.i686", "6ComputeNode:libcurl-devel-0:7.19.7-46.el6.ppc", "6ComputeNode:libcurl-devel-0:7.19.7-46.el6.ppc64", "6ComputeNode:libcurl-devel-0:7.19.7-46.el6.s390", "6ComputeNode:libcurl-devel-0:7.19.7-46.el6.s390x", "6ComputeNode:libcurl-devel-0:7.19.7-46.el6.x86_64", "6Server:curl-0:7.19.7-46.el6.i686", "6Server:curl-0:7.19.7-46.el6.ppc64", "6Server:curl-0:7.19.7-46.el6.s390x", "6Server:curl-0:7.19.7-46.el6.src", "6Server:curl-0:7.19.7-46.el6.x86_64", "6Server:curl-debuginfo-0:7.19.7-46.el6.i686", "6Server:curl-debuginfo-0:7.19.7-46.el6.ppc", "6Server:curl-debuginfo-0:7.19.7-46.el6.ppc64", "6Server:curl-debuginfo-0:7.19.7-46.el6.s390", "6Server:curl-debuginfo-0:7.19.7-46.el6.s390x", "6Server:curl-debuginfo-0:7.19.7-46.el6.x86_64", "6Server:libcurl-0:7.19.7-46.el6.i686", "6Server:libcurl-0:7.19.7-46.el6.ppc", "6Server:libcurl-0:7.19.7-46.el6.ppc64", "6Server:libcurl-0:7.19.7-46.el6.s390", "6Server:libcurl-0:7.19.7-46.el6.s390x", "6Server:libcurl-0:7.19.7-46.el6.x86_64", "6Server:libcurl-devel-0:7.19.7-46.el6.i686", "6Server:libcurl-devel-0:7.19.7-46.el6.ppc", "6Server:libcurl-devel-0:7.19.7-46.el6.ppc64", "6Server:libcurl-devel-0:7.19.7-46.el6.s390", "6Server:libcurl-devel-0:7.19.7-46.el6.s390x", "6Server:libcurl-devel-0:7.19.7-46.el6.x86_64", "6Workstation:curl-0:7.19.7-46.el6.i686", "6Workstation:curl-0:7.19.7-46.el6.ppc64", "6Workstation:curl-0:7.19.7-46.el6.s390x", "6Workstation:curl-0:7.19.7-46.el6.src", "6Workstation:curl-0:7.19.7-46.el6.x86_64", "6Workstation:curl-debuginfo-0:7.19.7-46.el6.i686", "6Workstation:curl-debuginfo-0:7.19.7-46.el6.ppc", "6Workstation:curl-debuginfo-0:7.19.7-46.el6.ppc64", "6Workstation:curl-debuginfo-0:7.19.7-46.el6.s390", "6Workstation:curl-debuginfo-0:7.19.7-46.el6.s390x", "6Workstation:curl-debuginfo-0:7.19.7-46.el6.x86_64", "6Workstation:libcurl-0:7.19.7-46.el6.i686", "6Workstation:libcurl-0:7.19.7-46.el6.ppc", "6Workstation:libcurl-0:7.19.7-46.el6.ppc64", "6Workstation:libcurl-0:7.19.7-46.el6.s390", "6Workstation:libcurl-0:7.19.7-46.el6.s390x", "6Workstation:libcurl-0:7.19.7-46.el6.x86_64", "6Workstation:libcurl-devel-0:7.19.7-46.el6.i686", "6Workstation:libcurl-devel-0:7.19.7-46.el6.ppc", "6Workstation:libcurl-devel-0:7.19.7-46.el6.ppc64", "6Workstation:libcurl-devel-0:7.19.7-46.el6.s390", "6Workstation:libcurl-devel-0:7.19.7-46.el6.s390x", "6Workstation:libcurl-devel-0:7.19.7-46.el6.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2014-3613" }, { "category": "external", "summary": "RHBZ#1136154", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1136154" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2014-3613", "url": "https://www.cve.org/CVERecord?id=CVE-2014-3613" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-3613", "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-3613" }, { "category": "external", "summary": "http://curl.haxx.se/docs/adv_20140910A.html", "url": "http://curl.haxx.se/docs/adv_20140910A.html" } ], "release_date": "2014-09-10T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2015-07-20T13:50:03+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "6Client-optional:curl-0:7.19.7-46.el6.i686", "6Client-optional:curl-0:7.19.7-46.el6.ppc64", "6Client-optional:curl-0:7.19.7-46.el6.s390x", "6Client-optional:curl-0:7.19.7-46.el6.src", "6Client-optional:curl-0:7.19.7-46.el6.x86_64", "6Client-optional:curl-debuginfo-0:7.19.7-46.el6.i686", "6Client-optional:curl-debuginfo-0:7.19.7-46.el6.ppc", "6Client-optional:curl-debuginfo-0:7.19.7-46.el6.ppc64", "6Client-optional:curl-debuginfo-0:7.19.7-46.el6.s390", "6Client-optional:curl-debuginfo-0:7.19.7-46.el6.s390x", "6Client-optional:curl-debuginfo-0:7.19.7-46.el6.x86_64", "6Client-optional:libcurl-0:7.19.7-46.el6.i686", "6Client-optional:libcurl-0:7.19.7-46.el6.ppc", "6Client-optional:libcurl-0:7.19.7-46.el6.ppc64", "6Client-optional:libcurl-0:7.19.7-46.el6.s390", "6Client-optional:libcurl-0:7.19.7-46.el6.s390x", "6Client-optional:libcurl-0:7.19.7-46.el6.x86_64", "6Client-optional:libcurl-devel-0:7.19.7-46.el6.i686", "6Client-optional:libcurl-devel-0:7.19.7-46.el6.ppc", "6Client-optional:libcurl-devel-0:7.19.7-46.el6.ppc64", "6Client-optional:libcurl-devel-0:7.19.7-46.el6.s390", "6Client-optional:libcurl-devel-0:7.19.7-46.el6.s390x", "6Client-optional:libcurl-devel-0:7.19.7-46.el6.x86_64", "6Client:curl-0:7.19.7-46.el6.i686", "6Client:curl-0:7.19.7-46.el6.ppc64", "6Client:curl-0:7.19.7-46.el6.s390x", "6Client:curl-0:7.19.7-46.el6.src", "6Client:curl-0:7.19.7-46.el6.x86_64", "6Client:curl-debuginfo-0:7.19.7-46.el6.i686", "6Client:curl-debuginfo-0:7.19.7-46.el6.ppc", "6Client:curl-debuginfo-0:7.19.7-46.el6.ppc64", "6Client:curl-debuginfo-0:7.19.7-46.el6.s390", "6Client:curl-debuginfo-0:7.19.7-46.el6.s390x", "6Client:curl-debuginfo-0:7.19.7-46.el6.x86_64", "6Client:libcurl-0:7.19.7-46.el6.i686", "6Client:libcurl-0:7.19.7-46.el6.ppc", "6Client:libcurl-0:7.19.7-46.el6.ppc64", "6Client:libcurl-0:7.19.7-46.el6.s390", "6Client:libcurl-0:7.19.7-46.el6.s390x", "6Client:libcurl-0:7.19.7-46.el6.x86_64", "6Client:libcurl-devel-0:7.19.7-46.el6.i686", "6Client:libcurl-devel-0:7.19.7-46.el6.ppc", "6Client:libcurl-devel-0:7.19.7-46.el6.ppc64", "6Client:libcurl-devel-0:7.19.7-46.el6.s390", "6Client:libcurl-devel-0:7.19.7-46.el6.s390x", "6Client:libcurl-devel-0:7.19.7-46.el6.x86_64", "6ComputeNode-optional:curl-0:7.19.7-46.el6.i686", "6ComputeNode-optional:curl-0:7.19.7-46.el6.ppc64", "6ComputeNode-optional:curl-0:7.19.7-46.el6.s390x", "6ComputeNode-optional:curl-0:7.19.7-46.el6.src", "6ComputeNode-optional:curl-0:7.19.7-46.el6.x86_64", "6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.i686", "6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.ppc", "6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.ppc64", "6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.s390", "6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.s390x", "6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.x86_64", "6ComputeNode-optional:libcurl-0:7.19.7-46.el6.i686", "6ComputeNode-optional:libcurl-0:7.19.7-46.el6.ppc", "6ComputeNode-optional:libcurl-0:7.19.7-46.el6.ppc64", "6ComputeNode-optional:libcurl-0:7.19.7-46.el6.s390", "6ComputeNode-optional:libcurl-0:7.19.7-46.el6.s390x", "6ComputeNode-optional:libcurl-0:7.19.7-46.el6.x86_64", "6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.i686", "6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.ppc", "6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.ppc64", "6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.s390", "6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.s390x", "6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.x86_64", "6ComputeNode:curl-0:7.19.7-46.el6.i686", "6ComputeNode:curl-0:7.19.7-46.el6.ppc64", "6ComputeNode:curl-0:7.19.7-46.el6.s390x", "6ComputeNode:curl-0:7.19.7-46.el6.src", "6ComputeNode:curl-0:7.19.7-46.el6.x86_64", "6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.i686", "6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.ppc", "6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.ppc64", "6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.s390", "6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.s390x", "6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.x86_64", "6ComputeNode:libcurl-0:7.19.7-46.el6.i686", "6ComputeNode:libcurl-0:7.19.7-46.el6.ppc", "6ComputeNode:libcurl-0:7.19.7-46.el6.ppc64", "6ComputeNode:libcurl-0:7.19.7-46.el6.s390", "6ComputeNode:libcurl-0:7.19.7-46.el6.s390x", "6ComputeNode:libcurl-0:7.19.7-46.el6.x86_64", "6ComputeNode:libcurl-devel-0:7.19.7-46.el6.i686", "6ComputeNode:libcurl-devel-0:7.19.7-46.el6.ppc", "6ComputeNode:libcurl-devel-0:7.19.7-46.el6.ppc64", "6ComputeNode:libcurl-devel-0:7.19.7-46.el6.s390", "6ComputeNode:libcurl-devel-0:7.19.7-46.el6.s390x", "6ComputeNode:libcurl-devel-0:7.19.7-46.el6.x86_64", "6Server:curl-0:7.19.7-46.el6.i686", "6Server:curl-0:7.19.7-46.el6.ppc64", "6Server:curl-0:7.19.7-46.el6.s390x", "6Server:curl-0:7.19.7-46.el6.src", "6Server:curl-0:7.19.7-46.el6.x86_64", "6Server:curl-debuginfo-0:7.19.7-46.el6.i686", "6Server:curl-debuginfo-0:7.19.7-46.el6.ppc", "6Server:curl-debuginfo-0:7.19.7-46.el6.ppc64", "6Server:curl-debuginfo-0:7.19.7-46.el6.s390", "6Server:curl-debuginfo-0:7.19.7-46.el6.s390x", "6Server:curl-debuginfo-0:7.19.7-46.el6.x86_64", "6Server:libcurl-0:7.19.7-46.el6.i686", "6Server:libcurl-0:7.19.7-46.el6.ppc", "6Server:libcurl-0:7.19.7-46.el6.ppc64", "6Server:libcurl-0:7.19.7-46.el6.s390", "6Server:libcurl-0:7.19.7-46.el6.s390x", "6Server:libcurl-0:7.19.7-46.el6.x86_64", "6Server:libcurl-devel-0:7.19.7-46.el6.i686", "6Server:libcurl-devel-0:7.19.7-46.el6.ppc", "6Server:libcurl-devel-0:7.19.7-46.el6.ppc64", "6Server:libcurl-devel-0:7.19.7-46.el6.s390", "6Server:libcurl-devel-0:7.19.7-46.el6.s390x", "6Server:libcurl-devel-0:7.19.7-46.el6.x86_64", "6Workstation:curl-0:7.19.7-46.el6.i686", "6Workstation:curl-0:7.19.7-46.el6.ppc64", "6Workstation:curl-0:7.19.7-46.el6.s390x", "6Workstation:curl-0:7.19.7-46.el6.src", "6Workstation:curl-0:7.19.7-46.el6.x86_64", "6Workstation:curl-debuginfo-0:7.19.7-46.el6.i686", "6Workstation:curl-debuginfo-0:7.19.7-46.el6.ppc", "6Workstation:curl-debuginfo-0:7.19.7-46.el6.ppc64", "6Workstation:curl-debuginfo-0:7.19.7-46.el6.s390", "6Workstation:curl-debuginfo-0:7.19.7-46.el6.s390x", "6Workstation:curl-debuginfo-0:7.19.7-46.el6.x86_64", "6Workstation:libcurl-0:7.19.7-46.el6.i686", "6Workstation:libcurl-0:7.19.7-46.el6.ppc", "6Workstation:libcurl-0:7.19.7-46.el6.ppc64", "6Workstation:libcurl-0:7.19.7-46.el6.s390", "6Workstation:libcurl-0:7.19.7-46.el6.s390x", "6Workstation:libcurl-0:7.19.7-46.el6.x86_64", "6Workstation:libcurl-devel-0:7.19.7-46.el6.i686", "6Workstation:libcurl-devel-0:7.19.7-46.el6.ppc", "6Workstation:libcurl-devel-0:7.19.7-46.el6.ppc64", "6Workstation:libcurl-devel-0:7.19.7-46.el6.s390", "6Workstation:libcurl-devel-0:7.19.7-46.el6.s390x", "6Workstation:libcurl-devel-0:7.19.7-46.el6.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2015:1254" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0" }, "products": [ "6Client-optional:curl-0:7.19.7-46.el6.i686", "6Client-optional:curl-0:7.19.7-46.el6.ppc64", "6Client-optional:curl-0:7.19.7-46.el6.s390x", "6Client-optional:curl-0:7.19.7-46.el6.src", "6Client-optional:curl-0:7.19.7-46.el6.x86_64", "6Client-optional:curl-debuginfo-0:7.19.7-46.el6.i686", "6Client-optional:curl-debuginfo-0:7.19.7-46.el6.ppc", "6Client-optional:curl-debuginfo-0:7.19.7-46.el6.ppc64", "6Client-optional:curl-debuginfo-0:7.19.7-46.el6.s390", "6Client-optional:curl-debuginfo-0:7.19.7-46.el6.s390x", "6Client-optional:curl-debuginfo-0:7.19.7-46.el6.x86_64", "6Client-optional:libcurl-0:7.19.7-46.el6.i686", "6Client-optional:libcurl-0:7.19.7-46.el6.ppc", "6Client-optional:libcurl-0:7.19.7-46.el6.ppc64", "6Client-optional:libcurl-0:7.19.7-46.el6.s390", "6Client-optional:libcurl-0:7.19.7-46.el6.s390x", "6Client-optional:libcurl-0:7.19.7-46.el6.x86_64", "6Client-optional:libcurl-devel-0:7.19.7-46.el6.i686", "6Client-optional:libcurl-devel-0:7.19.7-46.el6.ppc", "6Client-optional:libcurl-devel-0:7.19.7-46.el6.ppc64", "6Client-optional:libcurl-devel-0:7.19.7-46.el6.s390", "6Client-optional:libcurl-devel-0:7.19.7-46.el6.s390x", "6Client-optional:libcurl-devel-0:7.19.7-46.el6.x86_64", "6Client:curl-0:7.19.7-46.el6.i686", "6Client:curl-0:7.19.7-46.el6.ppc64", "6Client:curl-0:7.19.7-46.el6.s390x", "6Client:curl-0:7.19.7-46.el6.src", "6Client:curl-0:7.19.7-46.el6.x86_64", "6Client:curl-debuginfo-0:7.19.7-46.el6.i686", "6Client:curl-debuginfo-0:7.19.7-46.el6.ppc", "6Client:curl-debuginfo-0:7.19.7-46.el6.ppc64", "6Client:curl-debuginfo-0:7.19.7-46.el6.s390", "6Client:curl-debuginfo-0:7.19.7-46.el6.s390x", "6Client:curl-debuginfo-0:7.19.7-46.el6.x86_64", "6Client:libcurl-0:7.19.7-46.el6.i686", "6Client:libcurl-0:7.19.7-46.el6.ppc", "6Client:libcurl-0:7.19.7-46.el6.ppc64", "6Client:libcurl-0:7.19.7-46.el6.s390", "6Client:libcurl-0:7.19.7-46.el6.s390x", "6Client:libcurl-0:7.19.7-46.el6.x86_64", "6Client:libcurl-devel-0:7.19.7-46.el6.i686", "6Client:libcurl-devel-0:7.19.7-46.el6.ppc", "6Client:libcurl-devel-0:7.19.7-46.el6.ppc64", "6Client:libcurl-devel-0:7.19.7-46.el6.s390", "6Client:libcurl-devel-0:7.19.7-46.el6.s390x", "6Client:libcurl-devel-0:7.19.7-46.el6.x86_64", "6ComputeNode-optional:curl-0:7.19.7-46.el6.i686", "6ComputeNode-optional:curl-0:7.19.7-46.el6.ppc64", "6ComputeNode-optional:curl-0:7.19.7-46.el6.s390x", "6ComputeNode-optional:curl-0:7.19.7-46.el6.src", "6ComputeNode-optional:curl-0:7.19.7-46.el6.x86_64", "6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.i686", "6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.ppc", "6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.ppc64", "6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.s390", "6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.s390x", "6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.x86_64", "6ComputeNode-optional:libcurl-0:7.19.7-46.el6.i686", "6ComputeNode-optional:libcurl-0:7.19.7-46.el6.ppc", "6ComputeNode-optional:libcurl-0:7.19.7-46.el6.ppc64", "6ComputeNode-optional:libcurl-0:7.19.7-46.el6.s390", "6ComputeNode-optional:libcurl-0:7.19.7-46.el6.s390x", "6ComputeNode-optional:libcurl-0:7.19.7-46.el6.x86_64", "6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.i686", "6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.ppc", "6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.ppc64", "6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.s390", "6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.s390x", "6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.x86_64", "6ComputeNode:curl-0:7.19.7-46.el6.i686", "6ComputeNode:curl-0:7.19.7-46.el6.ppc64", "6ComputeNode:curl-0:7.19.7-46.el6.s390x", "6ComputeNode:curl-0:7.19.7-46.el6.src", "6ComputeNode:curl-0:7.19.7-46.el6.x86_64", "6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.i686", "6