Action not permitted
Modal body text goes here.
CVE-2014-3613
Vulnerability from cvelistv5
Published
2014-11-18 15:00
Modified
2024-08-06 10:50
Severity ?
EPSS score ?
Summary
cURL and libcurl before 7.38.0 does not properly handle IP addresses in cookie domain names, which allows remote attackers to set cookies for or send arbitrary cookies to certain sites, as demonstrated by a site at 192.168.0.1 setting cookies for a site at 127.168.0.1.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T10:50:17.964Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://curl.haxx.se/docs/adv_20140910A.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html"
},
{
"name": "APPLE-SA-2015-08-13-2",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html"
},
{
"name": "RHSA-2015:1254",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1254.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10743"
},
{
"name": "openSUSE-SU-2014:1139",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00024.html"
},
{
"name": "69748",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/69748"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.apple.com/kb/HT205031"
},
{
"name": "DSA-3022",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2014/dsa-3022"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-09-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "cURL and libcurl before 7.38.0 does not properly handle IP addresses in cookie domain names, which allows remote attackers to set cookies for or send arbitrary cookies to certain sites, as demonstrated by a site at 192.168.0.1 setting cookies for a site at 127.168.0.1."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-01-04T19:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://curl.haxx.se/docs/adv_20140910A.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html"
},
{
"name": "APPLE-SA-2015-08-13-2",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html"
},
{
"name": "RHSA-2015:1254",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1254.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10743"
},
{
"name": "openSUSE-SU-2014:1139",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00024.html"
},
{
"name": "69748",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/69748"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.apple.com/kb/HT205031"
},
{
"name": "DSA-3022",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2014/dsa-3022"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2014-3613",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "cURL and libcurl before 7.38.0 does not properly handle IP addresses in cookie domain names, which allows remote attackers to set cookies for or send arbitrary cookies to certain sites, as demonstrated by a site at 192.168.0.1 setting cookies for a site at 127.168.0.1."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html"
},
{
"name": "http://curl.haxx.se/docs/adv_20140910A.html",
"refsource": "CONFIRM",
"url": "http://curl.haxx.se/docs/adv_20140910A.html"
},
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html"
},
{
"name": "APPLE-SA-2015-08-13-2",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html"
},
{
"name": "RHSA-2015:1254",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1254.html"
},
{
"name": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10743",
"refsource": "CONFIRM",
"url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10743"
},
{
"name": "openSUSE-SU-2014:1139",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00024.html"
},
{
"name": "69748",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/69748"
},
{
"name": "https://support.apple.com/kb/HT205031",
"refsource": "CONFIRM",
"url": "https://support.apple.com/kb/HT205031"
},
{
"name": "DSA-3022",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2014/dsa-3022"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2014-3613",
"datePublished": "2014-11-18T15:00:00",
"dateReserved": "2014-05-14T00:00:00",
"dateUpdated": "2024-08-06T10:50:17.964Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2014-3613\",\"sourceIdentifier\":\"secalert@redhat.com\",\"published\":\"2014-11-18T15:59:00.140\",\"lastModified\":\"2024-11-21T02:08:30.313\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"cURL and libcurl before 7.38.0 does not properly handle IP addresses in cookie domain names, which allows remote attackers to set cookies for or send arbitrary cookies to certain sites, as demonstrated by a site at 192.168.0.1 setting cookies for a site at 127.168.0.1.\"},{\"lang\":\"es\",\"value\":\"cURL y libcurl anteriores a 7.38.0 no manejan correctamente las direcciones IP en nombres de dominio de cookies, lo que permite a atacantes remotos usar cookies definidas por ellos mismos o enviar cookies arbitrarias a ciertos sitios, como originada por un sitio en 192.168.0.1 estableciendo las cookies para un sitio en 127.168.0.1.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:N/I:P/A:N\",\"baseScore\":5.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":10.0,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-310\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:curl:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"7.37.1\",\"matchCriteriaId\":\"B72E7AFD-F700-4EE7-AC64-238AC573CDBA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:curl:7.31.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5ECABFCB-0D02-4B5B-BB35-C6B3C0896348\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:curl:7.32.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5A5176F0-E62F-46FF-B536-DC0680696773\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:curl:7.33.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"506A3761-3D24-43DB-88D8-4EB5B9E8BA5C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:curl:7.34.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0B6EF8B0-0E86-449C-A500-ACD902A78C7F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:curl:7.35.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4D558CC2-0146-4887-834E-19FCB1D512A3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:curl:7.36.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6931764D-16AB-4546-9CE3-5B4E03BC984A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:curl:7.37.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6FC1313E-8DCB-4B29-A9BC-A27C8CB360E9\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"7.37.1\",\"matchCriteriaId\":\"F0181855-D18C-49D9-8BC5-2EC16689B7EF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.31.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1791BF6D-2C96-4A6E-90D4-2906A73601F6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.32.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"260DD751-4145-4B75-B892-5FC932C6A305\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.33.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EFF4AD0D-2EC5-4CE8-B6B3-2EC8ED2FF118\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.34.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3EB1CB85-0A9B-4816-B471-278774EE6D4C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.35.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3831AB03-4E7E-476D-9623-58AADC188DFE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.36.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"ABACE305-2F0C-4B59-BC5C-6DF162B450E4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.37.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6FAC1B55-F492-484E-B837-E7745682DE0A\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"10.10.4\",\"matchCriteriaId\":\"7883E465-932D-4C11-AA54-97E44181F906\"}]}]}],\"references\":[{\"url\":\"http://curl.haxx.se/docs/adv_20140910A.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Patch\"]},{\"url\":\"http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10743\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00024.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2015-1254.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.debian.org/security/2014/dsa-3022\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.securityfocus.com/bid/69748\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://support.apple.com/kb/HT205031\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://curl.haxx.se/docs/adv_20140910A.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10743\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00024.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2015-1254.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.debian.org/security/2014/dsa-3022\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/69748\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://support.apple.com/kb/HT205031\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