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.ppc", "6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.ppc64", "6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.s390", "6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.s390x", "6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.x86_64", "6ComputeNode:libcurl-0:7.19.7-46.el6.i686", "6ComputeNode:libcurl-0:7.19.7-46.el6.ppc", "6ComputeNode:libcurl-0:7.19.7-46.el6.ppc64", "6ComputeNode:libcurl-0:7.19.7-46.el6.s390", "6ComputeNode:libcurl-0:7.19.7-46.el6.s390x", "6ComputeNode:libcurl-0:7.19.7-46.el6.x86_64", "6ComputeNode:libcurl-devel-0:7.19.7-46.el6.i686", "6ComputeNode:libcurl-devel-0:7.19.7-46.el6.ppc", "6ComputeNode:libcurl-devel-0:7.19.7-46.el6.ppc64", "6ComputeNode:libcurl-devel-0:7.19.7-46.el6.s390", "6ComputeNode:libcurl-devel-0:7.19.7-46.el6.s390x", "6ComputeNode:libcurl-devel-0:7.19.7-46.el6.x86_64", "6Server:curl-0:7.19.7-46.el6.i686", "6Server:curl-0:7.19.7-46.el6.ppc64", "6Server:curl-0:7.19.7-46.el6.s390x", "6Server:curl-0:7.19.7-46.el6.src", "6Server:curl-0:7.19.7-46.el6.x86_64", "6Server:curl-debuginfo-0:7.19.7-46.el6.i686", "6Server:curl-debuginfo-0:7.19.7-46.el6.ppc", "6Server:curl-debuginfo-0:7.19.7-46.el6.ppc64", "6Server:curl-debuginfo-0:7.19.7-46.el6.s390", "6Server:curl-debuginfo-0:7.19.7-46.el6.s390x", "6Server:curl-debuginfo-0:7.19.7-46.el6.x86_64", "6Server:libcurl-0:7.19.7-46.el6.i686", "6Server:libcurl-0:7.19.7-46.el6.ppc", "6Server:libcurl-0:7.19.7-46.el6.ppc64", "6Server:libcurl-0:7.19.7-46.el6.s390", "6Server:libcurl-0:7.19.7-46.el6.s390x", "6Server:libcurl-0:7.19.7-46.el6.x86_64", "6Server:libcurl-devel-0:7.19.7-46.el6.i686", "6Server:libcurl-devel-0:7.19.7-46.el6.ppc", "6Server:libcurl-devel-0:7.19.7-46.el6.ppc64", "6Server:libcurl-devel-0:7.19.7-46.el6.s390", "6Server:libcurl-devel-0:7.19.7-46.el6.s390x", "6Server:libcurl-devel-0:7.19.7-46.el6.x86_64", "6Workstation:curl-0:7.19.7-46.el6.i686", "6Workstation:curl-0:7.19.7-46.el6.ppc64", "6Workstation:curl-0:7.19.7-46.el6.s390x", "6Workstation:curl-0:7.19.7-46.el6.src", "6Workstation:curl-0:7.19.7-46.el6.x86_64", "6Workstation:curl-debuginfo-0:7.19.7-46.el6.i686", "6Workstation:curl-debuginfo-0:7.19.7-46.el6.ppc", "6Workstation:curl-debuginfo-0:7.19.7-46.el6.ppc64", "6Workstation:curl-debuginfo-0:7.19.7-46.el6.s390", "6Workstation:curl-debuginfo-0:7.19.7-46.el6.s390x", "6Workstation:curl-debuginfo-0:7.19.7-46.el6.x86_64", "6Workstation:libcurl-0:7.19.7-46.el6.i686", "6Workstation:libcurl-0:7.19.7-46.el6.ppc", "6Workstation:libcurl-0:7.19.7-46.el6.ppc64", "6Workstation:libcurl-0:7.19.7-46.el6.s390", "6Workstation:libcurl-0:7.19.7-46.el6.s390x", "6Workstation:libcurl-0:7.19.7-46.el6.x86_64", "6Workstation:libcurl-devel-0:7.19.7-46.el6.i686", "6Workstation:libcurl-devel-0:7.19.7-46.el6.ppc", "6Workstation:libcurl-devel-0:7.19.7-46.el6.ppc64", "6Workstation:libcurl-devel-0:7.19.7-46.el6.s390", "6Workstation:libcurl-devel-0:7.19.7-46.el6.s390x", "6Workstation:libcurl-devel-0:7.19.7-46.el6.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "curl: incorrect handling of IP addresses in cookie domain" }, { "acknowledgments": [ { "names": [ "cURL project" ] }, { "names": [ "Symeon Paraschoudis" ], "summary": "Acknowledged by upstream." } ], "cve": "CVE-2014-3707", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "discovery_date": "2014-10-20T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1154941" } ], "notes": [ { "category": "description", "text": "A flaw was found in the way the libcurl library performed the duplication of connection handles. If an application set the CURLOPT_COPYPOSTFIELDS option for a handle, using the handle\u0027s duplicate could cause the application to crash or disclose a portion of its memory.", "title": "Vulnerability description" }, { "category": "summary", "text": "curl: incorrect handle duplication after COPYPOSTFIELDS", "title": "Vulnerability summary" }, { "category": "other", "text": "This issue does not affect the versions of curl as shipped with Red Hat Enterprise Linux 5.\n\nNote that there are no applications provided with Red Hat Enterprise Linux that use the vulnerable CURLOPT_COPYPOSTFIELDS option, except PHP which could only be affected if used in an extremely unlikely scenario or via the script\u0027s author.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-optional:curl-0:7.19.7-46.el6.i686", "6Client-optional:curl-0:7.19.7-46.el6.ppc64", "6Client-optional:curl-0:7.19.7-46.el6.s390x", "6Client-optional:curl-0:7.19.7-46.el6.src", "6Client-optional:curl-0:7.19.7-46.el6.x86_64", "6Client-optional:curl-debuginfo-0:7.19.7-46.el6.i686", "6Client-optional:curl-debuginfo-0:7.19.7-46.el6.ppc", "6Client-optional:curl-debuginfo-0:7.19.7-46.el6.ppc64", "6Client-optional:curl-debuginfo-0:7.19.7-46.el6.s390", "6Client-optional:curl-debuginfo-0:7.19.7-46.el6.s390x", "6Client-optional:curl-debuginfo-0:7.19.7-46.el6.x86_64", "6Client-optional:libcurl-0:7.19.7-46.el6.i686", "6Client-optional:libcurl-0:7.19.7-46.el6.ppc", "6Client-optional:libcurl-0:7.19.7-46.el6.ppc64", "6Client-optional:libcurl-0:7.19.7-46.el6.s390", "6Client-optional:libcurl-0:7.19.7-46.el6.s390x", "6Client-optional:libcurl-0:7.19.7-46.el6.x86_64", "6Client-optional:libcurl-devel-0:7.19.7-46.el6.i686", "6Client-optional:libcurl-devel-0:7.19.7-46.el6.ppc", "6Client-optional:libcurl-devel-0:7.19.7-46.el6.ppc64", "6Client-optional:libcurl-devel-0:7.19.7-46.el6.s390", "6Client-optional:libcurl-devel-0:7.19.7-46.el6.s390x", "6Client-optional:libcurl-devel-0:7.19.7-46.el6.x86_64", "6Client:curl-0:7.19.7-46.el6.i686", "6Client:curl-0:7.19.7-46.el6.ppc64", "6Client:curl-0:7.19.7-46.el6.s390x", "6Client:curl-0:7.19.7-46.el6.src", "6Client:curl-0:7.19.7-46.el6.x86_64", "6Client:curl-debuginfo-0:7.19.7-46.el6.i686", "6Client:curl-debuginfo-0:7.19.7-46.el6.ppc", "6Client:curl-debuginfo-0:7.19.7-46.el6.ppc64", "6Client:curl-debuginfo-0:7.19.7-46.el6.s390", "6Client:curl-debuginfo-0:7.19.7-46.el6.s390x", "6Client:curl-debuginfo-0:7.19.7-46.el6.x86_64", "6Client:libcurl-0:7.19.7-46.el6.i686", "6Client:libcurl-0:7.19.7-46.el6.ppc", "6Client:libcurl-0:7.19.7-46.el6.ppc64", "6Client:libcurl-0:7.19.7-46.el6.s390", "6Client:libcurl-0:7.19.7-46.el6.s390x", "6Client:libcurl-0:7.19.7-46.el6.x86_64", "6Client:libcurl-devel-0:7.19.7-46.el6.i686", "6Client:libcurl-devel-0:7.19.7-46.el6.ppc", "6Client:libcurl-devel-0:7.19.7-46.el6.ppc64", "6Client:libcurl-devel-0:7.19.7-46.el6.s390", "6Client:libcurl-devel-0:7.19.7-46.el6.s390x", "6Client:libcurl-devel-0:7.19.7-46.el6.x86_64", "6ComputeNode-optional:curl-0:7.19.7-46.el6.i686", "6ComputeNode-optional:curl-0:7.19.7-46.el6.ppc64", "6ComputeNode-optional:curl-0:7.19.7-46.el6.s390x", "6ComputeNode-optional:curl-0:7.19.7-46.el6.src", "6ComputeNode-optional:curl-0:7.19.7-46.el6.x86_64", "6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.i686", "6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.ppc", "6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.ppc64", "6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.s390", "6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.s390x", "6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.x86_64", "6ComputeNode-optional:libcurl-0:7.19.7-46.el6.i686", "6ComputeNode-optional:libcurl-0:7.19.7-46.el6.ppc", "6ComputeNode-optional:libcurl-0:7.19.7-46.el6.ppc64", "6ComputeNode-optional:libcurl-0:7.19.7-46.el6.s390", "6ComputeNode-optional:libcurl-0:7.19.7-46.el6.s390x", "6ComputeNode-optional:libcurl-0:7.19.7-46.el6.x86_64", "6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.i686", "6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.ppc", "6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.ppc64", "6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.s390", "6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.s390x", "6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.x86_64", "6ComputeNode:curl-0:7.19.7-46.el6.i686", "6ComputeNode:curl-0:7.19.7-46.el6.ppc64", "6ComputeNode:curl-0:7.19.7-46.el6.s390x", "6ComputeNode:curl-0:7.19.7-46.el6.src", "6ComputeNode:curl-0:7.19.7-46.el6.x86_64", "6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.i686", "6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.ppc", "6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.ppc64", "6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.s390", "6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.s390x", "6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.x86_64", "6ComputeNode:libcurl-0:7.19.7-46.el6.i686", "6ComputeNode:libcurl-0:7.19.7-46.el6.ppc", "6ComputeNode:libcurl-0:7.19.7-46.el6.ppc64", "6ComputeNode:libcurl-0:7.19.7-46.el6.s390", "6ComputeNode:libcurl-0:7.19.7-46.el6.s390x", "6ComputeNode:libcurl-0:7.19.7-46.el6.x86_64", "6ComputeNode:libcurl-devel-0:7.19.7-46.el6.i686", "6ComputeNode:libcurl-devel-0:7.19.7-46.el6.ppc", "6ComputeNode:libcurl-devel-0:7.19.7-46.el6.ppc64", "6ComputeNode:libcurl-devel-0:7.19.7-46.el6.s390", "6ComputeNode:libcurl-devel-0:7.19.7-46.el6.s390x", "6ComputeNode:libcurl-devel-0:7.19.7-46.el6.x86_64", "6Server:curl-0:7.19.7-46.el6.i686", "6Server:curl-0:7.19.7-46.el6.ppc64", "6Server:curl-0:7.19.7-46.el6.s390x", "6Server:curl-0:7.19.7-46.el6.src", "6Server:curl-0:7.19.7-46.el6.x86_64", "6Server:curl-debuginfo-0:7.19.7-46.el6.i686", "6Server:curl-debuginfo-0:7.19.7-46.el6.ppc", "6Server:curl-debuginfo-0:7.19.7-46.el6.ppc64", "6Server:curl-debuginfo-0:7.19.7-46.el6.s390", "6Server:curl-debuginfo-0:7.19.7-46.el6.s390x", "6Server:curl-debuginfo-0:7.19.7-46.el6.x86_64", "6Server:libcurl-0:7.19.7-46.el6.i686", "6Server:libcurl-0:7.19.7-46.el6.ppc", "6Server:libcurl-0:7.19.7-46.el6.ppc64", "6Server:libcurl-0:7.19.7-46.el6.s390", "6Server:libcurl-0:7.19.7-46.el6.s390x", "6Server:libcurl-0:7.19.7-46.el6.x86_64", "6Server:libcurl-devel-0:7.19.7-46.el6.i686", "6Server:libcurl-devel-0:7.19.7-46.el6.ppc", "6Server:libcurl-devel-0:7.19.7-46.el6.ppc64", "6Server:libcurl-devel-0:7.19.7-46.el6.s390", "6Server:libcurl-devel-0:7.19.7-46.el6.s390x", "6Server:libcurl-devel-0:7.19.7-46.el6.x86_64", "6Workstation:curl-0:7.19.7-46.el6.i686", "6Workstation:curl-0:7.19.7-46.el6.ppc64", "6Workstation:curl-0:7.19.7-46.el6.s390x", "6Workstation:curl-0:7.19.7-46.el6.src", "6Workstation:curl-0:7.19.7-46.el6.x86_64", "6Workstation:curl-debuginfo-0:7.19.7-46.el6.i686", "6Workstation:curl-debuginfo-0:7.19.7-46.el6.ppc", "6Workstation:curl-debuginfo-0:7.19.7-46.el6.ppc64", "6Workstation:curl-debuginfo-0:7.19.7-46.el6.s390", "6Workstation:curl-debuginfo-0:7.19.7-46.el6.s390x", "6Workstation:curl-debuginfo-0:7.19.7-46.el6.x86_64", "6Workstation:libcurl-0:7.19.7-46.el6.i686", "6Workstation:libcurl-0:7.19.7-46.el6.ppc", "6Workstation:libcurl-0:7.19.7-46.el6.ppc64", "6Workstation:libcurl-0:7.19.7-46.el6.s390", "6Workstation:libcurl-0:7.19.7-46.el6.s390x", "6Workstation:libcurl-0:7.19.7-46.el6.x86_64", "6Workstation:libcurl-devel-0:7.19.7-46.el6.i686", "6Workstation:libcurl-devel-0:7.19.7-46.el6.ppc", "6Workstation:libcurl-devel-0:7.19.7-46.el6.ppc64", "6Workstation:libcurl-devel-0:7.19.7-46.el6.s390", "6Workstation:libcurl-devel-0:7.19.7-46.el6.s390x", "6Workstation:libcurl-devel-0:7.19.7-46.el6.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2014-3707" }, { "category": "external", "summary": "RHBZ#1154941", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1154941" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2014-3707", "url": "https://www.cve.org/CVERecord?id=CVE-2014-3707" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-3707", "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-3707" }, { "category": "external", "summary": "http://curl.haxx.se/docs/adv_20141105.html", "url": "http://curl.haxx.se/docs/adv_20141105.html" } ], "release_date": "2014-11-05T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2015-07-20T13:50:03+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "6Client-optional:curl-0:7.19.7-46.el6.i686", "6Client-optional:curl-0:7.19.7-46.el6.ppc64", "6Client-optional:curl-0:7.19.7-46.el6.s390x", "6Client-optional:curl-0:7.19.7-46.el6.src", "6Client-optional:curl-0:7.19.7-46.el6.x86_64", "6Client-optional:curl-debuginfo-0:7.19.7-46.el6.i686", "6Client-optional:curl-debuginfo-0:7.19.7-46.el6.ppc", "6Client-optional:curl-debuginfo-0:7.19.7-46.el6.ppc64", "6Client-optional:curl-debuginfo-0:7.19.7-46.el6.s390", "6Client-optional:curl-debuginfo-0:7.19.7-46.el6.s390x", "6Client-optional:curl-debuginfo-0:7.19.7-46.el6.x86_64", "6Client-optional:libcurl-0:7.19.7-46.el6.i686", "6Client-optional:libcurl-0:7.19.7-46.el6.ppc", "6Client-optional:libcurl-0:7.19.7-46.el6.ppc64", "6Client-optional:libcurl-0:7.19.7-46.el6.s390", "6Client-optional:libcurl-0:7.19.7-46.el6.s390x", "6Client-optional:libcurl-0:7.19.7-46.el6.x86_64", "6Client-optional:libcurl-devel-0:7.19.7-46.el6.i686", "6Client-optional:libcurl-devel-0:7.19.7-46.el6.ppc", "6Client-optional:libcurl-devel-0:7.19.7-46.el6.ppc64", "6Client-optional:libcurl-devel-0:7.19.7-46.el6.s390", "6Client-optional:libcurl-devel-0:7.19.7-46.el6.s390x", "6Client-optional:libcurl-devel-0:7.19.7-46.el6.x86_64", "6Client:curl-0:7.19.7-46.el6.i686", "6Client:curl-0:7.19.7-46.el6.ppc64", "6Client:curl-0:7.19.7-46.el6.s390x", "6Client:curl-0:7.19.7-46.el6.src", "6Client:curl-0:7.19.7-46.el6.x86_64", "6Client:curl-debuginfo-0:7.19.7-46.el6.i686", "6Client:curl-debuginfo-0:7.19.7-46.el6.ppc", "6Client:curl-debuginfo-0:7.19.7-46.el6.ppc64", "6Client:curl-debuginfo-0:7.19.7-46.el6.s390", "6Client:curl-debuginfo-0:7.19.7-46.el6.s390x", "6Client:curl-debuginfo-0:7.19.7-46.el6.x86_64", "6Client:libcurl-0:7.19.7-46.el6.i686", "6Client:libcurl-0:7.19.7-46.el6.ppc", "6Client:libcurl-0:7.19.7-46.el6.ppc64", "6Client:libcurl-0:7.19.7-46.el6.s390", "6Client:libcurl-0:7.19.7-46.el6.s390x", "6Client:libcurl-0:7.19.7-46.el6.x86_64", "6Client:libcurl-devel-0:7.19.7-46.el6.i686", "6Client:libcurl-devel-0:7.19.7-46.el6.ppc", "6Client:libcurl-devel-0:7.19.7-46.el6.ppc64", "6Client:libcurl-devel-0:7.19.7-46.el6.s390", "6Client:libcurl-devel-0:7.19.7-46.el6.s390x", "6Client:libcurl-devel-0:7.19.7-46.el6.x86_64", "6ComputeNode-optional:curl-0:7.19.7-46.el6.i686", "6ComputeNode-optional:curl-0:7.19.7-46.el6.ppc64", "6ComputeNode-optional:curl-0:7.19.7-46.el6.s390x", "6ComputeNode-optional:curl-0:7.19.7-46.el6.src", "6ComputeNode-optional:curl-0:7.19.7-46.el6.x86_64", "6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.i686", "6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.ppc", "6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.ppc64", "6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.s390", "6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.s390x", "6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.x86_64", "6ComputeNode-optional:libcurl-0:7.19.7-46.el6.i686", "6ComputeNode-optional:libcurl-0:7.19.7-46.el6.ppc", "6ComputeNode-optional:libcurl-0:7.19.7-46.el6.ppc64", "6ComputeNode-optional:libcurl-0:7.19.7-46.el6.s390", "6ComputeNode-optional:libcurl-0:7.19.7-46.el6.s390x", "6ComputeNode-optional:libcurl-0:7.19.7-46.el6.x86_64", "6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.i686", "6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.ppc", "6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.ppc64", "6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.s390", "6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.s390x", "6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.x86_64", "6ComputeNode:curl-0:7.19.7-46.el6.i686", "6ComputeNode:curl-0:7.19.7-46.el6.ppc64", "6ComputeNode:curl-0:7.19.7-46.el6.s390x", "6ComputeNode:curl-0:7.19.7-46.el6.src", "6ComputeNode:curl-0:7.19.7-46.el6.x86_64", "6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.i686", "6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.ppc", "6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.ppc64", "6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.s390", "6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.s390x", "6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.x86_64", "6ComputeNode:libcurl-0:7.19.7-46.el6.i686", "6ComputeNode:libcurl-0:7.19.7-46.el6.ppc", "6ComputeNode:libcurl-0:7.19.7-46.el6.ppc64", "6ComputeNode:libcurl-0:7.19.7-46.el6.s390", "6ComputeNode:libcurl-0:7.19.7-46.el6.s390x", "6ComputeNode:libcurl-0:7.19.7-46.el6.x86_64", "6ComputeNode:libcurl-devel-0:7.19.7-46.el6.i686", "6ComputeNode:libcurl-devel-0:7.19.7-46.el6.ppc", "6ComputeNode:libcurl-devel-0:7.19.7-46.el6.ppc64", "6ComputeNode:libcurl-devel-0:7.19.7-46.el6.s390", "6ComputeNode:libcurl-devel-0:7.19.7-46.el6.s390x", "6ComputeNode:libcurl-devel-0:7.19.7-46.el6.x86_64", "6Server:curl-0:7.19.7-46.el6.i686", "6Server:curl-0:7.19.7-46.el6.ppc64", "6Server:curl-0:7.19.7-46.el6.s390x", "6Server:curl-0:7.19.7-46.el6.src", "6Server:curl-0:7.19.7-46.el6.x86_64", "6Server:curl-debuginfo-0:7.19.7-46.el6.i686", "6Server:curl-debuginfo-0:7.19.7-46.el6.ppc", "6Server:curl-debuginfo-0:7.19.7-46.el6.ppc64", "6Server:curl-debuginfo-0:7.19.7-46.el6.s390", "6Server:curl-debuginfo-0:7.19.7-46.el6.s390x", "6Server:curl-debuginfo-0:7.19.7-46.el6.x86_64", "6Server:libcurl-0:7.19.7-46.el6.i686", "6Server:libcurl-0:7.19.7-46.el6.ppc", "6Server:libcurl-0:7.19.7-46.el6.ppc64", "6Server:libcurl-0:7.19.7-46.el6.s390", "6Server:libcurl-0:7.19.7-46.el6.s390x", "6Server:libcurl-0:7.19.7-46.el6.x86_64", "6Server:libcurl-devel-0:7.19.7-46.el6.i686", "6Server:libcurl-devel-0:7.19.7-46.el6.ppc", "6Server:libcurl-devel-0:7.19.7-46.el6.ppc64", "6Server:libcurl-devel-0:7.19.7-46.el6.s390", "6Server:libcurl-devel-0:7.19.7-46.el6.s390x", "6Server:libcurl-devel-0:7.19.7-46.el6.x86_64", "6Workstation:curl-0:7.19.7-46.el6.i686", "6Workstation:curl-0:7.19.7-46.el6.ppc64", "6Workstation:curl-0:7.19.7-46.el6.s390x", "6Workstation:curl-0:7.19.7-46.el6.src", "6Workstation:curl-0:7.19.7-46.el6.x86_64", "6Workstation:curl-debuginfo-0:7.19.7-46.el6.i686", "6Workstation:curl-debuginfo-0:7.19.7-46.el6.ppc", "6Workstation:curl-debuginfo-0:7.19.7-46.el6.ppc64", "6Workstation:curl-debuginfo-0:7.19.7-46.el6.s390", "6Workstation:curl-debuginfo-0:7.19.7-46.el6.s390x", "6Workstation:curl-debuginfo-0:7.19.7-46.el6.x86_64", "6Workstation:libcurl-0:7.19.7-46.el6.i686", "6Workstation:libcurl-0:7.19.7-46.el6.ppc", "6Workstation:libcurl-0:7.19.7-46.el6.ppc64", "6Workstation:libcurl-0:7.19.7-46.el6.s390", "6Workstation:libcurl-0:7.19.7-46.el6.s390x", "6Workstation:libcurl-0:7.19.7-46.el6.x86_64", "6Workstation:libcurl-devel-0:7.19.7-46.el6.i686", "6Workstation:libcurl-devel-0:7.19.7-46.el6.ppc", "6Workstation:libcurl-devel-0:7.19.7-46.el6.ppc64", "6Workstation:libcurl-devel-0:7.19.7-46.el6.s390", "6Workstation:libcurl-devel-0:7.19.7-46.el6.s390x", "6Workstation:libcurl-devel-0:7.19.7-46.el6.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2015:1254" } ], "scores": [ { "cvss_v2": { "accessComplexity": "HIGH", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:H/Au:N/C:P/I:N/A:P", "version": "2.0" }, "products": [ "6Client-optional:curl-0:7.19.7-46.el6.i686", "6Client-optional:curl-0:7.19.7-46.el6.ppc64", "6Client-optional:curl-0:7.19.7-46.el6.s390x", "6Client-optional:curl-0:7.19.7-46.el6.src", "6Client-optional:curl-0:7.19.7-46.el6.x86_64", "6Client-optional:curl-debuginfo-0:7.19.7-46.el6.i686", "6Client-optional:curl-debuginfo-0:7.19.7-46.el6.ppc", "6Client-optional:curl-debuginfo-0:7.19.7-46.el6.ppc64", "6Client-optional:curl-debuginfo-0:7.19.7-46.el6.s390", "6Client-optional:curl-debuginfo-0:7.19.7-46.el6.s390x", "6Client-optional:curl-debuginfo-0:7.19.7-46.el6.x86_64", "6Client-optional:libcurl-0:7.19.7-46.el6.i686", "6Client-optional:libcurl-0:7.19.7-46.el6.ppc", "6Client-optional:libcurl-0:7.19.7-46.el6.ppc64", "6Client-optional:libcurl-0:7.19.7-46.el6.s390", "6Client-optional:libcurl-0:7.19.7-46.el6.s390x", "6Client-optional:libcurl-0:7.19.7-46.el6.x86_64", "6Client-optional:libcurl-devel-0:7.19.7-46.el6.i686", "6Client-optional:libcurl-devel-0:7.19.7-46.el6.ppc", "6Client-optional:libcurl-devel-0:7.19.7-46.el6.ppc64", "6Client-optional:libcurl-devel-0:7.19.7-46.el6.s390", "6Client-optional:libcurl-devel-0:7.19.7-46.el6.s390x", "6Client-optional:libcurl-devel-0:7.19.7-46.el6.x86_64", "6Client:curl-0:7.19.7-46.el6.i686", "6Client:curl-0:7.19.7-46.el6.ppc64", "6Client:curl-0:7.19.7-46.el6.s390x", "6Client:curl-0:7.19.7-46.el6.src", "6Client:curl-0:7.19.7-46.el6.x86_64", "6Client:curl-debuginfo-0:7.19.7-46.el6.i686", "6Client:curl-debuginfo-0:7.19.7-46.el6.ppc", "6Client:curl-debuginfo-0:7.19.7-46.el6.ppc64", "6Client:curl-debuginfo-0:7.19.7-46.el6.s390", "6Client:curl-debuginfo-0:7.19.7-46.el6.s390x", "6Client:curl-debuginfo-0:7.19.7-46.el6.x86_64", "6Client:libcurl-0:7.19.7-46.el6.i686", "6Client:libcurl-0:7.19.7-46.el6.ppc", "6Client:libcurl-0:7.19.7-46.el6.ppc64", "6Client:libcurl-0:7.19.7-46.el6.s390", "6Client:libcurl-0:7.19.7-46.el6.s390x", "6Client:libcurl-0:7.19.7-46.el6.x86_64", "6Client:libcurl-devel-0:7.19.7-46.el6.i686", "6Client:libcurl-devel-0:7.19.7-46.el6.ppc", "6Client:libcurl-devel-0:7.19.7-46.el6.ppc64", "6Client:libcurl-devel-0:7.19.7-46.el6.s390", "6Client:libcurl-devel-0:7.19.7-46.el6.s390x", "6Client:libcurl-devel-0:7.19.7-46.el6.x86_64", "6ComputeNode-optional:curl-0:7.19.7-46.el6.i686", "6ComputeNode-optional:curl-0:7.19.7-46.el6.ppc64", "6ComputeNode-optional:curl-0:7.19.7-46.el6.s390x", "6ComputeNode-optional:curl-0:7.19.7-46.el6.src", "6ComputeNode-optional:curl-0:7.19.7-46.el6.x86_64", "6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.i686", "6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.ppc", "6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.ppc64", "6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.s390", "6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.s390x", "6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.x86_64", "6ComputeNode-optional:libcurl-0:7.19.7-46.el6.i686", "6ComputeNode-optional:libcurl-0:7.19.7-46.el6.ppc", "6ComputeNode-optional:libcurl-0:7.19.7-46.el6.ppc64", "6ComputeNode-optional:libcurl-0:7.19.7-46.el6.s390", "6ComputeNode-optional:libcurl-0:7.19.7-46.el6.s390x", "6ComputeNode-optional:libcurl-0:7.19.7-46.el6.x86_64", "6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.i686", "6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.ppc", "6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.ppc64", "6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.s390", "6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.s390x", "6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.x86_64", "6ComputeNode:curl-0:7.19.7-46.el6.i686", "6ComputeNode:curl-0:7.19.7-46.el6.ppc64", "6ComputeNode:curl-0:7.19.7-46.el6.s390x", "6ComputeNode:curl-0:7.19.7-46.el6.src", "6ComputeNode:curl-0:7.19.7-46.el6.x86_64", "6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.i686", "6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.ppc", "6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.ppc64", "6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.s390", "6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.s390x", "6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.x86_64", "6ComputeNode:libcurl-0:7.19.7-46.el6.i686", "6ComputeNode:libcurl-0:7.19.7-46.el6.ppc", "6ComputeNode:libcurl-0:7.19.7-46.el6.ppc64", "6ComputeNode:libcurl-0:7.19.7-46.el6.s390", "6ComputeNode:libcurl-0:7.19.7-46.el6.s390x", "6ComputeNode:libcurl-0:7.19.7-46.el6.x86_64", "6ComputeNode:libcurl-devel-0:7.19.7-46.el6.i686", "6ComputeNode:libcurl-devel-0:7.19.7-46.el6.ppc", "6ComputeNode:libcurl-devel-0:7.19.7-46.el6.ppc64", "6ComputeNode:libcurl-devel-0:7.19.7-46.el6.s390", "6ComputeNode:libcurl-devel-0:7.19.7-46.el6.s390x", "6ComputeNode:libcurl-devel-0:7.19.7-46.el6.x86_64", "6Server:curl-0:7.19.7-46.el6.i686", "6Server:curl-0:7.19.7-46.el6.ppc64", "6Server:curl-0:7.19.7-46.el6.s390x", "6Server:curl-0:7.19.7-46.el6.src", "6Server:curl-0:7.19.7-46.el6.x86_64", "6Server:curl-debuginfo-0:7.19.7-46.el6.i686", "6Server:curl-debuginfo-0:7.19.7-46.el6.ppc", "6Server:curl-debuginfo-0:7.19.7-46.el6.ppc64", "6Server:curl-debuginfo-0:7.19.7-46.el6.s390", "6Server:curl-debuginfo-0:7.19.7-46.el6.s390x", "6Server:curl-debuginfo-0:7.19.7-46.el6.x86_64", "6Server:libcurl-0:7.19.7-46.el6.i686", "6Server:libcurl-0:7.19.7-46.el6.ppc", "6Server:libcurl-0:7.19.7-46.el6.ppc64", "6Server:libcurl-0:7.19.7-46.el6.s390", "6Server:libcurl-0:7.19.7-46.el6.s390x", "6Server:libcurl-0:7.19.7-46.el6.x86_64", "6Server:libcurl-devel-0:7.19.7-46.el6.i686", "6Server:libcurl-devel-0:7.19.7-46.el6.ppc", "6Server:libcurl-devel-0:7.19.7-46.el6.ppc64", "6Server:libcurl-devel-0:7.19.7-46.el6.s390", "6Server:libcurl-devel-0:7.19.7-46.el6.s390x", "6Server:libcurl-devel-0:7.19.7-46.el6.x86_64", "6Workstation:curl-0:7.19.7-46.el6.i686", "6Workstation:curl-0:7.19.7-46.el6.ppc64", "6Workstation:curl-0:7.19.7-46.el6.s390x", "6Workstation:curl-0:7.19.7-46.el6.src", "6Workstation:curl-0:7.19.7-46.el6.x86_64", "6Workstation:curl-debuginfo-0:7.19.7-46.el6.i686", "6Workstation:curl-debuginfo-0:7.19.7-46.el6.ppc", "6Workstation:curl-debuginfo-0:7.19.7-46.el6.ppc64", "6Workstation:curl-debuginfo-0:7.19.7-46.el6.s390", "6Workstation:curl-debuginfo-0:7.19.7-46.el6.s390x", "6Workstation:curl-debuginfo-0:7.19.7-46.el6.x86_64", "6Workstation:libcurl-0:7.19.7-46.el6.i686", "6Workstation:libcurl-0:7.19.7-46.el6.ppc", "6Workstation:libcurl-0:7.19.7-46.el6.ppc64", "6Workstation:libcurl-0:7.19.7-46.el6.s390", "6Workstation:libcurl-0:7.19.7-46.el6.s390x", "6Workstation:libcurl-0:7.19.7-46.el6.x86_64", "6Workstation:libcurl-devel-0:7.19.7-46.el6.i686", "6Workstation:libcurl-devel-0:7.19.7-46.el6.ppc", "6Workstation:libcurl-devel-0:7.19.7-46.el6.ppc64", "6Workstation:libcurl-devel-0:7.19.7-46.el6.s390", "6Workstation:libcurl-devel-0:7.19.7-46.el6.s390x", "6Workstation:libcurl-devel-0:7.19.7-46.el6.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "curl: incorrect handle duplication after COPYPOSTFIELDS" }, { "acknowledgments": [ { "names": [ "cURL project" ] }, { "names": [ "Andrey Labunets" ], "organization": "Facebook", "summary": "Acknowledged by upstream." } ], "cve": "CVE-2014-8150", "cwe": { "id": "CWE-113", "name": "Improper Neutralization of CRLF Sequences in HTTP Headers (\u0027HTTP Request/Response Splitting\u0027)" }, "discovery_date": "2015-01-05T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1178692" } ], "notes": [ { "category": "description", "text": "It was discovered that the libcurl library failed to properly handle URLs with embedded end-of-line characters. An attacker able to make an application using libcurl access a specially crafted URL via an HTTP proxy could use this flaw to inject additional headers to the request or construct additional requests.", "title": "Vulnerability description" }, { "category": "summary", "text": "curl: URL request injection vulnerability in parseurlandfillconn()", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat Enterprise Linux 5 is now in Production 3 Phase of the support and maintenance life cycle. This has been rated as having Moderate security impact and is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Enterprise Linux Life Cycle: https://access.redhat.com/support/policy/updates/errata/.