}
}
gsd-2014-3613
Vulnerability from gsd
Modified
2023-12-13 01:22
Details
cURL and libcurl before 7.38.0 does not properly handle IP addresses in cookie domain names, which allows remote attackers to set cookies for or send arbitrary cookies to certain sites, as demonstrated by a site at 192.168.0.1 setting cookies for a site at 127.168.0.1.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2014-3613",
"description": "cURL and libcurl before 7.38.0 does not properly handle IP addresses in cookie domain names, which allows remote attackers to set cookies for or send arbitrary cookies to certain sites, as demonstrated by a site at 192.168.0.1 setting cookies for a site at 127.168.0.1.",
"id": "GSD-2014-3613",
"references": [
"https://www.suse.com/security/cve/CVE-2014-3613.html",
"https://www.debian.org/security/2014/dsa-3022",
"https://access.redhat.com/errata/RHSA-2015:2159",
"https://access.redhat.com/errata/RHSA-2015:1254",
"https://ubuntu.com/security/CVE-2014-3613",
"https://advisories.mageia.org/CVE-2014-3613.html",
"https://alas.aws.amazon.com/cve/html/CVE-2014-3613.html",
"https://linux.oracle.com/cve/CVE-2014-3613.html"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2014-3613"
],
"details": "cURL and libcurl before 7.38.0 does not properly handle IP addresses in cookie domain names, which allows remote attackers to set cookies for or send arbitrary cookies to certain sites, as demonstrated by a site at 192.168.0.1 setting cookies for a site at 127.168.0.1.",
"id": "GSD-2014-3613",
"modified": "2023-12-13T01:22:53.605702Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2014-3613",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "cURL and libcurl before 7.38.0 does not properly handle IP addresses in cookie domain names, which allows remote attackers to set cookies for or send arbitrary cookies to certain sites, as demonstrated by a site at 192.168.0.1 setting cookies for a site at 127.168.0.1."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html"
},
{
"name": "http://curl.haxx.se/docs/adv_20140910A.html",
"refsource": "CONFIRM",
"url": "http://curl.haxx.se/docs/adv_20140910A.html"
},
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html"
},
{
"name": "APPLE-SA-2015-08-13-2",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html"
},
{
"name": "RHSA-2015:1254",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1254.html"
},
{
"name": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10743",
"refsource": "CONFIRM",
"url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10743"
},
{
"name": "openSUSE-SU-2014:1139",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00024.html"
},
{
"name": "69748",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/69748"
},
{
"name": "https://support.apple.com/kb/HT205031",
"refsource": "CONFIRM",
"url": "https://support.apple.com/kb/HT205031"
},
{
"name": "DSA-3022",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2014/dsa-3022"
}
]
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:haxx:curl:7.33.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:curl:7.34.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:curl:7.37.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:curl:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "7.37.1",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:curl:7.31.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:curl:7.32.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:curl:7.35.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:curl:7.36.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.37.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.36.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.33.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.32.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:libcurl:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "7.37.1",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.31.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.35.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:haxx:libcurl:7.34.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "10.10.4",
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2014-3613"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "cURL and libcurl before 7.38.0 does not properly handle IP addresses in cookie domain names, which allows remote attackers to set cookies for or send arbitrary cookies to certain sites, as demonstrated by a site at 192.168.0.1 setting cookies for a site at 127.168.0.1."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-310"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "DSA-3022",
"refsource": "DEBIAN",
"tags": [
"Vendor Advisory"
],
"url": "http://www.debian.org/security/2014/dsa-3022"
},
{
"name": "openSUSE-SU-2014:1139",
"refsource": "SUSE",
"tags": [],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00024.html"
},
{
"name": "http://curl.haxx.se/docs/adv_20140910A.html",
"refsource": "CONFIRM",
"tags": [
"Patch"
],
"url": "http://curl.haxx.se/docs/adv_20140910A.html"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html",
"refsource": "CONFIRM",
"tags": [],
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html"
},
{
"name": "APPLE-SA-2015-08-13-2",
"refsource": "APPLE",
"tags": [],
"url": "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html"
},
{
"name": "https://support.apple.com/kb/HT205031",
"refsource": "CONFIRM",
"tags": [],
"url": "https://support.apple.com/kb/HT205031"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html",
"refsource": "CONFIRM",
"tags": [],
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html"
},
{
"name": "69748",
"refsource": "BID",
"tags": [],
"url": "http://www.securityfocus.com/bid/69748"
},
{
"name": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10743",
"refsource": "CONFIRM",
"tags": [],
"url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10743"
},
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html",
"refsource": "CONFIRM",
"tags": [],
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html"
},
{
"name": "RHSA-2015:1254",
"refsource": "REDHAT",
"tags": [],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1254.html"
}
]
}
},
"impact": {
"baseMetricV2": {
"cvssV2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"userInteractionRequired": false
}
},
"lastModifiedDate": "2018-01-05T02:29Z",
"publishedDate": "2014-11-18T15:59Z"
}
}
}
ghsa-gcmw-6qh5-324w
Vulnerability from github
Published
2022-05-14 03:59
Modified
2022-05-14 03:59
Details
cURL and libcurl before 7.38.0 does not properly handle IP addresses in cookie domain names, which allows remote attackers to set cookies for or send arbitrary cookies to certain sites, as demonstrated by a site at 192.168.0.1 setting cookies for a site at 127.168.0.1.