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-optional:curl-0:7.19.7-46.el6.i686", "6Client-optional:curl-0:7.19.7-46.el6.ppc64", "6Client-optional:curl-0:7.19.7-46.el6.s390x", "6Client-optional:curl-0:7.19.7-46.el6.src", "6Client-optional:curl-0:7.19.7-46.el6.x86_64", "6Client-optional:curl-debuginfo-0:7.19.7-46.el6.i686", "6Client-optional:curl-debuginfo-0:7.19.7-46.el6.ppc", "6Client-optional:curl-debuginfo-0:7.19.7-46.el6.ppc64", "6Client-optional:curl-debuginfo-0:7.19.7-46.el6.s390", "6Client-optional:curl-debuginfo-0:7.19.7-46.el6.s390x", "6Client-optional:curl-debuginfo-0:7.19.7-46.el6.x86_64", "6Client-optional:libcurl-0:7.19.7-46.el6.i686", "6Client-optional:libcurl-0:7.19.7-46.el6.ppc", "6Client-optional:libcurl-0:7.19.7-46.el6.ppc64", "6Client-optional:libcurl-0:7.19.7-46.el6.s390", "6Client-optional:libcurl-0:7.19.7-46.el6.s390x", "6Client-optional:libcurl-0:7.19.7-46.el6.x86_64", "6Client-optional:libcurl-devel-0:7.19.7-46.el6.i686", "6Client-optional:libcurl-devel-0:7.19.7-46.el6.ppc", "6Client-optional:libcurl-devel-0:7.19.7-46.el6.ppc64", "6Client-optional:libcurl-devel-0:7.19.7-46.el6.s390", "6Client-optional:libcurl-devel-0:7.19.7-46.el6.s390x", "6Client-optional:libcurl-devel-0:7.19.7-46.el6.x86_64", "6Client:curl-0:7.19.7-46.el6.i686", "6Client:curl-0:7.19.7-46.el6.ppc64", "6Client:curl-0:7.19.7-46.el6.s390x", "6Client:curl-0:7.19.7-46.el6.src", "6Client:curl-0:7.19.7-46.el6.x86_64", "6Client:curl-debuginfo-0:7.19.7-46.el6.i686", "6Client:curl-debuginfo-0:7.19.7-46.el6.ppc", "6Client:curl-debuginfo-0:7.19.7-46.el6.ppc64", "6Client:curl-debuginfo-0:7.19.7-46.el6.s390", "6Client:curl-debuginfo-0:7.19.7-46.el6.s390x", "6Client:curl-debuginfo-0:7.19.7-46.el6.x86_64", "6Client:libcurl-0:7.19.7-46.el6.i686", "6Client:libcurl-0:7.19.7-46.el6.ppc", "6Client:libcurl-0:7.19.7-46.el6.ppc64", "6Client:libcurl-0:7.19.7-46.el6.s390", "6Client:libcurl-0:7.19.7-46.el6.s390x", "6Client:libcurl-0:7.19.7-46.el6.x86_64", "6Client:libcurl-devel-0:7.19.7-46.el6.i686", "6Client:libcurl-devel-0:7.19.7-46.el6.ppc", "6Client:libcurl-devel-0:7.19.7-46.el6.ppc64", "6Client:libcurl-devel-0:7.19.7-46.el6.s390", "6Client:libcurl-devel-0:7.19.7-46.el6.s390x", "6Client:libcurl-devel-0:7.19.7-46.el6.x86_64", "6ComputeNode-optional:curl-0:7.19.7-46.el6.i686", "6ComputeNode-optional:curl-0:7.19.7-46.el6.ppc64", "6ComputeNode-optional:curl-0:7.19.7-46.el6.s390x", "6ComputeNode-optional:curl-0:7.19.7-46.el6.src", "6ComputeNode-optional:curl-0:7.19.7-46.el6.x86_64", "6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.i686", "6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.ppc", "6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.ppc64", "6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.s390", "6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.s390x", "6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.x86_64", "6ComputeNode-optional:libcurl-0:7.19.7-46.el6.i686", "6ComputeNode-optional:libcurl-0:7.19.7-46.el6.ppc", "6ComputeNode-optional:libcurl-0:7.19.7-46.el6.ppc64", "6ComputeNode-optional:libcurl-0:7.19.7-46.el6.s390", "6ComputeNode-optional:libcurl-0:7.19.7-46.el6.s390x", "6ComputeNode-optional:libcurl-0:7.19.7-46.el6.x86_64", "6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.i686", "6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.ppc", "6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.ppc64", "6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.s390", "6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.s390x", "6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.x86_64", "6ComputeNode:curl-0:7.19.7-46.el6.i686", "6ComputeNode:curl-0:7.19.7-46.el6.ppc64", "6ComputeNode:curl-0:7.19.7-46.el6.s390x", "6ComputeNode:curl-0:7.19.7-46.el6.src", "6ComputeNode:curl-0:7.19.7-46.el6.x86_64", "6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.i686", "6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.ppc", "6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.ppc64", "6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.s390", "6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.s390x", "6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.x86_64", "6ComputeNode:libcurl-0:7.19.7-46.el6.i686", "6ComputeNode:libcurl-0:7.19.7-46.el6.ppc", "6ComputeNode:libcurl-0:7.19.7-46.el6.ppc64", "6ComputeNode:libcurl-0:7.19.7-46.el6.s390", "6ComputeNode:libcurl-0:7.19.7-46.el6.s390x", "6ComputeNode:libcurl-0:7.19.7-46.el6.x86_64", "6ComputeNode:libcurl-devel-0:7.19.7-46.el6.i686", "6ComputeNode:libcurl-devel-0:7.19.7-46.el6.ppc", "6ComputeNode:libcurl-devel-0:7.19.7-46.el6.ppc64", "6ComputeNode:libcurl-devel-0:7.19.7-46.el6.s390", "6ComputeNode:libcurl-devel-0:7.19.7-46.el6.s390x", "6ComputeNode:libcurl-devel-0:7.19.7-46.el6.x86_64", "6Server:curl-0:7.19.7-46.el6.i686", "6Server:curl-0:7.19.7-46.el6.ppc64", "6Server:curl-0:7.19.7-46.el6.s390x", "6Server:curl-0:7.19.7-46.el6.src", "6Server:curl-0:7.19.7-46.el6.x86_64", "6Server:curl-debuginfo-0:7.19.7-46.el6.i686", "6Server:curl-debuginfo-0:7.19.7-46.el6.ppc", "6Server:curl-debuginfo-0:7.19.7-46.el6.ppc64", "6Server:curl-debuginfo-0:7.19.7-46.el6.s390", "6Server:curl-debuginfo-0:7.19.7-46.el6.s390x", "6Server:curl-debuginfo-0:7.19.7-46.el6.x86_64", "6Server:libcurl-0:7.19.7-46.el6.i686", "6Server:libcurl-0:7.19.7-46.el6.ppc", "6Server:libcurl-0:7.19.7-46.el6.ppc64", "6Server:libcurl-0:7.19.7-46.el6.s390", "6Server:libcurl-0:7.19.7-46.el6.s390x", "6Server:libcurl-0:7.19.7-46.el6.x86_64", "6Server:libcurl-devel-0:7.19.7-46.el6.i686", "6Server:libcurl-devel-0:7.19.7-46.el6.ppc", "6Server:libcurl-devel-0:7.19.7-46.el6.ppc64", "6Server:libcurl-devel-0:7.19.7-46.el6.s390", "6Server:libcurl-devel-0:7.19.7-46.el6.s390x", "6Server:libcurl-devel-0:7.19.7-46.el6.x86_64", "6Workstation:curl-0:7.19.7-46.el6.i686", "6Workstation:curl-0:7.19.7-46.el6.ppc64", "6Workstation:curl-0:7.19.7-46.el6.s390x", "6Workstation:curl-0:7.19.7-46.el6.src", "6Workstation:curl-0:7.19.7-46.el6.x86_64", "6Workstation:curl-debuginfo-0:7.19.7-46.el6.i686", "6Workstation:curl-debuginfo-0:7.19.7-46.el6.ppc", "6Workstation:curl-debuginfo-0:7.19.7-46.el6.ppc64", "6Workstation:curl-debuginfo-0:7.19.7-46.el6.s390", "6Workstation:curl-debuginfo-0:7.19.7-46.el6.s390x", "6Workstation:curl-debuginfo-0:7.19.7-46.el6.x86_64", "6Workstation:libcurl-0:7.19.7-46.el6.i686", "6Workstation:libcurl-0:7.19.7-46.el6.ppc", "6Workstation:libcurl-0:7.19.7-46.el6.ppc64", "6Workstation:libcurl-0:7.19.7-46.el6.s390", "6Workstation:libcurl-0:7.19.7-46.el6.s390x", "6Workstation:libcurl-0:7.19.7-46.el6.x86_64", "6Workstation:libcurl-devel-0:7.19.7-46.el6.i686", "6Workstation:libcurl-devel-0:7.19.7-46.el6.ppc", "6Workstation:libcurl-devel-0:7.19.7-46.el6.ppc64", "6Workstation:libcurl-devel-0:7.19.7-46.el6.s390", "6Workstation:libcurl-devel-0:7.19.7-46.el6.s390x", "6Workstation:libcurl-devel-0:7.19.7-46.el6.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2014-8150" }, { "category": "external", "summary": "RHBZ#1178692", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1178692" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2014-8150", "url": "https://www.cve.org/CVERecord?id=CVE-2014-8150" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-8150", "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-8150" }, { "category": "external", "summary": "http://curl.haxx.se/docs/adv_20150108B.html", "url": "http://curl.haxx.se/docs/adv_20150108B.html" } ], "release_date": "2015-01-08T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2015-07-20T13:50:03+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "6Client-optional:curl-0:7.19.7-46.el6.i686", "6Client-optional:curl-0:7.19.7-46.el6.ppc64", "6Client-optional:curl-0:7.19.7-46.el6.s390x", "6Client-optional:curl-0:7.19.7-46.el6.src", "6Client-optional:curl-0:7.19.7-46.el6.x86_64", "6Client-optional:curl-debuginfo-0:7.19.7-46.el6.i686", "6Client-optional:curl-debuginfo-0:7.19.7-46.el6.ppc", "6Client-optional:curl-debuginfo-0:7.19.7-46.el6.ppc64", "6Client-optional:curl-debuginfo-0:7.19.7-46.el6.s390", "6Client-optional:curl-debuginfo-0:7.19.7-46.el6.s390x", "6Client-optional:curl-debuginfo-0:7.19.7-46.el6.x86_64", "6Client-optional:libcurl-0:7.19.7-46.el6.i686", "6Client-optional:libcurl-0:7.19.7-46.el6.ppc", "6Client-optional:libcurl-0:7.19.7-46.el6.ppc64", "6Client-optional:libcurl-0:7.19.7-46.el6.s390", "6Client-optional:libcurl-0:7.19.7-46.el6.s390x", "6Client-optional:libcurl-0:7.19.7-46.el6.x86_64", "6Client-optional:libcurl-devel-0:7.19.7-46.el6.i686", "6Client-optional:libcurl-devel-0:7.19.7-46.el6.ppc", "6Client-optional:libcurl-devel-0:7.19.7-46.el6.ppc64", "6Client-optional:libcurl-devel-0:7.19.7-46.el6.s390", "6Client-optional:libcurl-devel-0:7.19.7-46.el6.s390x", "6Client-optional:libcurl-devel-0:7.19.7-46.el6.x86_64", "6Client:curl-0:7.19.7-46.el6.i686", "6Client:curl-0:7.19.7-46.el6.ppc64", "6Client:curl-0:7.19.7-46.el6.s390x", "6Client:curl-0:7.19.7-46.el6.src", "6Client:curl-0:7.19.7-46.el6.x86_64", "6Client:curl-debuginfo-0:7.19.7-46.el6.i686", "6Client:curl-debuginfo-0:7.19.7-46.el6.ppc", "6Client:curl-debuginfo-0:7.19.7-46.el6.ppc64", "6Client:curl-debuginfo-0:7.19.7-46.el6.s390", "6Client:curl-debuginfo-0:7.19.7-46.el6.s390x", "6Client:curl-debuginfo-0:7.19.7-46.el6.x86_64", "6Client:libcurl-0:7.19.7-46.el6.i686", "6Client:libcurl-0:7.19.7-46.el6.ppc", "6Client:libcurl-0:7.19.7-46.el6.ppc64", "6Client:libcurl-0:7.19.7-46.el6.s390", "6Client:libcurl-0:7.19.7-46.el6.s390x", "6Client:libcurl-0:7.19.7-46.el6.x86_64", "6Client:libcurl-devel-0:7.19.7-46.el6.i686", "6Client:libcurl-devel-0:7.19.7-46.el6.ppc", "6Client:libcurl-devel-0:7.19.7-46.el6.ppc64", "6Client:libcurl-devel-0:7.19.7-46.el6.s390", "6Client:libcurl-devel-0:7.19.7-46.el6.s390x", "6Client:libcurl-devel-0:7.19.7-46.el6.x86_64", "6ComputeNode-optional:curl-0:7.19.7-46.el6.i686", "6ComputeNode-optional:curl-0:7.19.7-46.el6.ppc64", "6ComputeNode-optional:curl-0:7.19.7-46.el6.s390x", "6ComputeNode-optional:curl-0:7.19.7-46.el6.src", "6ComputeNode-optional:curl-0:7.19.7-46.el6.x86_64", "6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.i686", "6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.ppc", "6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.ppc64", "6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.s390", "6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.s390x", "6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.x86_64", "6ComputeNode-optional:libcurl-0:7.19.7-46.el6.i686", "6ComputeNode-optional:libcurl-0:7.19.7-46.el6.ppc", "6ComputeNode-optional:libcurl-0:7.19.7-46.el6.ppc64", "6ComputeNode-optional:libcurl-0:7.19.7-46.el6.s390", "6ComputeNode-optional:libcurl-0:7.19.7-46.el6.s390x", "6ComputeNode-optional:libcurl-0:7.19.7-46.el6.x86_64", "6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.i686", "6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.ppc", "6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.ppc64", "6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.s390", "6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.s390x", "6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.x86_64", "6ComputeNode:curl-0:7.19.7-46.el6.i686", "6ComputeNode:curl-0:7.19.7-46.el6.ppc64", "6ComputeNode:curl-0:7.19.7-46.el6.s390x", "6ComputeNode:curl-0:7.19.7-46.el6.src", "6ComputeNode:curl-0:7.19.7-46.el6.x86_64", "6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.i686", "6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.ppc", "6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.ppc64", "6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.s390", "6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.s390x", "6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.x86_64", "6ComputeNode:libcurl-0:7.19.7-46.el6.i686", "6ComputeNode:libcurl-0:7.19.7-46.el6.ppc", "6ComputeNode:libcurl-0:7.19.7-46.el6.ppc64", "6ComputeNode:libcurl-0:7.19.7-46.el6.s390", "6ComputeNode:libcurl-0:7.19.7-46.el6.s390x", "6ComputeNode:libcurl-0:7.19.7-46.el6.x86_64", "6ComputeNode:libcurl-devel-0:7.19.7-46.el6.i686", "6ComputeNode:libcurl-devel-0:7.19.7-46.el6.ppc", "6ComputeNode:libcurl-devel-0:7.19.7-46.el6.ppc64", "6ComputeNode:libcurl-devel-0:7.19.7-46.el6.s390", "6ComputeNode:libcurl-devel-0:7.19.7-46.el6.s390x", "6ComputeNode:libcurl-devel-0:7.19.7-46.el6.x86_64", "6Server:curl-0:7.19.7-46.el6.i686", "6Server:curl-0:7.19.7-46.el6.ppc64", "6Server:curl-0:7.19.7-46.el6.s390x", "6Server:curl-0:7.19.7-46.el6.src", "6Server:curl-0:7.19.7-46.el6.x86_64", "6Server:curl-debuginfo-0:7.19.7-46.el6.i686", "6Server:curl-debuginfo-0:7.19.7-46.el6.ppc", "6Server:curl-debuginfo-0:7.19.7-46.el6.ppc64", "6Server:curl-debuginfo-0:7.19.7-46.el6.s390", "6Server:curl-debuginfo-0:7.19.7-46.el6.s390x", "6Server:curl-debuginfo-0:7.19.7-46.el6.x86_64", "6Server:libcurl-0:7.19.7-46.el6.i686", "6Server:libcurl-0:7.19.7-46.el6.ppc", "6Server:libcurl-0:7.19.7-46.el6.ppc64", "6Server:libcurl-0:7.19.7-46.el6.s390", "6Server:libcurl-0:7.19.7-46.el6.s390x", "6Server:libcurl-0:7.19.7-46.el6.x86_64", "6Server:libcurl-devel-0:7.19.7-46.el6.i686", "6Server:libcurl-devel-0:7.19.7-46.el6.ppc", "6Server:libcurl-devel-0:7.19.7-46.el6.ppc64", "6Server:libcurl-devel-0:7.19.7-46.el6.s390", "6Server:libcurl-devel-0:7.19.7-46.el6.s390x", "6Server:libcurl-devel-0:7.19.7-46.el6.x86_64", "6Workstation:curl-0:7.19.7-46.el6.i686", "6Workstation:curl-0:7.19.7-46.el6.ppc64", "6Workstation:curl-0:7.19.7-46.el6.s390x", "6Workstation:curl-0:7.19.7-46.el6.src", "6Workstation:curl-0:7.19.7-46.el6.x86_64", "6Workstation:curl-debuginfo-0:7.19.7-46.el6.i686", "6Workstation:curl-debuginfo-0:7.19.7-46.el6.ppc", "6Workstation:curl-debuginfo-0:7.19.7-46.el6.ppc64", "6Workstation:curl-debuginfo-0:7.19.7-46.el6.s390", "6Workstation:curl-debuginfo-0:7.19.7-46.el6.s390x", "6Workstation:curl-debuginfo-0:7.19.7-46.el6.x86_64", "6Workstation:libcurl-0:7.19.7-46.el6.i686", "6Workstation:libcurl-0:7.19.7-46.el6.ppc", "6Workstation:libcurl-0:7.19.7-46.el6.ppc64", "6Workstation:libcurl-0:7.19.7-46.el6.s390", "6Workstation:libcurl-0:7.19.7-46.el6.s390x", "6Workstation:libcurl-0:7.19.7-46.el6.x86_64", "6Workstation:libcurl-devel-0:7.19.7-46.el6.i686", "6Workstation:libcurl-devel-0:7.19.7-46.el6.ppc", "6Workstation:libcurl-devel-0:7.19.7-46.el6.ppc64", "6Workstation:libcurl-devel-0:7.19.7-46.el6.s390", "6Workstation:libcurl-devel-0:7.19.7-46.el6.s390x", "6Workstation:libcurl-devel-0:7.19.7-46.el6.