{
"affected": [],
"aliases": [
"CVE-2014-3613"
],
"database_specific": {
"cwe_ids": [],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2014-11-18T15:59:00Z",
"severity": "MODERATE"
},
"details": "cURL and libcurl before 7.38.0 does not properly handle IP addresses in cookie domain names, which allows remote attackers to set cookies for or send arbitrary cookies to certain sites, as demonstrated by a site at 192.168.0.1 setting cookies for a site at 127.168.0.1.",
"id": "GHSA-gcmw-6qh5-324w",
"modified": "2022-05-14T03:59:54Z",
"published": "2022-05-14T03:59:54Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2014-3613"
},
{
"type": "WEB",
"url": "https://support.apple.com/kb/HT205031"
},
{
"type": "WEB",
"url": "http://curl.haxx.se/docs/adv_20140910A.html"
},
{
"type": "WEB",
"url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10743"
},
{
"type": "WEB",
"url": "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html"
},
{
"type": "WEB",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00024.html"
},
{
"type": "WEB",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1254.html"
},
{
"type": "WEB",
"url": "http://www.debian.org/security/2014/dsa-3022"
},
{
"type": "WEB",
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html"
},
{
"type": "WEB",
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html"
},
{
"type": "WEB",
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/69748"
}
],
"schema_version": "1.4.0",
"severity": []
}
var-201411-0410
Vulnerability from variot
cURL and libcurl before 7.38.0 does not properly handle IP addresses in cookie domain names, which allows remote attackers to set cookies for or send arbitrary cookies to certain sites, as demonstrated by a site at 192.168.0.1 setting cookies for a site at 127.168.0.1. cURL/libcURL is prone to a remote security-bypass vulnerability. An attacker can leverage this issue to bypass security restrictions and perform unauthorized actions. This may aid in further attacks. cURL/libcURL 7.1 through 7.37.1 are vulnerable. Both Haxx curl and libcurl are products of the Swedish company Haxx. libcurl is a free, open source client-side URL transfer library. 7) - x86_64
-
(BZ#1154060)
-
TLS 1.1 and TLS 1.2 are no longer disabled by default in libcurl. (BZ#1170339)
-
FTP operations such as downloading files took a significantly long time to complete. Now, the FTP implementation in libcurl correctly sets blocking direction and estimated timeout for connections, resulting in faster FTP transfers. (BZ#1066065)
-
The libcurl library did not implement a non-blocking SSL handshake, which negatively affected performance of applications based on the libcurl multi API. The non-blocking SSL handshake has been implemented in libcurl, and the libcurl multi API now immediately returns the control back to the application whenever it cannot read or write data from or to the underlying network socket. (BZ#1091429)
-
The libcurl library used an unnecessarily long blocking delay for actions with no active file descriptors, even for short operations. Some actions, such as resolving a host name using /etc/hosts, took a long time to complete. The blocking code in libcurl has been modified so that the initial delay is short and gradually increases until an event occurs.
libcurl can in some circumstances re-use the wrong connection when asked to do transfers using other protocols than HTTP and FTP, causing a transfer that was initiated by an application to wrongfully re-use an existing connection to the same server that was authenticated using different credentials (CVE-2014-0138).
libcurl incorrectly validates wildcard SSL certificates containing literal IP addresses, so under certain conditions, it would allow and use a wildcard match specified in the CN field, allowing a malicious server to participate in a MITM attack or just fool users into believing that it is a legitimate site (CVE-2014-0139). For this problem to trigger, the client application must use the numerical IP address in the URL to access the site (CVE-2014-3613).
Symeon Paraschoudis discovered that the curl_easy_duphandle() function in cURL has a bug that can lead to libcurl eventually sending off sensitive data that was not intended for sending, while performing a HTTP POST operation. This bug requires CURLOPT_COPYPOSTFIELDS and curl_easy_duphandle() to be used in that order, and then the duplicate handle must be used to perform the HTTP POST. If the given URL contains line feeds and carriage returns those will be sent along to the proxy too, which allows the program to for example send a separate HTTP request injected embedded in the URL (CVE-2014-8150).