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2015:1254" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0" }, "products": [ "6Client-optional:curl-0:7.19.7-46.el6.i686", "6Client-optional:curl-0:7.19.7-46.el6.ppc64", "6Client-optional:curl-0:7.19.7-46.el6.s390x", "6Client-optional:curl-0:7.19.7-46.el6.src", "6Client-optional:curl-0:7.19.7-46.el6.x86_64", "6Client-optional:curl-debuginfo-0:7.19.7-46.el6.i686", "6Client-optional:curl-debuginfo-0:7.19.7-46.el6.ppc", "6Client-optional:curl-debuginfo-0:7.19.7-46.el6.ppc64", "6Client-optional:curl-debuginfo-0:7.19.7-46.el6.s390", "6Client-optional:curl-debuginfo-0:7.19.7-46.el6.s390x", "6Client-optional:curl-debuginfo-0:7.19.7-46.el6.x86_64", "6Client-optional:libcurl-0:7.19.7-46.el6.i686", "6Client-optional:libcurl-0:7.19.7-46.el6.ppc", "6Client-optional:libcurl-0:7.19.7-46.el6.ppc64", "6Client-optional:libcurl-0:7.19.7-46.el6.s390", "6Client-optional:libcurl-0:7.19.7-46.el6.s390x", "6Client-optional:libcurl-0:7.19.7-46.el6.x86_64", "6Client-optional:libcurl-devel-0:7.19.7-46.el6.i686", "6Client-optional:libcurl-devel-0:7.19.7-46.el6.ppc", "6Client-optional:libcurl-devel-0:7.19.7-46.el6.ppc64", "6Client-optional:libcurl-devel-0:7.19.7-46.el6.s390", "6Client-optional:libcurl-devel-0:7.19.7-46.el6.s390x", "6Client-optional:libcurl-devel-0:7.19.7-46.el6.x86_64", "6Client:curl-0:7.19.7-46.el6.i686", "6Client:curl-0:7.19.7-46.el6.ppc64", "6Client:curl-0:7.19.7-46.el6.s390x", "6Client:curl-0:7.19.7-46.el6.src", "6Client:curl-0:7.19.7-46.el6.x86_64", "6Client:curl-debuginfo-0:7.19.7-46.el6.i686", "6Client:curl-debuginfo-0:7.19.7-46.el6.ppc", "6Client:curl-debuginfo-0:7.19.7-46.el6.ppc64", "6Client:curl-debuginfo-0:7.19.7-46.el6.s390", "6Client:curl-debuginfo-0:7.19.7-46.el6.s390x", "6Client:curl-debuginfo-0:7.19.7-46.el6.x86_64", "6Client:libcurl-0:7.19.7-46.el6.i686", "6Client:libcurl-0:7.19.7-46.el6.ppc", "6Client:libcurl-0:7.19.7-46.el6.ppc64", "6Client:libcurl-0:7.19.7-46.el6.s390", "6Client:libcurl-0:7.19.7-46.el6.s390x", "6Client:libcurl-0:7.19.7-46.el6.x86_64", "6Client:libcurl-devel-0:7.19.7-46.el6.i686", "6Client:libcurl-devel-0:7.19.7-46.el6.ppc", "6Client:libcurl-devel-0:7.19.7-46.el6.ppc64", "6Client:libcurl-devel-0:7.19.7-46.el6.s390", "6Client:libcurl-devel-0:7.19.7-46.el6.s390x", "6Client:libcurl-devel-0:7.19.7-46.el6.x86_64", "6ComputeNode-optional:curl-0:7.19.7-46.el6.i686", "6ComputeNode-optional:curl-0:7.19.7-46.el6.ppc64", "6ComputeNode-optional:curl-0:7.19.7-46.el6.s390x", "6ComputeNode-optional:curl-0:7.19.7-46.el6.src", "6ComputeNode-optional:curl-0:7.19.7-46.el6.x86_64", "6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.i686", "6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.ppc", "6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.ppc64", "6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.s390", "6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.s390x", "6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.x86_64", "6ComputeNode-optional:libcurl-0:7.19.7-46.el6.i686", "6ComputeNode-optional:libcurl-0:7.19.7-46.el6.ppc", "6ComputeNode-optional:libcurl-0:7.19.7-46.el6.ppc64", "6ComputeNode-optional:libcurl-0:7.19.7-46.el6.s390", "6ComputeNode-optional:libcurl-0:7.19.7-46.el6.s390x", "6ComputeNode-optional:libcurl-0:7.19.7-46.el6.x86_64", "6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.i686", "6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.ppc", "6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.ppc64", "6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.s390", "6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.s390x", "6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.x86_64", "6ComputeNode:curl-0:7.19.7-46.el6.i686", "6ComputeNode:curl-0:7.19.7-46.el6.ppc64", "6ComputeNode:curl-0:7.19.7-46.el6.s390x", "6ComputeNode:curl-0:7.19.7-46.el6.src", "6ComputeNode:curl-0:7.19.7-46.el6.x86_64", "6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.i686", "6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.ppc", "6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.ppc64", "6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.s390", "6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.s390x", "6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.x86_64", "6ComputeNode:libcurl-0:7.19.7-46.el6.i686", "6ComputeNode:libcurl-0:7.19.7-46.el6.ppc", "6ComputeNode:libcurl-0:7.19.7-46.el6.ppc64", "6ComputeNode:libcurl-0:7.19.7-46.el6.s390", "6ComputeNode:libcurl-0:7.19.7-46.el6.s390x", "6ComputeNode:libcurl-0:7.19.7-46.el6.x86_64", "6ComputeNode:libcurl-devel-0:7.19.7-46.el6.i686", "6ComputeNode:libcurl-devel-0:7.19.7-46.el6.ppc", "6ComputeNode:libcurl-devel-0:7.19.7-46.el6.ppc64", "6ComputeNode:libcurl-devel-0:7.19.7-46.el6.s390", "6ComputeNode:libcurl-devel-0:7.19.7-46.el6.s390x", "6ComputeNode:libcurl-devel-0:7.19.7-46.el6.x86_64", "6Server:curl-0:7.19.7-46.el6.i686", "6Server:curl-0:7.19.7-46.el6.ppc64", "6Server:curl-0:7.19.7-46.el6.s390x", "6Server:curl-0:7.19.7-46.el6.src", "6Server:curl-0:7.19.7-46.el6.x86_64", "6Server:curl-debuginfo-0:7.19.7-46.el6.i686", "6Server:curl-debuginfo-0:7.19.7-46.el6.ppc", "6Server:curl-debuginfo-0:7.19.7-46.el6.ppc64", "6Server:curl-debuginfo-0:7.19.7-46.el6.s390", "6Server:curl-debuginfo-0:7.19.7-46.el6.s390x", "6Server:curl-debuginfo-0:7.19.7-46.el6.x86_64", "6Server:libcurl-0:7.19.7-46.el6.i686", "6Server:libcurl-0:7.19.7-46.el6.ppc", "6Server:libcurl-0:7.19.7-46.el6.ppc64", "6Server:libcurl-0:7.19.7-46.el6.s390", "6Server:libcurl-0:7.19.7-46.el6.s390x", "6Server:libcurl-0:7.19.7-46.el6.x86_64", "6Server:libcurl-devel-0:7.19.7-46.el6.i686", "6Server:libcurl-devel-0:7.19.7-46.el6.ppc", "6Server:libcurl-devel-0:7.19.7-46.el6.ppc64", "6Server:libcurl-devel-0:7.19.7-46.el6.s390", "6Server:libcurl-devel-0:7.19.7-46.el6.s390x", "6Server:libcurl-devel-0:7.19.7-46.el6.x86_64", "6Workstation:curl-0:7.19.7-46.el6.i686", "6Workstation:curl-0:7.19.7-46.el6.ppc64", "6Workstation:curl-0:7.19.7-46.el6.s390x", "6Workstation:curl-0:7.19.7-46.el6.src", "6Workstation:curl-0:7.19.7-46.el6.x86_64", "6Workstation:curl-debuginfo-0:7.19.7-46.el6.i686", "6Workstation:curl-debuginfo-0:7.19.7-46.el6.ppc", "6Workstation:curl-debuginfo-0:7.19.7-46.el6.ppc64", "6Workstation:curl-debuginfo-0:7.19.7-46.el6.s390", "6Workstation:curl-debuginfo-0:7.19.7-46.el6.s390x", "6Workstation:curl-debuginfo-0:7.19.7-46.el6.x86_64", "6Workstation:libcurl-0:7.19.7-46.el6.i686", "6Workstation:libcurl-0:7.19.7-46.el6.ppc", "6Workstation:libcurl-0:7.19.7-46.el6.ppc64", "6Workstation:libcurl-0:7.19.7-46.el6.s390", "6Workstation:libcurl-0:7.19.7-46.el6.s390x", "6Workstation:libcurl-0:7.19.7-46.el6.x86_64", "6Workstation:libcurl-devel-0:7.19.7-46.el6.i686", "6Workstation:libcurl-devel-0:7.19.7-46.el6.ppc", "6Workstation:libcurl-devel-0:7.19.7-46.el6.ppc64", "6Workstation:libcurl-devel-0:7.19.7-46.el6.s390", "6Workstation:libcurl-devel-0:7.19.7-46.el6.s390x", "6Workstation:libcurl-devel-0:7.19.7-46.el6.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "curl: URL request injection vulnerability in parseurlandfillconn()" }, { "acknowledgments": [ { "names": [ "Daniel Stenberg" ], "organization": "curl upstream" }, { "names": [ "Paras Sethia" ], "summary": "Acknowledged by upstream." } ], "cve": "CVE-2015-3143", "cwe": { "id": "CWE-287", "name": "Improper Authentication" }, "discovery_date": "2015-04-16T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1213306" } ], "notes": [ { "category": "description", "text": "It was discovered that libcurl could incorrectly reuse NTLM-authenticated connections for subsequent unauthenticated requests to the same host. If an application using libcurl established an NTLM-authenticated connection to a server, and sent subsequent unauthenticated requests to the same server, the unauthenticated requests could be sent over the NTLM-authenticated connection, appearing as if they were sent by the NTLM authenticated user.", "title": "Vulnerability description" }, { "category": "summary", "text": "curl: re-using authenticated connection when unauthenticated", "title": "Vulnerability summary" }, { "category": "other", "text": "This issue affects the version of curl package as shipped with Red Hat Enterprise Linux 5. Red Hat Enterprise Linux 5 is now in Production 3 Phase of the support and maintenance life cycle. This issue is not planned to be addressed in a future update for Red Hat Enterprise Linux 5.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-optional:curl-0:7.19.7-46.el6.i686", "6Client-optional:curl-0:7.19.7-46.el6.ppc64", "6Client-optional:curl-0:7.19.7-46.el6.s390x", "6Client-optional:curl-0:7.19.7-46.el6.src", "6Client-optional:curl-0:7.19.7-46.el6.x86_64", "6Client-optional:curl-debuginfo-0:7.19.7-46.el6.i686", "6Client-optional:curl-debuginfo-0:7.19.7-46.el6.ppc", "6Client-optional:curl-debuginfo-0:7.19.7-46.el6.ppc64", "6Client-optional:curl-debuginfo-0:7.19.7-46.el6.s390", "6Client-optional:curl-debuginfo-0:7.19.7-46.el6.s390x", "6Client-optional:curl-debuginfo-0:7.19.7-46.el6.x86_64", "6Client-optional:libcurl-0:7.19.7-46.el6.i686", "6Client-optional:libcurl-0:7.19.7-46.el6.ppc", "6Client-optional:libcurl-0:7.19.7-46.el6.ppc64", "6Client-optional:libcurl-0:7.19.7-46.el6.s390", "6Client-optional:libcurl-0:7.19.7-46.el6.s390x", "6Client-optional:libcurl-0:7.19.7-46.el6.x86_64", "6Client-optional:libcurl-devel-0:7.19.7-46.el6.i686", "6Client-optional:libcurl-devel-0:7.19.7-46.el6.ppc", "6Client-optional:libcurl-devel-0:7.19.7-46.el6.ppc64", "6Client-optional:libcurl-devel-0:7.19.7-46.el6.s390", "6Client-optional:libcurl-devel-0:7.19.7-46.el6.s390x", "6Client-optional:libcurl-devel-0:7.19.7-46.el6.x86_64", "6Client:curl-0:7.19.7-46.el6.i686", "6Client:curl-0:7.19.7-46.el6.ppc64", "6Client:curl-0:7.19.7-46.el6.s390x", "6Client:curl-0:7.19.7-46.el6.src", "6Client:curl-0:7.19.7-46.el6.x86_64", "6Client:curl-debuginfo-0:7.19.7-46.el6.i686", "6Client:curl-debuginfo-0:7.19.7-46.el6.ppc", "6Client:curl-debuginfo-0:7.19.7-46.el6.ppc64", "6Client:curl-debuginfo-0:7.19.7-46.el6.s390", "6Client:curl-debuginfo-0:7.19.7-46.el6.s390x", "6Client:curl-debuginfo-0:7.19.7-46.el6.x86_64", "6Client:libcurl-0:7.19.7-46.el6.i686", "6Client:libcurl-0:7.19.7-46.el6.ppc", "6Client:libcurl-0:7.19.7-46.el6.ppc64", "6Client:libcurl-0:7.19.7-46.el6.s390", "6Client:libcurl-0:7.19.7-46.el6.s390x", "6Client:libcurl-0:7.19.7-46.el6.x86_64", "6Client:libcurl-devel-0:7.19.7-46.el6.i686", "6Client:libcurl-devel-0:7.19.7-46.el6.ppc", "6Client:libcurl-devel-0:7.19.7-46.el6.ppc64", "6Client:libcurl-devel-0:7.19.7-46.el6.s390", "6Client:libcurl-devel-0:7.19.7-46.el6.s390x", "6Client:libcurl-devel-0:7.19.7-46.el6.x86_64", "6ComputeNode-optional:curl-0:7.19.7-46.el6.i686", "6ComputeNode-optional:curl-0:7.19.7-46.el6.ppc64", "6ComputeNode-optional:curl-0:7.19.7-46.el6.s390x", "6ComputeNode-optional:curl-0:7.19.7-46.el6.src", "6ComputeNode-optional:curl-0:7.19.7-46.el6.x86_64", "6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.i686", "6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.ppc", "6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.ppc64", "6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.s390", "6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.s390x", "6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.x86_64", "6ComputeNode-optional:libcurl-0:7.19.7-46.el6.i686", "6ComputeNode-optional:libcurl-0:7.19.7-46.el6.ppc", "6ComputeNode-optional:libcurl-0:7.19.7-46.el6.ppc64", "6ComputeNode-optional:libcurl-0:7.19.7-46.el6.s390", "6ComputeNode-optional:libcurl-0:7.19.7-46.el6.s390x", "6ComputeNode-optional:libcurl-0:7.19.7-46.el6.x86_64", "6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.i686", "6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.ppc", "6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.ppc64", "6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.s390", "6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.s390x", "6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.x86_64", "6ComputeNode:curl-0:7.19.7-46.el6.i686", "6ComputeNode:curl-0:7.19.7-46.el6.ppc64", "6ComputeNode:curl-0:7.19.7-46.el6.s390x", "6ComputeNode:curl-0:7.19.7-46.el6.src", "6ComputeNode:curl-0:7.19.7-46.el6.x86_64", "6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.i686", "6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.ppc", "6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.ppc64", "6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.s390", "6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.s390x", "6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.x86_64", "6ComputeNode:libcurl-0:7.19.7-46.el6.i686", "6ComputeNode:libcurl-0:7.19.7-46.el6.ppc", "6ComputeNode:libcurl-0:7.19.7-46.el6.ppc64", "6ComputeNode:libcurl-0:7.19.7-46.el6.s390", "6ComputeNode:libcurl-0:7.19.7-46.el6.s390x", "6ComputeNode:libcurl-0:7.19.7-46.el6.x86_64", "6ComputeNode:libcurl-devel-0:7.19.7-46.el6.i686", "6ComputeNode:libcurl-devel-0:7.19.7-46.el6.ppc", "6ComputeNode:libcurl-devel-0:7.19.7-46.el6.ppc64", "6ComputeNode:libcurl-devel-0:7.19.7-46.el6.s390", "6ComputeNode:libcurl-devel-0:7.19.7-46.el6.s390x", "6ComputeNode:libcurl-devel-0:7.19.7-46.el6.x86_64", "6Server:curl-0:7.19.7-46.el6.i686", "6Server:curl-0:7.19.7-46.el6.ppc64", "6Server:curl-0:7.19.7-46.el6.s390x", "6Server:curl-0:7.19.7-46.el6.src", "6Server:curl-0:7.19.7-46.el6.x86_64", "6Server:curl-debuginfo-0:7.19.7-46.el6.i686", "6Server:curl-debuginfo-0:7.19.7-46.el6.ppc", "6Server:curl-debuginfo-0:7.19.7-46.el6.ppc64", "6Server:curl-debuginfo-0:7.19.7-46.el6.s390", "6Server:curl-debuginfo-0:7.19.7-46.el6.s390x", "6Server:curl-debuginfo-0:7.19.7-46.el6.x86_64", "6Server:libcurl-0:7.19.7-46.el6.i686", "6Server:libcurl-0:7.19.7-46.el6.ppc", "6Server:libcurl-0:7.19.7-46.el6.ppc64", "6Server:libcurl-0:7.19.7-46.el6.s390", "6Server:libcurl-0:7.19.7-46.el6.s390x", "6Server:libcurl-0:7.19.7-46.el6.x86_64", "6Server:libcurl-devel-0:7.19.7-46.el6.i686", "6Server:libcurl-devel-0:7.19.7-46.el6.ppc", "6Server:libcurl-devel-0:7.19.7-46.el6.ppc64", "6Server:libcurl-devel-0:7.19.7-46.el6.s390", "6Server:libcurl-devel-0:7.19.7-46.el6.s390x", "6Server:libcurl-devel-0:7.19.7-46.el6.x86_64", "6Workstation:curl-0:7.19.7-46.el6.i686", "6Workstation:curl-0:7.19.7-46.el6.ppc64", "6Workstation:curl-0:7.19.7-46.el6.s390x", "6Workstation:curl-0:7.19.7-46.el6.src", "6Workstation:curl-0:7.19.7-46.el6.x86_64", "6Workstation:curl-debuginfo-0:7.19.7-46.el6.i686", "6Workstation:curl-debuginfo-0:7.19.7-46.el6.ppc", "6Workstation:curl-debuginfo-0:7.19.7-46.el6.ppc64", "6Workstation:curl-debuginfo-0:7.19.7-46.el6.s390", "6Workstation:curl-debuginfo-0:7.19.7-46.el6.s390x", "6Workstation:curl-debuginfo-0:7.19.7-46.el6.x86_64", "6Workstation:libcurl-0:7.19.7-46.el6.i686", "6Workstation:libcurl-0:7.19.7-46.el6.ppc", "6Workstation:libcurl-0:7.19.7-46.el6.ppc64", "6Workstation:libcurl-0:7.19.7-46.el6.s390", "6Workstation:libcurl-0:7.19.7-46.el6.s390x", "6Workstation:libcurl-0:7.19.7-46.el6.x86_64", "6Workstation:libcurl-devel-0:7.19.7-46.el6.i686", "6Workstation:libcurl-devel-0:7.19.7-46.el6.ppc", "6Workstation:libcurl-devel-0:7.19.7-46.el6.ppc64", "6Workstation:libcurl-devel-0:7.19.7-46.el6.s390", "6Workstation:libcurl-devel-0:7.19.7-46.el6.s390x", "6Workstation:libcurl-devel-0:7.19.7-46.el6.