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0015 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0138 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0139 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3613 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3620 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3707 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8150 http://advisories.mageia.org/MGASA-2014-0153.html http://advisories.mageia.org/MGASA-2014-0385.html http://advisories.mageia.org/MGASA-2014-0444.html http://advisories.mageia.org/MGASA-2015-0020.html
Updated Packages:
Mandriva Business Server 2/X86_64: 498d59be3a6a4ace215c0d98fb4abede mbs2/x86_64/curl-7.34.0-3.1.mbs2.x86_64.rpm 75a821b73a75ca34f1747a0f7479267f mbs2/x86_64/curl-examples-7.34.0-3.1.mbs2.noarch.rpm f5d3aad5f0fd9db68b87c648aaabbb4a mbs2/x86_64/lib64curl4-7.34.0-3.1.mbs2.x86_64.rpm 4f356a2c97f9f64124b4e8ebe307826a mbs2/x86_64/lib64curl-devel-7.34.0-3.1.mbs2.x86_64.rpm d010a357d76a8eb967c7c52f92fb35ae mbs2/SRPMS/curl-7.34.0-3.1.mbs2.src.rpm
To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. You can obtain the GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/en/support/security/advisories/
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
iD8DBQFVFn3GmqjQ0CJFipgRAu1CAJ9iEOw8vZuH/tA8vyx1xmbC4vySTgCgqExY Fpa5OZRsP4i0DWRwsyxOCt4= =5PNM -----END PGP SIGNATURE----- . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
===================================================================== Red Hat Security Advisory
Synopsis: Moderate: curl security, bug fix, and enhancement update Advisory ID: RHSA-2015:1254-02 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2015-1254.html Issue date: 2015-07-22 Updated on: 2014-12-15 CVE Names: CVE-2014-3613 CVE-2014-3707 CVE-2014-8150 CVE-2015-3143 CVE-2015-3148 =====================================================================
- Summary:
Updated curl packages that fix multiple security issues, several bugs, and add two enhancements are now available for Red Hat Enterprise Linux 6.
Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.
- Relevant releases/architectures:
Red Hat Enterprise Linux Desktop (v. 6) - i386, x86_64 Red Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64 Red Hat Enterprise Linux HPC Node (v. 6) - x86_64 Red Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64 Red Hat Enterprise Linux Server (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 6) - i386, x86_64
- Description:
The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP.
It was found that the libcurl library did not correctly handle partial literal IP addresses when parsing received HTTP cookies. An attacker able to trick a user into connecting to a malicious server could use this flaw to set the user's cookie to a crafted domain, making other cookie-related issues easier to exploit. (CVE-2014-3613)
A flaw was found in the way the libcurl library performed the duplication of connection handles. If an application set the CURLOPT_COPYPOSTFIELDS option for a handle, using the handle's duplicate could cause the application to crash or disclose a portion of its memory. (CVE-2014-3707)
It was discovered that the libcurl library failed to properly handle URLs with embedded end-of-line characters. An attacker able to make an application using libcurl to access a specially crafted URL via an HTTP proxy could use this flaw to inject additional headers to the request or construct additional requests. (CVE-2014-8150)
It was discovered that libcurl implemented aspects of the NTLM and Negotatiate authentication incorrectly. If an application uses libcurl and the affected mechanisms in a specifc way, certain requests to a previously NTLM-authenticated server could appears as sent by the wrong authenticated user. Additionally, the initial set of credentials for HTTP Negotiate-authenticated requests could be reused in subsequent requests, although a different set of credentials was specified. (CVE-2015-3143, CVE-2015-3148)
Red Hat would like to thank the cURL project for reporting these issues.
Bug fixes:
-
An out-of-protocol fallback to SSL version 3.0 (SSLv3.0) was available with libcurl. Attackers could abuse the fallback to force downgrade of the SSL version. The fallback has been removed from libcurl. Users requiring this functionality can explicitly enable SSLv3.0 through the libcurl API. (BZ#1154059)
-
A single upload transfer through the FILE protocol opened the destination file twice. If the inotify kernel subsystem monitored the file, two events were produced unnecessarily. The file is now opened only once per upload. (BZ#883002)
-
Utilities using libcurl for SCP/SFTP transfers could terminate unexpectedly when the system was running in FIPS mode. (BZ#1008178)
-
Using the "--retry" option with the curl utility could cause curl to terminate unexpectedly with a segmentation fault. Now, adding "--retry" no longer causes curl to crash. (BZ#1009455)
-
The "curl --trace-time" command did not use the correct local time when printing timestamps. Now, "curl --trace-time" works as expected. (BZ#1120196)
-
The valgrind utility could report dynamically allocated memory leaks on curl exit. Now, curl performs a global shutdown of the NetScape Portable Runtime (NSPR) library on exit, and valgrind no longer reports the memory leaks. (BZ#1146528)
-
Previously, libcurl returned an incorrect value of the CURLINFO_HEADER_SIZE field when a proxy server appended its own headers to the HTTP response. Now, the returned value is valid. (BZ#1161163)
Enhancements:
-
The "--tlsv1.0", "--tlsv1.1", and "--tlsv1.2" options are available for specifying the minor version of the TLS protocol to be negotiated by NSS. The "--tlsv1" option now negotiates the highest version of the TLS protocol supported by both the client and the server. (BZ#1012136)
-
It is now possible to explicitly enable or disable the ECC and the new AES cipher suites to be used for TLS. (BZ#1058767, BZ#1156422)
All curl users are advised to upgrade to these updated packages, which contain backported patches to correct these issues and add these enhancements.