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2015-3143" }, { "category": "external", "summary": "RHBZ#1213306", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1213306" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2015-3143", "url": "https://www.cve.org/CVERecord?id=CVE-2015-3143" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-3143", "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-3143" }, { "category": "external", "summary": "http://curl.haxx.se/docs/adv_20150422A.html", "url": "http://curl.haxx.se/docs/adv_20150422A.html" } ], "release_date": "2015-04-22T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2015-07-20T13:50:03+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "6Client-optional:curl-0:7.19.7-46.el6.i686", "6Client-optional:curl-0:7.19.7-46.el6.ppc64", "6Client-optional:curl-0:7.19.7-46.el6.s390x", "6Client-optional:curl-0:7.19.7-46.el6.src", "6Client-optional:curl-0:7.19.7-46.el6.x86_64", "6Client-optional:curl-debuginfo-0:7.19.7-46.el6.i686", "6Client-optional:curl-debuginfo-0:7.19.7-46.el6.ppc", "6Client-optional:curl-debuginfo-0:7.19.7-46.el6.ppc64", "6Client-optional:curl-debuginfo-0:7.19.7-46.el6.s390", "6Client-optional:curl-debuginfo-0:7.19.7-46.el6.s390x", "6Client-optional:curl-debuginfo-0:7.19.7-46.el6.x86_64", "6Client-optional:libcurl-0:7.19.7-46.el6.i686", "6Client-optional:libcurl-0:7.19.7-46.el6.ppc", "6Client-optional:libcurl-0:7.19.7-46.el6.ppc64", "6Client-optional:libcurl-0:7.19.7-46.el6.s390", "6Client-optional:libcurl-0:7.19.7-46.el6.s390x", "6Client-optional:libcurl-0:7.19.7-46.el6.x86_64", "6Client-optional:libcurl-devel-0:7.19.7-46.el6.i686", "6Client-optional:libcurl-devel-0:7.19.7-46.el6.ppc", "6Client-optional:libcurl-devel-0:7.19.7-46.el6.ppc64", "6Client-optional:libcurl-devel-0:7.19.7-46.el6.s390", "6Client-optional:libcurl-devel-0:7.19.7-46.el6.s390x", "6Client-optional:libcurl-devel-0:7.19.7-46.el6.x86_64", "6Client:curl-0:7.19.7-46.el6.i686", "6Client:curl-0:7.19.7-46.el6.ppc64", "6Client:curl-0:7.19.7-46.el6.s390x", "6Client:curl-0:7.19.7-46.el6.src", "6Client:curl-0:7.19.7-46.el6.x86_64", "6Client:curl-debuginfo-0:7.19.7-46.el6.i686", "6Client:curl-debuginfo-0:7.19.7-46.el6.ppc", "6Client:curl-debuginfo-0:7.19.7-46.el6.ppc64", "6Client:curl-debuginfo-0:7.19.7-46.el6.s390", "6Client:curl-debuginfo-0:7.19.7-46.el6.s390x", "6Client:curl-debuginfo-0:7.19.7-46.el6.x86_64", "6Client:libcurl-0:7.19.7-46.el6.i686", "6Client:libcurl-0:7.19.7-46.el6.ppc", "6Client:libcurl-0:7.19.7-46.el6.ppc64", "6Client:libcurl-0:7.19.7-46.el6.s390", "6Client:libcurl-0:7.19.7-46.el6.s390x", "6Client:libcurl-0:7.19.7-46.el6.x86_64", "6Client:libcurl-devel-0:7.19.7-46.el6.i686", "6Client:libcurl-devel-0:7.19.7-46.el6.ppc", "6Client:libcurl-devel-0:7.19.7-46.el6.ppc64", "6Client:libcurl-devel-0:7.19.7-46.el6.s390", "6Client:libcurl-devel-0:7.19.7-46.el6.s390x", "6Client:libcurl-devel-0:7.19.7-46.el6.x86_64", "6ComputeNode-optional:curl-0:7.19.7-46.el6.i686", "6ComputeNode-optional:curl-0:7.19.7-46.el6.ppc64", "6ComputeNode-optional:curl-0:7.19.7-46.el6.s390x", "6ComputeNode-optional:curl-0:7.19.7-46.el6.src", "6ComputeNode-optional:curl-0:7.19.7-46.el6.x86_64", "6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.i686", "6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.ppc", "6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.ppc64", "6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.s390", "6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.s390x", "6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.x86_64", "6ComputeNode-optional:libcurl-0:7.19.7-46.el6.i686", "6ComputeNode-optional:libcurl-0:7.19.7-46.el6.ppc", "6ComputeNode-optional:libcurl-0:7.19.7-46.el6.ppc64", "6ComputeNode-optional:libcurl-0:7.19.7-46.el6.s390", "6ComputeNode-optional:libcurl-0:7.19.7-46.el6.s390x", "6ComputeNode-optional:libcurl-0:7.19.7-46.el6.x86_64", "6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.i686", "6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.ppc", "6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.ppc64", "6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.s390", "6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.s390x", "6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.x86_64", "6ComputeNode:curl-0:7.19.7-46.el6.i686", "6ComputeNode:curl-0:7.19.7-46.el6.ppc64", "6ComputeNode:curl-0:7.19.7-46.el6.s390x", "6ComputeNode:curl-0:7.19.7-46.el6.src", "6ComputeNode:curl-0:7.19.7-46.el6.x86_64", "6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.i686", "6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.ppc", "6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.ppc64", "6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.s390", "6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.s390x", "6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.x86_64", "6ComputeNode:libcurl-0:7.19.7-46.el6.i686", "6ComputeNode:libcurl-0:7.19.7-46.el6.ppc", "6ComputeNode:libcurl-0:7.19.7-46.el6.ppc64", "6ComputeNode:libcurl-0:7.19.7-46.el6.s390", "6ComputeNode:libcurl-0:7.19.7-46.el6.s390x", "6ComputeNode:libcurl-0:7.19.7-46.el6.x86_64", "6ComputeNode:libcurl-devel-0:7.19.7-46.el6.i686", "6ComputeNode:libcurl-devel-0:7.19.7-46.el6.ppc", "6ComputeNode:libcurl-devel-0:7.19.7-46.el6.ppc64", "6ComputeNode:libcurl-devel-0:7.19.7-46.el6.s390", "6ComputeNode:libcurl-devel-0:7.19.7-46.el6.s390x", "6ComputeNode:libcurl-devel-0:7.19.7-46.el6.x86_64", "6Server:curl-0:7.19.7-46.el6.i686", "6Server:curl-0:7.19.7-46.el6.ppc64", "6Server:curl-0:7.19.7-46.el6.s390x", "6Server:curl-0:7.19.7-46.el6.src", "6Server:curl-0:7.19.7-46.el6.x86_64", "6Server:curl-debuginfo-0:7.19.7-46.el6.i686", "6Server:curl-debuginfo-0:7.19.7-46.el6.ppc", "6Server:curl-debuginfo-0:7.19.7-46.el6.ppc64", "6Server:curl-debuginfo-0:7.19.7-46.el6.s390", "6Server:curl-debuginfo-0:7.19.7-46.el6.s390x", "6Server:curl-debuginfo-0:7.19.7-46.el6.x86_64", "6Server:libcurl-0:7.19.7-46.el6.i686", "6Server:libcurl-0:7.19.7-46.el6.ppc", "6Server:libcurl-0:7.19.7-46.el6.ppc64", "6Server:libcurl-0:7.19.7-46.el6.s390", "6Server:libcurl-0:7.19.7-46.el6.s390x", "6Server:libcurl-0:7.19.7-46.el6.x86_64", "6Server:libcurl-devel-0:7.19.7-46.el6.i686", "6Server:libcurl-devel-0:7.19.7-46.el6.ppc", "6Server:libcurl-devel-0:7.19.7-46.el6.ppc64", "6Server:libcurl-devel-0:7.19.7-46.el6.s390", "6Server:libcurl-devel-0:7.19.7-46.el6.s390x", "6Server:libcurl-devel-0:7.19.7-46.el6.x86_64", "6Workstation:curl-0:7.19.7-46.el6.i686", "6Workstation:curl-0:7.19.7-46.el6.ppc64", "6Workstation:curl-0:7.19.7-46.el6.s390x", "6Workstation:curl-0:7.19.7-46.el6.src", "6Workstation:curl-0:7.19.7-46.el6.x86_64", "6Workstation:curl-debuginfo-0:7.19.7-46.el6.i686", "6Workstation:curl-debuginfo-0:7.19.7-46.el6.ppc", "6Workstation:curl-debuginfo-0:7.19.7-46.el6.ppc64", "6Workstation:curl-debuginfo-0:7.19.7-46.el6.s390", "6Workstation:curl-debuginfo-0:7.19.7-46.el6.s390x", "6Workstation:curl-debuginfo-0:7.19.7-46.el6.x86_64", "6Workstation:libcurl-0:7.19.7-46.el6.i686", "6Workstation:libcurl-0:7.19.7-46.el6.ppc", "6Workstation:libcurl-0:7.19.7-46.el6.ppc64", "6Workstation:libcurl-0:7.19.7-46.el6.s390", "6Workstation:libcurl-0:7.19.7-46.el6.s390x", "6Workstation:libcurl-0:7.19.7-46.el6.x86_64", "6Workstation:libcurl-devel-0:7.19.7-46.el6.i686", "6Workstation:libcurl-devel-0:7.19.7-46.el6.ppc", "6Workstation:libcurl-devel-0:7.19.7-46.el6.ppc64", "6Workstation:libcurl-devel-0:7.19.7-46.el6.s390", "6Workstation:libcurl-devel-0:7.19.7-46.el6.s390x", "6Workstation:libcurl-devel-0:7.19.7-46.el6.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2015:1254" } ], "scores": [ { "cvss_v2": { "accessComplexity": "HIGH", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:N", "version": "2.0" }, "products": [ "6Client-optional:curl-0:7.19.7-46.el6.i686", "6Client-optional:curl-0:7.19.7-46.el6.ppc64", "6Client-optional:curl-0:7.19.7-46.el6.s390x", "6Client-optional:curl-0:7.19.7-46.el6.src", "6Client-optional:curl-0:7.19.7-46.el6.x86_64", "6Client-optional:curl-debuginfo-0:7.19.7-46.el6.i686", "6Client-optional:curl-debuginfo-0:7.19.7-46.el6.ppc", "6Client-optional:curl-debuginfo-0:7.19.7-46.el6.ppc64", "6Client-optional:curl-debuginfo-0:7.19.7-46.el6.s390", "6Client-optional:curl-debuginfo-0:7.19.7-46.el6.s390x", "6Client-optional:curl-debuginfo-0:7.19.7-46.el6.x86_64", "6Client-optional:libcurl-0:7.19.7-46.el6.i686", "6Client-optional:libcurl-0:7.19.7-46.el6.ppc", "6Client-optional:libcurl-0:7.19.7-46.el6.ppc64", "6Client-optional:libcurl-0:7.19.7-46.el6.s390", "6Client-optional:libcurl-0:7.19.7-46.el6.s390x", "6Client-optional:libcurl-0:7.19.7-46.el6.x86_64", "6Client-optional:libcurl-devel-0:7.19.7-46.el6.i686", "6Client-optional:libcurl-devel-0:7.19.7-46.el6.ppc", "6Client-optional:libcurl-devel-0:7.19.7-46.el6.ppc64", "6Client-optional:libcurl-devel-0:7.19.7-46.el6.s390", "6Client-optional:libcurl-devel-0:7.19.7-46.el6.s390x", "6Client-optional:libcurl-devel-0:7.19.7-46.el6.x86_64", "6Client:curl-0:7.19.7-46.el6.i686", "6Client:curl-0:7.19.7-46.el6.ppc64", "6Client:curl-0:7.19.7-46.el6.s390x", "6Client:curl-0:7.19.7-46.el6.src", "6Client:curl-0:7.19.7-46.el6.x86_64", "6Client:curl-debuginfo-0:7.19.7-46.el6.i686", "6Client:curl-debuginfo-0:7.19.7-46.el6.ppc", "6Client:curl-debuginfo-0:7.19.7-46.el6.ppc64", "6Client:curl-debuginfo-0:7.19.7-46.el6.s390", "6Client:curl-debuginfo-0:7.19.7-46.el6.s390x", "6Client:curl-debuginfo-0:7.19.7-46.el6.x86_64", "6Client:libcurl-0:7.19.7-46.el6.i686", "6Client:libcurl-0:7.19.7-46.el6.ppc", "6Client:libcurl-0:7.19.7-46.el6.ppc64", "6Client:libcurl-0:7.19.7-46.el6.s390", "6Client:libcurl-0:7.19.7-46.el6.s390x", "6Client:libcurl-0:7.19.7-46.el6.x86_64", "6Client:libcurl-devel-0:7.19.7-46.el6.i686", "6Client:libcurl-devel-0:7.19.7-46.el6.ppc", "6Client:libcurl-devel-0:7.19.7-46.el6.ppc64", "6Client:libcurl-devel-0:7.19.7-46.el6.s390", "6Client:libcurl-devel-0:7.19.7-46.el6.s390x", "6Client:libcurl-devel-0:7.19.7-46.el6.x86_64", "6ComputeNode-optional:curl-0:7.19.7-46.el6.i686", "6ComputeNode-optional:curl-0:7.19.7-46.el6.ppc64", "6ComputeNode-optional:curl-0:7.19.7-46.el6.s390x", "6ComputeNode-optional:curl-0:7.19.7-46.el6.src", "6ComputeNode-optional:curl-0:7.19.7-46.el6.x86_64", "6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.i686", "6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.ppc", "6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.ppc64", "6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.s390", "6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.s390x", "6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.x86_64", "6ComputeNode-optional:libcurl-0:7.19.7-46.el6.i686", "6ComputeNode-optional:libcurl-0:7.19.7-46.el6.ppc", "6ComputeNode-optional:libcurl-0:7.19.7-46.el6.ppc64", "6ComputeNode-optional:libcurl-0:7.19.7-46.el6.s390", "6ComputeNode-optional:libcurl-0:7.19.7-46.el6.s390x", "6ComputeNode-optional:libcurl-0:7.19.7-46.el6.x86_64", "6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.i686", "6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.ppc", "6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.ppc64", "6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.s390", "6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.s390x", "6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.x86_64", "6ComputeNode:curl-0:7.19.7-46.el6.i686", "6ComputeNode:curl-0:7.19.7-46.el6.ppc64", "6ComputeNode:curl-0:7.19.7-46.el6.s390x", "6ComputeNode:curl-0:7.19.7-46.el6.src", "6ComputeNode:curl-0:7.19.7-46.el6.x86_64", "6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.i686", "6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.ppc", "6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.ppc64", "6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.s390", "6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.s390x", "6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.x86_64", "6ComputeNode:libcurl-0:7.19.7-46.el6.i686", "6ComputeNode:libcurl-0:7.19.7-46.el6.ppc", "6ComputeNode:libcurl-0:7.19.7-46.el6.ppc64", "6ComputeNode:libcurl-0:7.19.7-46.el6.s390", "6ComputeNode:libcurl-0:7.19.7-46.el6.s390x", "6ComputeNode:libcurl-0:7.19.7-46.el6.x86_64", "6ComputeNode:libcurl-devel-0:7.19.7-46.el6.i686", "6ComputeNode:libcurl-devel-0:7.19.7-46.el6.ppc", "6ComputeNode:libcurl-devel-0:7.19.7-46.el6.ppc64", "6ComputeNode:libcurl-devel-0:7.19.7-46.el6.s390", "6ComputeNode:libcurl-devel-0:7.19.7-46.el6.s390x", "6ComputeNode:libcurl-devel-0:7.19.7-46.el6.x86_64", "6Server:curl-0:7.19.7-46.el6.i686", "6Server:curl-0:7.19.7-46.el6.ppc64", "6Server:curl-0:7.19.7-46.el6.s390x", "6Server:curl-0:7.19.7-46.el6.src", "6Server:curl-0:7.19.7-46.el6.x86_64", "6Server:curl-debuginfo-0:7.19.7-46.el6.i686", "6Server:curl-debuginfo-0:7.19.7-46.el6.ppc", "6Server:curl-debuginfo-0:7.19.7-46.el6.ppc64", "6Server:curl-debuginfo-0:7.19.7-46.el6.s390", "6Server:curl-debuginfo-0:7.19.7-46.el6.s390x", "6Server:curl-debuginfo-0:7.19.7-46.el6.x86_64", "6Server:libcurl-0:7.19.7-46.el6.i686", "6Server:libcurl-0:7.19.7-46.el6.ppc", "6Server:libcurl-0:7.19.7-46.el6.ppc64", "6Server:libcurl-0:7.19.7-46.el6.s390", "6Server:libcurl-0:7.19.7-46.el6.s390x", "6Server:libcurl-0:7.19.7-46.el6.x86_64", "6Server:libcurl-devel-0:7.19.7-46.el6.i686", "6Server:libcurl-devel-0:7.19.7-46.el6.ppc", "6Server:libcurl-devel-0:7.19.7-46.el6.ppc64", "6Server:libcurl-devel-0:7.19.7-46.el6.s390", "6Server:libcurl-devel-0:7.19.7-46.el6.s390x", "6Server:libcurl-devel-0:7.19.7-46.el6.x86_64", "6Workstation:curl-0:7.19.7-46.el6.i686", "6Workstation:curl-0:7.19.7-46.el6.ppc64", "6Workstation:curl-0:7.19.7-46.el6.s390x", "6Workstation:curl-0:7.19.7-46.el6.src", "6Workstation:curl-0:7.19.7-46.el6.x86_64", "6Workstation:curl-debuginfo-0:7.19.7-46.el6.i686", "6Workstation:curl-debuginfo-0:7.19.7-46.el6.ppc", "6Workstation:curl-debuginfo-0:7.19.7-46.el6.ppc64", "6Workstation:curl-debuginfo-0:7.19.7-46.el6.s390", "6Workstation:curl-debuginfo-0:7.19.7-46.el6.s390x", "6Workstation:curl-debuginfo-0:7.19.7-46.el6.x86_64", "6Workstation:libcurl-0:7.19.7-46.el6.i686", "6Workstation:libcurl-0:7.19.7-46.el6.ppc", "6Workstation:libcurl-0:7.19.7-46.el6.ppc64", "6Workstation:libcurl-0:7.19.7-46.el6.s390", "6Workstation:libcurl-0:7.19.7-46.el6.s390x", "6Workstation:libcurl-0:7.19.7-46.el6.x86_64", "6Workstation:libcurl-devel-0:7.19.7-46.el6.i686", "6Workstation:libcurl-devel-0:7.19.7-46.el6.ppc", "6Workstation:libcurl-devel-0:7.19.7-46.el6.ppc64", "6Workstation:libcurl-devel-0:7.19.7-46.el6.s390", "6Workstation:libcurl-devel-0:7.19.7-46.el6.s390x", "6Workstation:libcurl-devel-0:7.19.7-46.el6.