- Solution:
Before applying this update, make sure all previously released errata relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
- Bugs fixed (https://bugzilla.redhat.com/):
835898 - Bug in DNS cache causes connections until restart of libcurl-using processes 883002 - curl used with file:// protocol opens and closes a destination file twice 997185 - sendrecv.c example incorrect type for sockfd 1008178 - curl scp download fails in fips mode 1011083 - CA certificate cannot be specified by nickname [documentation bug] 1011101 - manpage typos found using aspell 1058767 - curl does not support ECDSA certificates 1104160 - Link in curl man page is wrong 1136154 - CVE-2014-3613 curl: incorrect handling of IP addresses in cookie domain 1154059 - curl: Disable out-of-protocol fallback to SSL 3.0 1154747 - NTLM: ignore CURLOPT_FORBID_REUSE during NTLM HTTP auth 1154941 - CVE-2014-3707 curl: incorrect handle duplication after COPYPOSTFIELDS 1156422 - curl does not allow explicit control of DHE ciphers 1161163 - Response headers added by proxy servers missing in CURLINFO_HEADER_SIZE 1168137 - curl closes connection after HEAD request fails 1178692 - CVE-2014-8150 curl: URL request injection vulnerability in parseurlandfillconn() 1213306 - CVE-2015-3143 curl: re-using authenticated connection when unauthenticated 1213351 - CVE-2015-3148 curl: Negotiate not treated as connection-oriented
- Package List:
Red Hat Enterprise Linux Desktop (v. 6):
Source: curl-7.19.7-46.el6.src.rpm
i386: curl-7.19.7-46.el6.i686.rpm curl-debuginfo-7.19.7-46.el6.i686.rpm libcurl-7.19.7-46.el6.i686.rpm
x86_64: curl-7.19.7-46.el6.x86_64.rpm curl-debuginfo-7.19.7-46.el6.i686.rpm curl-debuginfo-7.19.7-46.el6.x86_64.rpm libcurl-7.19.7-46.el6.i686.rpm libcurl-7.19.7-46.el6.x86_64.rpm
Red Hat Enterprise Linux Desktop Optional (v. 6):
i386: curl-debuginfo-7.19.7-46.el6.i686.rpm libcurl-devel-7.19.7-46.el6.i686.rpm
x86_64: curl-debuginfo-7.19.7-46.el6.i686.rpm curl-debuginfo-7.19.7-46.el6.x86_64.rpm libcurl-devel-7.19.7-46.el6.i686.rpm libcurl-devel-7.19.7-46.el6.x86_64.rpm
Red Hat Enterprise Linux HPC Node (v. 6):
Source: curl-7.19.7-46.el6.src.rpm
x86_64: curl-7.19.7-46.el6.x86_64.rpm curl-debuginfo-7.19.7-46.el6.i686.rpm curl-debuginfo-7.19.7-46.el6.x86_64.rpm libcurl-7.19.7-46.el6.i686.rpm libcurl-7.19.7-46.el6.x86_64.rpm
Red Hat Enterprise Linux HPC Node Optional (v. 6):
x86_64: curl-debuginfo-7.19.7-46.el6.i686.rpm curl-debuginfo-7.19.7-46.el6.x86_64.rpm libcurl-devel-7.19.7-46.el6.i686.rpm libcurl-devel-7.19.7-46.el6.x86_64.rpm
Red Hat Enterprise Linux Server (v. 6):
Source: curl-7.19.7-46.el6.src.rpm
i386: curl-7.19.7-46.el6.i686.rpm curl-debuginfo-7.19.7-46.el6.i686.rpm libcurl-7.19.7-46.el6.i686.rpm libcurl-devel-7.19.7-46.el6.i686.rpm
ppc64: curl-7.19.7-46.el6.ppc64.rpm curl-debuginfo-7.19.7-46.el6.ppc.rpm curl-debuginfo-7.19.7-46.el6.ppc64.rpm libcurl-7.19.7-46.el6.ppc.rpm libcurl-7.19.7-46.el6.ppc64.rpm libcurl-devel-7.19.7-46.el6.ppc.rpm libcurl-devel-7.19.7-46.el6.ppc64.rpm
s390x: curl-7.19.7-46.el6.s390x.rpm curl-debuginfo-7.19.7-46.el6.s390.rpm curl-debuginfo-7.19.7-46.el6.s390x.rpm libcurl-7.19.7-46.el6.s390.rpm libcurl-7.19.7-46.el6.s390x.rpm libcurl-devel-7.19.7-46.el6.s390.rpm libcurl-devel-7.19.7-46.el6.s390x.rpm
x86_64: curl-7.19.7-46.el6.x86_64.rpm curl-debuginfo-7.19.7-46.el6.i686.rpm curl-debuginfo-7.19.7-46.el6.x86_64.rpm libcurl-7.19.7-46.el6.i686.rpm libcurl-7.19.7-46.el6.x86_64.rpm libcurl-devel-7.19.7-46.el6.i686.rpm libcurl-devel-7.19.7-46.el6.x86_64.rpm
Red Hat Enterprise Linux Workstation (v. 6):
Source: curl-7.19.7-46.el6.src.rpm
i386: curl-7.19.7-46.el6.i686.rpm curl-debuginfo-7.19.7-46.el6.i686.rpm libcurl-7.19.7-46.el6.i686.rpm libcurl-devel-7.19.7-46.el6.i686.rpm
x86_64: curl-7.19.7-46.el6.x86_64.rpm curl-debuginfo-7.19.7-46.el6.i686.rpm curl-debuginfo-7.19.7-46.el6.x86_64.rpm libcurl-7.19.7-46.el6.i686.rpm libcurl-7.19.7-46.el6.x86_64.rpm libcurl-devel-7.19.7-46.el6.i686.rpm libcurl-devel-7.19.7-46.el6.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/
- References:
https://access.redhat.com/security/cve/CVE-2014-3613 https://access.redhat.com/security/cve/CVE-2014-3707 https://access.redhat.com/security/cve/CVE-2014-8150 https://access.redhat.com/security/cve/CVE-2015-3143 https://access.redhat.com/security/cve/CVE-2015-3148 https://access.redhat.com/security/updates/classification/#moderate
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2014 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iD8DBQFVrzSJXlSAg2UNWIIRAnEiAJ9xqOogsAzooomZ4VeMgA+gUwEuTwCfTzMn emWApg/iYw5vIs3rWoqmU7A= =p+Xb -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce .
For the stable distribution (wheezy), these problems have been fixed in version 7.26.0-1+wheezy10.
For the testing distribution (jessie), these problems have been fixed in version 7.38.0-1.
For the unstable distribution (sid), these problems have been fixed in version 7.38.0-1.
We recommend that you upgrade your curl packages
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201411-0410",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "libcurl",
"scope": "eq",
"trust": 1.6,
"vendor": "haxx",
"version": "7.34.0"
},
{
"model": "libcurl",
"scope": "eq",
"trust": 1.6,
"vendor": "haxx",
"version": "7.36.0"
},
{
"model": "libcurl",
"scope": "eq",
"trust": 1.6,
"vendor": "haxx",
"version": "7.31.0"
},
{
"model": "curl",
"scope": "eq",
"trust": 1.6,
"vendor": "haxx",
"version": "7.37.0"
},
{
"model": "libcurl",
"scope": "eq",
"trust": 1.6,
"vendor": "haxx",
"version": "7.33.0"
},
{
"model": "curl",
"scope": "eq",
"trust": 1.6,
"vendor": "haxx",
"version": "7.36.0"
},
{
"model": "libcurl",
"scope": "eq",
"trust": 1.6,
"vendor": "haxx",
"version": "7.35.0"
},
{
"model": "libcurl",
"scope": "eq",
"trust": 1.6,
"vendor": "haxx",
"version": "7.32.0"
},
{
"model": "libcurl",
"scope": "eq",
"trust": 1.6,
"vendor": "haxx",
"version": "7.37.0"
},
{
"model": "libcurl",
"scope": "lte",
"trust": 1.0,
"vendor": "haxx",
"version": "7.37.1"
},
{
"model": "mac os x",
"scope": "lte",
"trust": 1.0,
"vendor": "apple",
"version": "10.10.4"
},
{
"model": "curl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.31.0"
},
{
"model": "curl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.33.0"
},
{
"model": "curl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.32.0"
},
{
"model": "curl",
"scope": "lte",
"trust": 1.0,
"vendor": "haxx",
"version": "7.37.1"
},
{
"model": "curl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.34.0"
},
{
"model": "curl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.35.0"
},
{
"model": "curl",
"scope": "lt",
"trust": 0.8,
"vendor": "haxx",
"version": "7.38.0"
},
{
"model": "libcurl",
"scope": "lt",
"trust": 0.8,
"vendor": "haxx",
"version": "7.38.0"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "10.10 to 10.10.4"
},
{
"model": "hyperion",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "essbase 11.1.2.2"
},
{
"model": "hyperion",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "essbase 11.1.2.3"
},
{
"model": "curl",
"scope": "eq",
"trust": 0.6,
"vendor": "haxx",
"version": "7.37.1"
},
{
"model": "linux lts i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "12.04"
},
{
"model": "linux lts amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "12.04"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"model": "hat enterprise linux workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"model": "hat enterprise linux server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"model": "hat enterprise linux hpc node optional",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"model": "hat enterprise linux hpc node",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"model": "hat enterprise linux desktop optional",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"model": "hat enterprise linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "0"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.2"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "linux s/390",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "linux mips",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "linux ia-64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "linux ia-32",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
}
],
"sources": [
{
"db": "BID",
"id": "69748"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005511"
},
{
"db": "CNNVD",
"id": "CNNVD-201410-1276"
},
{
"db": "NVD",
"id": "CVE-2014-3613"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:haxx:curl",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:haxx:libcurl",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:apple:mac_os_x",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:oracle:hyperion",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-005511"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Tim Ruehsen",
"sources": [
{
"db": "BID",
"id": "69748"
},
{
"db": "CNNVD",
"id": "CNNVD-201410-1276"
}
],
"trust": 0.9
},
"cve": "CVE-2014-3613",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2014-3613",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.9,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-71553",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2014-3613",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2014-3613",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-201410-1276",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-71553",
"trust": 0.1,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2014-3613",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-71553"
},
{
"db": "VULMON",
"id": "CVE-2014-3613"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005511"
},
{
"db": "CNNVD",
"id": "CNNVD-201410-1276"
},
{
"db": "NVD",