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "curl: re-using authenticated connection when unauthenticated" }, { "acknowledgments": [ { "names": [ "Daniel Stenberg" ], "organization": "curl upstream" }, { "names": [ "Isaac Boukris" ], "summary": "Acknowledged by upstream." } ], "cve": "CVE-2015-3148", "cwe": { "id": "CWE-287", "name": "Improper Authentication" }, "discovery_date": "2015-04-16T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1213351" } ], "notes": [ { "category": "description", "text": "It was discovered that libcurl could incorrectly reuse Negotiate authenticated HTTP connections for subsequent requests. If an application using libcurl established a Negotiate authenticated HTTP connection to a server and sent subsequent requests with different credentials, the connection could be re-used with the initial set of credentials instead of using the new ones.", "title": "Vulnerability description" }, { "category": "summary", "text": "curl: Negotiate not treated as connection-oriented", "title": "Vulnerability summary" }, { "category": "other", "text": "This issue affects the version of curl package as shipped with Red Hat Enterprise Linux 5. Red Hat Enterprise Linux 5 is now in Production 3 Phase of the support and maintenance life cycle. This issue is not planned to be addressed in a future update for Red Hat Enterprise Linux 5.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-optional:curl-0:7.19.7-46.el6.i686", "6Client-optional:curl-0:7.19.7-46.el6.ppc64", "6Client-optional:curl-0:7.19.7-46.el6.s390x", "6Client-optional:curl-0:7.19.7-46.el6.src", "6Client-optional:curl-0:7.19.7-46.el6.x86_64", "6Client-optional:curl-debuginfo-0:7.19.7-46.el6.i686", "6Client-optional:curl-debuginfo-0:7.19.7-46.el6.ppc", "6Client-optional:curl-debuginfo-0:7.19.7-46.el6.ppc64", "6Client-optional:curl-debuginfo-0:7.19.7-46.el6.s390", "6Client-optional:curl-debuginfo-0:7.19.7-46.el6.s390x", "6Client-optional:curl-debuginfo-0:7.19.7-46.el6.x86_64", "6Client-optional:libcurl-0:7.19.7-46.el6.i686", "6Client-optional:libcurl-0:7.19.7-46.el6.ppc", "6Client-optional:libcurl-0:7.19.7-46.el6.ppc64", "6Client-optional:libcurl-0:7.19.7-46.el6.s390", "6Client-optional:libcurl-0:7.19.7-46.el6.s390x", "6Client-optional:libcurl-0:7.19.7-46.el6.x86_64", "6Client-optional:libcurl-devel-0:7.19.7-46.el6.i686", "6Client-optional:libcurl-devel-0:7.19.7-46.el6.ppc", "6Client-optional:libcurl-devel-0:7.19.7-46.el6.ppc64", "6Client-optional:libcurl-devel-0:7.19.7-46.el6.s390", "6Client-optional:libcurl-devel-0:7.19.7-46.el6.s390x", "6Client-optional:libcurl-devel-0:7.19.7-46.el6.x86_64", "6Client:curl-0:7.19.7-46.el6.i686", "6Client:curl-0:7.19.7-46.el6.ppc64", "6Client:curl-0:7.19.7-46.el6.s390x", "6Client:curl-0:7.19.7-46.el6.src", "6Client:curl-0:7.19.7-46.el6.x86_64", "6Client:curl-debuginfo-0:7.19.7-46.el6.i686", "6Client:curl-debuginfo-0:7.19.7-46.el6.ppc", "6Client:curl-debuginfo-0:7.19.7-46.el6.ppc64", "6Client:curl-debuginfo-0:7.19.7-46.el6.s390", "6Client:curl-debuginfo-0:7.19.7-46.el6.s390x", "6Client:curl-debuginfo-0:7.19.7-46.el6.x86_64", "6Client:libcurl-0:7.19.7-46.el6.i686", "6Client:libcurl-0:7.19.7-46.el6.ppc", "6Client:libcurl-0:7.19.7-46.el6.ppc64", "6Client:libcurl-0:7.19.7-46.el6.s390", "6Client:libcurl-0:7.19.7-46.el6.s390x", "6Client:libcurl-0:7.19.7-46.el6.x86_64", "6Client:libcurl-devel-0:7.19.7-46.el6.i686", "6Client:libcurl-devel-0:7.19.7-46.el6.ppc", "6Client:libcurl-devel-0:7.19.7-46.el6.ppc64", "6Client:libcurl-devel-0:7.19.7-46.el6.s390", "6Client:libcurl-devel-0:7.19.7-46.el6.s390x", "6Client:libcurl-devel-0:7.19.7-46.el6.x86_64", "6ComputeNode-optional:curl-0:7.19.7-46.el6.i686", "6ComputeNode-optional:curl-0:7.19.7-46.el6.ppc64", "6ComputeNode-optional:curl-0:7.19.7-46.el6.s390x", "6ComputeNode-optional:curl-0:7.19.7-46.el6.src", "6ComputeNode-optional:curl-0:7.19.7-46.el6.x86_64", "6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.i686", "6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.ppc", "6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.ppc64", "6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.s390", "6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.s390x", "6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.x86_64", "6ComputeNode-optional:libcurl-0:7.19.7-46.el6.i686", "6ComputeNode-optional:libcurl-0:7.19.7-46.el6.ppc", "6ComputeNode-optional:libcurl-0:7.19.7-46.el6.ppc64", "6ComputeNode-optional:libcurl-0:7.19.7-46.el6.s390", "6ComputeNode-optional:libcurl-0:7.19.7-46.el6.s390x", "6ComputeNode-optional:libcurl-0:7.19.7-46.el6.x86_64", "6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.i686", "6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.ppc", "6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.ppc64", "6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.s390", "6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.s390x", "6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.x86_64", "6ComputeNode:curl-0:7.19.7-46.el6.i686", "6ComputeNode:curl-0:7.19.7-46.el6.ppc64", "6ComputeNode:curl-0:7.19.7-46.el6.s390x", "6ComputeNode:curl-0:7.19.7-46.el6.src", "6ComputeNode:curl-0:7.19.7-46.el6.x86_64", "6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.i686", "6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.ppc", "6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.ppc64", "6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.s390", "6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.s390x", "6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.x86_64", "6ComputeNode:libcurl-0:7.19.7-46.el6.i686", "6ComputeNode:libcurl-0:7.19.7-46.el6.ppc", "6ComputeNode:libcurl-0:7.19.7-46.el6.ppc64", "6ComputeNode:libcurl-0:7.19.7-46.el6.s390", "6ComputeNode:libcurl-0:7.19.7-46.el6.s390x", "6ComputeNode:libcurl-0:7.19.7-46.el6.x86_64", "6ComputeNode:libcurl-devel-0:7.19.7-46.el6.i686", "6ComputeNode:libcurl-devel-0:7.19.7-46.el6.ppc", "6ComputeNode:libcurl-devel-0:7.19.7-46.el6.ppc64", "6ComputeNode:libcurl-devel-0:7.19.7-46.el6.s390", "6ComputeNode:libcurl-devel-0:7.19.7-46.el6.s390x", "6ComputeNode:libcurl-devel-0:7.19.7-46.el6.x86_64", "6Server:curl-0:7.19.7-46.el6.i686", "6Server:curl-0:7.19.7-46.el6.ppc64", "6Server:curl-0:7.19.7-46.el6.s390x", "6Server:curl-0:7.19.7-46.el6.src", "6Server:curl-0:7.19.7-46.el6.x86_64", "6Server:curl-debuginfo-0:7.19.7-46.el6.i686", "6Server:curl-debuginfo-0:7.19.7-46.el6.ppc", "6Server:curl-debuginfo-0:7.19.7-46.el6.ppc64", "6Server:curl-debuginfo-0:7.19.7-46.el6.s390", "6Server:curl-debuginfo-0:7.19.7-46.el6.s390x", "6Server:curl-debuginfo-0:7.19.7-46.el6.x86_64", "6Server:libcurl-0:7.19.7-46.el6.i686", "6Server:libcurl-0:7.19.7-46.el6.ppc", "6Server:libcurl-0:7.19.7-46.el6.ppc64", "6Server:libcurl-0:7.19.7-46.el6.s390", "6Server:libcurl-0:7.19.7-46.el6.s390x", "6Server:libcurl-0:7.19.7-46.el6.x86_64", "6Server:libcurl-devel-0:7.19.7-46.el6.i686", "6Server:libcurl-devel-0:7.19.7-46.el6.ppc", "6Server:libcurl-devel-0:7.19.7-46.el6.ppc64", "6Server:libcurl-devel-0:7.19.7-46.el6.s390", "6Server:libcurl-devel-0:7.19.7-46.el6.s390x", "6Server:libcurl-devel-0:7.19.7-46.el6.x86_64", "6Workstation:curl-0:7.19.7-46.el6.i686", "6Workstation:curl-0:7.19.7-46.el6.ppc64", "6Workstation:curl-0:7.19.7-46.el6.s390x", "6Workstation:curl-0:7.19.7-46.el6.src", "6Workstation:curl-0:7.19.7-46.el6.x86_64", "6Workstation:curl-debuginfo-0:7.19.7-46.el6.i686", "6Workstation:curl-debuginfo-0:7.19.7-46.el6.ppc", "6Workstation:curl-debuginfo-0:7.19.7-46.el6.ppc64", "6Workstation:curl-debuginfo-0:7.19.7-46.el6.s390", "6Workstation:curl-debuginfo-0:7.19.7-46.el6.s390x", "6Workstation:curl-debuginfo-0:7.19.7-46.el6.x86_64", "6Workstation:libcurl-0:7.19.7-46.el6.i686", "6Workstation:libcurl-0:7.19.7-46.el6.ppc", "6Workstation:libcurl-0:7.19.7-46.el6.ppc64", "6Workstation:libcurl-0:7.19.7-46.el6.s390", "6Workstation:libcurl-0:7.19.7-46.el6.s390x", "6Workstation:libcurl-0:7.19.7-46.el6.x86_64", "6Workstation:libcurl-devel-0:7.19.7-46.el6.i686", "6Workstation:libcurl-devel-0:7.19.7-46.el6.ppc", "6Workstation:libcurl-devel-0:7.19.7-46.el6.ppc64", "6Workstation:libcurl-devel-0:7.19.7-46.el6.s390", "6Workstation:libcurl-devel-0:7.19.7-46.el6.s390x", "6Workstation:libcurl-devel-0:7.19.7-46.el6.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2015-3148" }, { "category": "external", "summary": "RHBZ#1213351", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1213351" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2015-3148", "url": "https://www.cve.org/CVERecord?id=CVE-2015-3148" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-3148", "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-3148" }, { "category": "external", "summary": "http://curl.haxx.se/docs/adv_20150422B.html", "url": "http://curl.haxx.se/docs/adv_20150422B.html" } ], "release_date": "2015-04-22T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2015-07-20T13:50:03+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "6Client-optional:curl-0:7.19.7-46.el6.i686", "6Client-optional:curl-0:7.19.7-46.el6.ppc64", "6Client-optional:curl-0:7.19.7-46.el6.s390x", "6Client-optional:curl-0:7.19.7-46.el6.src", "6Client-optional:curl-0:7.19.7-46.el6.x86_64", "6Client-optional:curl-debuginfo-0:7.19.7-46.el6.i686", "6Client-optional:curl-debuginfo-0:7.19.7-46.el6.ppc", "6Client-optional:curl-debuginfo-0:7.19.7-46.el6.ppc64", "6Client-optional:curl-debuginfo-0:7.19.7-46.el6.s390", "6Client-optional:curl-debuginfo-0:7.19.7-46.el6.s390x", "6Client-optional:curl-debuginfo-0:7.19.7-46.el6.x86_64", "6Client-optional:libcurl-0:7.19.7-46.el6.i686", "6Client-optional:libcurl-0:7.19.7-46.el6.ppc", "6Client-optional:libcurl-0:7.19.7-46.el6.ppc64", "6Client-optional:libcurl-0:7.19.7-46.el6.s390", "6Client-optional:libcurl-0:7.19.7-46.el6.s390x", "6Client-optional:libcurl-0:7.19.7-46.el6.x86_64", "6Client-optional:libcurl-devel-0:7.19.7-46.el6.i686", "6Client-optional:libcurl-devel-0:7.19.7-46.el6.ppc", "6Client-optional:libcurl-devel-0:7.19.7-46.el6.ppc64", "6Client-optional:libcurl-devel-0:7.19.7-46.el6.s390", "6Client-optional:libcurl-devel-0:7.19.7-46.el6.s390x", "6Client-optional:libcurl-devel-0:7.19.7-46.el6.x86_64", "6Client:curl-0:7.19.7-46.el6.i686", "6Client:curl-0:7.19.7-46.el6.ppc64", "6Client:curl-0:7.19.7-46.el6.s390x", "6Client:curl-0:7.19.7-46.el6.src", "6Client:curl-0:7.19.7-46.el6.x86_64", "6Client:curl-debuginfo-0:7.19.7-46.el6.i686", "6Client:curl-debuginfo-0:7.19.7-46.el6.ppc", "6Client:curl-debuginfo-0:7.19.7-46.el6.ppc64", "6Client:curl-debuginfo-0:7.19.7-46.el6.s390", "6Client:curl-debuginfo-0:7.19.7-46.el6.s390x", "6Client:curl-debuginfo-0:7.19.7-46.el6.x86_64", "6Client:libcurl-0:7.19.7-46.el6.i686", "6Client:libcurl-0:7.19.7-46.el6.ppc", "6Client:libcurl-0:7.19.7-46.el6.ppc64", "6Client:libcurl-0:7.19.7-46.el6.s390", "6Client:libcurl-0:7.19.7-46.el6.s390x", "6Client:libcurl-0:7.19.7-46.el6.x86_64", "6Client:libcurl-devel-0:7.19.7-46.el6.i686", "6Client:libcurl-devel-0:7.19.7-46.el6.ppc", "6Client:libcurl-devel-0:7.19.7-46.el6.ppc64", "6Client:libcurl-devel-0:7.19.7-46.el6.s390", "6Client:libcurl-devel-0:7.19.7-46.el6.s390x", "6Client:libcurl-devel-0:7.19.7-46.el6.x86_64", "6ComputeNode-optional:curl-0:7.19.7-46.el6.i686", "6ComputeNode-optional:curl-0:7.19.7-46.el6.ppc64", "6ComputeNode-optional:curl-0:7.19.7-46.el6.s390x", "6ComputeNode-optional:curl-0:7.19.7-46.el6.src", "6ComputeNode-optional:curl-0:7.19.7-46.el6.x86_64", "6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.i686", "6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.ppc", "6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.ppc64", "6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.s390", "6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.s390x", "6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.x86_64", "6ComputeNode-optional:libcurl-0:7.19.7-46.el6.i686", "6ComputeNode-optional:libcurl-0:7.19.7-46.el6.ppc", "6ComputeNode-optional:libcurl-0:7.19.7-46.el6.ppc64", "6ComputeNode-optional:libcurl-0:7.19.7-46.el6.s390", "6ComputeNode-optional:libcurl-0:7.19.7-46.el6.s390x", "6ComputeNode-optional:libcurl-0:7.19.7-46.el6.x86_64", "6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.i686", "6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.ppc", "6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.ppc64", "6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.s390", "6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.s390x", "6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.x86_64", "6ComputeNode:curl-0:7.19.7-46.el6.i686", "6ComputeNode:curl-0:7.19.7-46.el6.ppc64", "6ComputeNode:curl-0:7.19.7-46.el6.s390x", "6ComputeNode:curl-0:7.19.7-46.el6.src", "6ComputeNode:curl-0:7.19.7-46.el6.x86_64", "6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.i686", "6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.ppc", "6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.ppc64", "6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.s390", "6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.s390x", "6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.x86_64", "6ComputeNode:libcurl-0:7.19.7-46.el6.i686", "6ComputeNode:libcurl-0:7.19.7-46.el6.ppc", "6ComputeNode:libcurl-0:7.19.7-46.el6.ppc64", "6ComputeNode:libcurl-0:7.19.7-46.el6.s390", "6ComputeNode:libcurl-0:7.19.7-46.el6.s390x", "6ComputeNode:libcurl-0:7.19.7-46.el6.x86_64", "6ComputeNode:libcurl-devel-0:7.19.7-46.el6.i686", "6ComputeNode:libcurl-devel-0:7.19.7-46.el6.ppc", "6ComputeNode:libcurl-devel-0:7.19.7-46.el6.ppc64", "6ComputeNode:libcurl-devel-0:7.19.7-46.el6.s390", "6ComputeNode:libcurl-devel-0:7.19.7-46.el6.s390x", "6ComputeNode:libcurl-devel-0:7.19.7-46.el6.x86_64", "6Server:curl-0:7.19.7-46.el6.i686", "6Server:curl-0:7.19.7-46.el6.ppc64", "6Server:curl-0:7.19.7-46.el6.s390x", "6Server:curl-0:7.19.7-46.el6.src", "6Server:curl-0:7.19.7-46.el6.x86_64", "6Server:curl-debuginfo-0:7.19.7-46.el6.i686", "6Server:curl-debuginfo-0:7.19.7-46.el6.ppc", "6Server:curl-debuginfo-0:7.19.7-46.el6.ppc64", "6Server:curl-debuginfo-0:7.19.7-46.el6.s390", "6Server:curl-debuginfo-0:7.19.7-46.el6.s390x", "6Server:curl-debuginfo-0:7.19.7-46.el6.x86_64", "6Server:libcurl-0:7.19.7-46.el6.i686", "6Server:libcurl-0:7.19.7-46.el6.ppc", "6Server:libcurl-0:7.19.7-46.el6.ppc64", "6Server:libcurl-0:7.19.7-46.el6.s390", "6Server:libcurl-0:7.19.7-46.el6.s390x", "6Server:libcurl-0:7.19.7-46.el6.x86_64", "6Server:libcurl-devel-0:7.19.7-46.el6.i686", "6Server:libcurl-devel-0:7.19.7-46.el6.ppc", "6Server:libcurl-devel-0:7.19.7-46.el6.ppc64", "6Server:libcurl-devel-0:7.19.7-46.el6.s390", "6Server:libcurl-devel-0:7.19.7-46.el6.s390x", "6Server:libcurl-devel-0:7.19.7-46.el6.x86_64", "6Workstation:curl-0:7.19.7-46.el6.i686", "6Workstation:curl-0:7.19.7-46.el6.ppc64", "6Workstation:curl-0:7.19.7-46.el6.s390x", "6Workstation:curl-0:7.19.7-46.el6.src", "6Workstation:curl-0:7.19.7-46.el6.x86_64", "6Workstation:curl-debuginfo-0:7.19.7-46.el6.i686", "6Workstation:curl-debuginfo-0:7.19.7-46.el6.ppc", "6Workstation:curl-debuginfo-0:7.19.7-46.el6.ppc64", "6Workstation:curl-debuginfo-0:7.19.7-46.el6.s390", "6Workstation:curl-debuginfo-0:7.19.7-46.el6.s390x", "6Workstation:curl-debuginfo-0:7.19.7-46.el6.x86_64", "6Workstation:libcurl-0:7.19.7-46.el6.i686", "6Workstation:libcurl-0:7.19.7-46.el6.ppc", "6Workstation:libcurl-0:7.19.7-46.el6.ppc64", "6Workstation:libcurl-0:7.19.7-46.el6.s390", "6Workstation:libcurl-0:7.19.7-46.el6.s390x", "6Workstation:libcurl-0:7.19.7-46.el6.x86_64", "6Workstation:libcurl-devel-0:7.19.7-46.el6.i686", "6Workstation:libcurl-devel-0:7.19.7-46.el6.ppc", "6Workstation:libcurl-devel-0:7.19.7-46.el6.ppc64", "6Workstation:libcurl-devel-0:7.19.7-46.el6.s390", "6Workstation:libcurl-devel-0:7.19.7-46.el6.s390x", "6Workstation:libcurl-devel-0:7.19.7-46.el6.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2015:1254" } ], "scores": [ { "cvss_v2": { "accessComplexity": "HIGH", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:N", "version": "2.0" }, "products": [ "6Client-optional:curl-0:7.19.7-46.el6.i686", "6Client-optional:curl-0:7.19.7-46.el6.ppc64", "6Client-optional:curl-0:7.19.7-46.el6.s390x", "6Client-optional:curl-0:7.19.7-46.el6.src", "6Client-optional:curl-0:7.19.7-46.el6.x86_64", "6Client-optional:curl-debuginfo-0:7.19.7-46.el6.i686", "6Client-optional:curl-debuginfo-0:7.19.7-46.el6.ppc", "6Client-optional:curl-debuginfo-0:7.19.7-46.el6.ppc64", "6Client-optional:curl-debuginfo-0:7.19.7-46.el6.s390", "6Client-optional:curl-debuginfo-0:7.19.7-46.el6.s390x", "6Client-optional:curl-debuginfo-0:7.19.7-46.el6.x86_64", "6Client-optional:libcurl-0:7.19.7-46.el6.i686", "6Client-optional:libcurl-0:7.19.7-46.el6.ppc", "6Client-optional:libcurl-0:7.19.7-46.el6.ppc64", "6Client-optional:libcurl-0:7.19.7-46.el6.s390", "6Client-optional:libcurl-0:7.19.7-46.el6.s390x", "6Client-optional:libcurl-0:7.19.7-46.el6.x86_64", "6Client-optional:libcurl-devel-0:7.19.7-46.el6.i686", "6Client-optional:libcurl-devel-0:7.19.7-46.el6.ppc", "6Client-optional:libcurl-devel-0:7.19.7-46.el6.ppc64", "6Client-optional:libcurl-devel-0:7.19.7-46.el6.s390", "6Client-optional:libcurl-devel-0:7.19.7-46.el6.s390x", "6Client-optional:libcurl-devel-0:7.19.7-46.el6.x86_64", "6Client:curl-0:7.19.7-46.el6.i686", "6Client:curl-0:7.19.7-46.el6.ppc64", "6Client:curl-0:7.19.7-46.el6.s390x", "6Client:curl-0:7.19.7-46.el6.src", "6Client:curl-0:7.19.7-46.el6.x86_64", "6Client:curl-debuginfo-0:7.19.7-46.el6.i686", "6Client:curl-debuginfo-0:7.19.7-46.el6.ppc", "6Client:curl-debuginfo-0:7.19.7-46.el6.ppc64", "6Client:curl-debuginfo-0:7.19.7-46.el6.s390", "6Client:curl-debuginfo-0:7.19.7-46.el6.s390x", "6Client:curl-debuginfo-0:7.19.7-46.el6.x86_64", "6Client:libcurl-0:7.19.7-46.el6.i686", "6Client:libcurl-0:7.19.7-46.el6.ppc", "6Client:libcurl-0:7.19.7-46.el6.ppc64", "6Client:libcurl-0:7.19.7-46.el6.s390", "6Client:libcurl-0:7.19.7-46.el6.s390x", "6Client:libcurl-0:7.19.7-46.el6.x86_64", "6Client:libcurl-devel-0:7.19.7-46.el6.i686", "6Client:libcurl-devel-0:7.19.7-46.el6.ppc", "6Client:libcurl-devel-0:7.19.7-46.el6.ppc64", "6Client:libcurl-devel-0:7.19.7-46.el6.s390", "6Client:libcurl-devel-0:7.19.7-46.el6.s390x", "6Client:libcurl-devel-0:7.19.7-46.el6.x86_64", "6ComputeNode-optional:curl-0:7.19.7-46.el6.i686", "6ComputeNode-optional:curl-0:7.19.7-46.el6.ppc64", "6ComputeNode-optional:curl-0:7.19.7-46.el6.s390x", "6ComputeNode-optional:curl-0:7.19.7-46.el6.src", "6ComputeNode-optional:curl-0:7.19.7-46.el6.x86_64", "6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.i686", "6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.ppc", "6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.ppc64", "6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.s390", "6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.s390x", "6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.x86_64", "6ComputeNode-optional:libcurl-0:7.19.7-46.el6.i686", "6ComputeNode-optional:libcurl-0:7.19.7-46.el6.ppc", "6ComputeNode-optional:libcurl-0:7.19.7-46.el6.ppc64", "6ComputeNode-optional:libcurl-0:7.19.7-46.el6.s390", "6ComputeNode-optional:libcurl-0:7.19.7-46.el6.s390x", "6ComputeNode-optional:libcurl-0:7.19.7-46.el6.x86_64", "6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.i686", "6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.ppc", "6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.ppc64", "6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.s390", "6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.s390x", "6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.x86_64", "6ComputeNode:curl-0:7.19.7-46.el6.i686", "6ComputeNode:curl-0:7.19.7-46.el6.ppc64", "6ComputeNode:curl-0:7.19.7-46.el6.s390x", "6ComputeNode:curl-0:7.19.7-46.el6.src", "6ComputeNode:curl-0:7.19.7-46.el6.x86_64", "6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.i686", "6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.ppc", "6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.ppc64", "6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.s390", "6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.s390x", "6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.x86_64", "6ComputeNode:libcurl-0:7.19.7-46.el6.i686", "6ComputeNode:libcurl-0:7.19.7-46.el6.ppc", "6ComputeNode:libcurl-0:7.19.7-46.el6.ppc64", "6ComputeNode:libcurl-0:7.19.7-46.el6.s390", "6ComputeNode:libcurl-0:7.19.7-46.el6.s390x", "6ComputeNode:libcurl-0:7.19.7-46.el6.x86_64", "6ComputeNode:libcurl-devel-0:7.19.7-46.el6.i686", "6ComputeNode:libcurl-devel-0:7.19.7-46.el6.ppc", "6ComputeNode:libcurl-devel-0:7.19.7-46.el6.ppc64", "6ComputeNode:libcurl-devel-0:7.19.7-46.el6.s390", "6ComputeNode:libcurl-devel-0:7.19.7-46.el6.s390x", "6ComputeNode:libcurl-devel-0:7.19.7-46.el6.x86_64", "6Server:curl-0:7.19.7-46.el6.i686", "6Server:curl-0:7.19.7-46.el6.ppc64", "6Server:curl-0:7.19.7-46.el6.s390x", "6Server:curl-0:7.19.7-46.el6.src", "6Server:curl-0:7.19.7-46.el6.x86_64", "6Server:curl-debuginfo-0:7.19.7-46.el6.i686", "6Server:curl-debuginfo-0:7.19.7-46.el6.ppc", "6Server:curl-debuginfo-0:7.19.7-46.el6.ppc64", "6Server:curl-debuginfo-0:7.19.7-46.el6.s390", "6Server:curl-debuginfo-0:7.19.7-46.el6.s390x", "6Server:curl-debuginfo-0:7.19.7-46.el6.x86_64", "6Server:libcurl-0:7.19.7-46.el6.i686", "6Server:libcurl-0:7.19.7-46.el6.ppc", "6Server:libcurl-0:7.19.7-46.el6.ppc64", "6Server:libcurl-0:7.19.7-46.el6.s390", "6Server:libcurl-0:7.19.7-46.el6.s390x", "6Server:libcurl-0:7.19.7-46.el6.x86_64", "6Server:libcurl-devel-0:7.19.7-46.el6.i686", "6Server:libcurl-devel-0:7.19.7-46.el6.ppc", "6Server:libcurl-devel-0:7.19.7-46.el6.ppc64", "6Server:libcurl-devel-0:7.19.7-46.el6.s390", "6Server:libcurl-devel-0:7.19.7-46.el6.s390x", "6Server:libcurl-devel-0:7.19.7-46.el6.x86_64", "6Workstation:curl-0:7.19.7-46.el6.i686", "6Workstation:curl-0:7.19.7-46.el6.ppc64", "6Workstation:curl-0:7.19.7-46.el6.s390x", "6Workstation:curl-0:7.19.7-46.el6.src", "6Workstation:curl-0:7.19.7-46.el6.x86_64", "6Workstation:curl-debuginfo-0:7.19.7-46.el6.i686", "6Workstation:curl-debuginfo-0:7.19.7-46.el6.ppc", "6Workstation:curl-debuginfo-0:7.19.7-46.el6.ppc64", "6Workstation:curl-debuginfo-0:7.19.7-46.el6.s390", "6Workstation:curl-debuginfo-0:7.19.7-46.el6.s390x", "6Workstation:curl-debuginfo-0:7.19.7-46.el6.x86_64", "6Workstation:libcurl-0:7.19.7-46.el6.i686", "6Workstation:libcurl-0:7.19.7-46.el6.ppc", "6Workstation:libcurl-0:7.19.7-46.el6.ppc64", "6Workstation:libcurl-0:7.19.7-46.el6.s390", "6Workstation:libcurl-0:7.19.7-46.el6.s390x", "6Workstation:libcurl-0:7.19.7-46.el6.x86_64", "6Workstation:libcurl-devel-0:7.19.7-46.el6.i686", "6Workstation:libcurl-devel-0:7.19.7-46.el6.ppc", "6Workstation:libcurl-devel-0:7.19.7-46.el6.ppc64", "6Workstation:libcurl-devel-0:7.19.7-46.el6.s390", "6Workstation:libcurl-devel-0:7.19.7-46.el6.s390x", "6Workstation:libcurl-devel-0:7.19.7-46.el6.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "curl: Negotiate not treated as connection-oriented" } ] }
ghsa-rhch-32f3-p669
Vulnerability from github
Published
2022-05-14 03:59
Modified
2022-05-14 03:59
Details
CRLF injection vulnerability in libcurl 6.0 through 7.x before 7.40.0, when using an HTTP proxy, allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via CRLF sequences in a URL.
{ "affected": [], "aliases": [ "CVE-2014-8150" ], "database_specific": { "cwe_ids": [], "github_reviewed": false, "github_reviewed_at": null, "nvd_published_at": "2015-01-15T15:59:00Z", "severity": "MODERATE" }, "details": "CRLF injection vulnerability in libcurl 6.0 through 7.x before 7.40.0, when using an HTTP proxy, allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via CRLF sequences in a URL.", "id": "GHSA-rhch-32f3-p669", "modified": "2022-05-14T03:59:44Z", "published": "2022-05-14T03:59:44Z", "references": [ { "type": "ADVISORY", "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-8150" }, { "type": "WEB", "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10131" }, { "type": "WEB", "url": "https://security.gentoo.org/glsa/201701-47" }, { "type": "WEB", "url": "https://support.apple.com/kb/HT205031" }, { "type": "WEB", "url": "http://advisories.mageia.org/MGASA-2015-0020.html" }, { "type": "WEB", "url": "http://curl.haxx.se/docs/adv_20150108B.html" }, { "type": "WEB", "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10743" }, { "type": "WEB", "url": "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html" }, { "type": "WEB", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-January/147856.html" }, { "type": "WEB", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-January/147876.html" }, { "type": "WEB", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/156945.html" }, { "type": "WEB", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/157188.html" }, { "type": "WEB", "url": "http://lists.opensuse.org/opensuse-updates/2015-02/msg00040.html" }, { "type": "WEB", "url": "http://rhn.redhat.com/errata/RHSA-2015-1254.html" }, { "type": "WEB", "url": "http://secunia.com/advisories/61925" }, { "type": "WEB", "url": "http://secunia.com/advisories/62075" }, { "type": "WEB", "url": "http://secunia.com/advisories/62361" }, { "type": "WEB", "url": "http://www.debian.org/security/2015/dsa-3122" }, { "type": "WEB", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:021" }, { "type": "WEB", "url": "http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html" }, { "type": "WEB", "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html" }, { "type": "WEB", "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html" }, { "type": "WEB", "url": "http://www.securityfocus.com/bid/71964" }, { "type": "WEB", "url": "http://www.securitytracker.com/id/1032768" }, { "type": "WEB", "url": "http://www.ubuntu.com/usn/USN-2474-1" } ], "schema_version": "1.4.0", "severity": [] }
Loading…
Loading…
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.