"id": "CVE-2014-3613"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "cURL and libcurl before 7.38.0 does not properly handle IP addresses in cookie domain names, which allows remote attackers to set cookies for or send arbitrary cookies to certain sites, as demonstrated by a site at 192.168.0.1 setting cookies for a site at 127.168.0.1. cURL/libcURL is prone to a remote security-bypass vulnerability. \nAn attacker can leverage this issue to bypass security restrictions and perform unauthorized actions. This may aid in further attacks. \ncURL/libcURL 7.1 through 7.37.1 are vulnerable. Both Haxx curl and libcurl are products of the Swedish company Haxx. libcurl is a free, open source client-side URL transfer library. 7) - x86_64\n\n3. \n(BZ#1154060)\n\n* TLS 1.1 and TLS 1.2 are no longer disabled by default in libcurl. (BZ#1170339)\n\n* FTP operations such as downloading files took a significantly long time\nto complete. Now, the FTP implementation in libcurl correctly sets blocking\ndirection and estimated timeout for connections, resulting in faster FTP\ntransfers. (BZ#1066065)\n\n* The libcurl library did not implement a non-blocking SSL handshake, which\nnegatively affected performance of applications based on the libcurl multi\nAPI. The non-blocking SSL handshake has been implemented in libcurl, and\nthe libcurl multi API now immediately returns the control back to the\napplication whenever it cannot read or write data from or to the underlying\nnetwork socket. (BZ#1091429)\n\n* The libcurl library used an unnecessarily long blocking delay for actions\nwith no active file descriptors, even for short operations. Some actions,\nsuch as resolving a host name using /etc/hosts, took a long time to\ncomplete. The blocking code in libcurl has been modified so that the\ninitial delay is short and gradually increases until an event occurs. \n \n libcurl can in some circumstances re-use the wrong connection when\n asked to do transfers using other protocols than HTTP and FTP, causing\n a transfer that was initiated by an application to wrongfully re-use\n an existing connection to the same server that was authenticated\n using different credentials (CVE-2014-0138). \n \n libcurl incorrectly validates wildcard SSL certificates containing\n literal IP addresses, so under certain conditions, it would allow\n and use a wildcard match specified in the CN field, allowing a\n malicious server to participate in a MITM attack or just fool users\n into believing that it is a legitimate site (CVE-2014-0139). For this problem to trigger, the client application must use\n the numerical IP address in the URL to access the site (CVE-2014-3613). \n \n Symeon Paraschoudis discovered that the curl_easy_duphandle() function\n in cURL has a bug that can lead to libcurl eventually sending off\n sensitive data that was not intended for sending, while performing\n a HTTP POST operation. This bug requires CURLOPT_COPYPOSTFIELDS and\n curl_easy_duphandle() to be used in that order, and then the duplicate\n handle must be used to perform the HTTP POST. If the given URL\n contains line feeds and carriage returns those will be sent along to\n the proxy too, which allows the program to for example send a separate\n HTTP request injected embedded in the URL (CVE-2014-8150). \n _______________________________________________________________________\n\n References:\n\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0015\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0138\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0139\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3613\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3620\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3707\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8150\n http://advisories.mageia.org/MGASA-2014-0153.html\n http://advisories.mageia.org/MGASA-2014-0385.html\n http://advisories.mageia.org/MGASA-2014-0444.html\n http://advisories.mageia.org/MGASA-2015-0020.html\n _______________________________________________________________________\n\n Updated Packages:\n\n Mandriva Business Server 2/X86_64:\n 498d59be3a6a4ace215c0d98fb4abede mbs2/x86_64/curl-7.34.0-3.1.mbs2.x86_64.rpm\n 75a821b73a75ca34f1747a0f7479267f mbs2/x86_64/curl-examples-7.34.0-3.1.mbs2.noarch.rpm\n f5d3aad5f0fd9db68b87c648aaabbb4a mbs2/x86_64/lib64curl4-7.34.0-3.1.mbs2.x86_64.rpm\n 4f356a2c97f9f64124b4e8ebe307826a mbs2/x86_64/lib64curl-devel-7.34.0-3.1.mbs2.x86_64.rpm \n d010a357d76a8eb967c7c52f92fb35ae mbs2/SRPMS/curl-7.34.0-3.1.mbs2.src.rpm\n _______________________________________________________________________\n\n To upgrade automatically use MandrivaUpdate or urpmi. The verification\n of md5 checksums and GPG signatures is performed automatically for you. You can obtain the\n GPG public key of the Mandriva Security Team by executing:\n\n gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\n\n You can view other update advisories for Mandriva Linux at:\n\n http://www.mandriva.com/en/support/security/advisories/\n\n If you want to report vulnerabilities, please contact\n\n security_(at)_mandriva.com\n _______________________________________________________________________\n\n Type Bits/KeyID Date User ID\n pub 1024D/22458A98 2000-07-10 Mandriva Security Team\n \u003csecurity*mandriva.com\u003e\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.12 (GNU/Linux)\n\niD8DBQFVFn3GmqjQ0CJFipgRAu1CAJ9iEOw8vZuH/tA8vyx1xmbC4vySTgCgqExY\nFpa5OZRsP4i0DWRwsyxOCt4=\n=5PNM\n-----END PGP SIGNATURE-----\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Moderate: curl security, bug fix, and enhancement update\nAdvisory ID: RHSA-2015:1254-02\nProduct: Red Hat Enterprise Linux\nAdvisory URL: https://rhn.redhat.com/errata/RHSA-2015-1254.html\nIssue date: 2015-07-22\nUpdated on: 2014-12-15\nCVE Names: CVE-2014-3613 CVE-2014-3707 CVE-2014-8150 \n CVE-2015-3143 CVE-2015-3148 \n=====================================================================\n\n1. Summary:\n\nUpdated curl packages that fix multiple security issues, several bugs, and\nadd two enhancements are now available for Red Hat Enterprise Linux 6. \n\nRed Hat Product Security has rated this update as having Moderate security\nimpact. Common Vulnerability Scoring System (CVSS) base scores, which give\ndetailed severity ratings, are available for each vulnerability from the\nCVE links in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Desktop (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64\nRed Hat Enterprise Linux HPC Node (v. 6) - x86_64\nRed Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64\nRed Hat Enterprise Linux Server (v. 6) - i386, ppc64, s390x, x86_64\nRed Hat Enterprise Linux Workstation (v. 6) - i386, x86_64\n\n3. Description:\n\nThe curl packages provide the libcurl library and the curl utility for\ndownloading files from servers using various protocols, including HTTP,\nFTP, and LDAP. \n\nIt was found that the libcurl library did not correctly handle partial\nliteral IP addresses when parsing received HTTP cookies. An attacker able\nto trick a user into connecting to a malicious server could use this flaw\nto set the user\u0027s cookie to a crafted domain, making other cookie-related\nissues easier to exploit. (CVE-2014-3613)\n\nA flaw was found in the way the libcurl library performed the duplication\nof connection handles. If an application set the CURLOPT_COPYPOSTFIELDS\noption for a handle, using the handle\u0027s duplicate could cause the\napplication to crash or disclose a portion of its memory. (CVE-2014-3707)\n\nIt was discovered that the libcurl library failed to properly handle URLs\nwith embedded end-of-line characters. An attacker able to make an\napplication using libcurl to access a specially crafted URL via an HTTP\nproxy could use this flaw to inject additional headers to the request or\nconstruct additional requests. (CVE-2014-8150)\n\nIt was discovered that libcurl implemented aspects of the NTLM and\nNegotatiate authentication incorrectly. If an application uses libcurl\nand the affected mechanisms in a specifc way, certain requests to a\npreviously NTLM-authenticated server could appears as sent by the wrong\nauthenticated user. Additionally, the initial set of credentials for HTTP\nNegotiate-authenticated requests could be reused in subsequent requests,\nalthough a different set of credentials was specified. (CVE-2015-3143,\nCVE-2015-3148)\n\nRed Hat would like to thank the cURL project for reporting these issues. \n\nBug fixes:\n\n* An out-of-protocol fallback to SSL version 3.0 (SSLv3.0) was available\nwith libcurl. Attackers could abuse the fallback to force downgrade of the\nSSL version. The fallback has been removed from libcurl. Users requiring\nthis functionality can explicitly enable SSLv3.0 through the libcurl API. \n(BZ#1154059)\n\n* A single upload transfer through the FILE protocol opened the destination\nfile twice. If the inotify kernel subsystem monitored the file, two events\nwere produced unnecessarily. The file is now opened only once per upload. \n(BZ#883002)\n\n* Utilities using libcurl for SCP/SFTP transfers could terminate\nunexpectedly when the system was running in FIPS mode. (BZ#1008178)\n\n* Using the \"--retry\" option with the curl utility could cause curl to\nterminate unexpectedly with a segmentation fault. Now, adding \"--retry\" no\nlonger causes curl to crash. (BZ#1009455)\n\n* The \"curl --trace-time\" command did not use the correct local time when\nprinting timestamps. Now, \"curl --trace-time\" works as expected. \n(BZ#1120196)\n\n* The valgrind utility could report dynamically allocated memory leaks on\ncurl exit. Now, curl performs a global shutdown of the NetScape Portable\nRuntime (NSPR) library on exit, and valgrind no longer reports the memory\nleaks. (BZ#1146528)\n\n* Previously, libcurl returned an incorrect value of the\nCURLINFO_HEADER_SIZE field when a proxy server appended its own headers to\nthe HTTP response. Now, the returned value is valid. (BZ#1161163)\n\nEnhancements:\n\n* The \"--tlsv1.0\", \"--tlsv1.1\", and \"--tlsv1.2\" options are available for\nspecifying the minor version of the TLS protocol to be negotiated by NSS. \nThe \"--tlsv1\" option now negotiates the highest version of the TLS protocol\nsupported by both the client and the server. (BZ#1012136)\n\n* It is now possible to explicitly enable or disable the ECC and the new\nAES cipher suites to be used for TLS. (BZ#1058767, BZ#1156422)\n\nAll curl users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues and add these\nenhancements. \n\n4. Solution:\n\nBefore applying this update, make sure all previously released errata\nrelevant to your system have been applied. \n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258\n\n5. Bugs fixed (https://bugzilla.redhat.com/):\n\n835898 - Bug in DNS cache causes connections until restart of libcurl-using processes\n883002 - curl used with file:// protocol opens and closes a destination file twice\n997185 - sendrecv.c example incorrect type for sockfd\n1008178 - curl scp download fails in fips mode\n1011083 - CA certificate cannot be specified by nickname [documentation bug]\n1011101 - manpage typos found using aspell\n1058767 - curl does not support ECDSA certificates\n1104160 - Link in curl man page is wrong\n1136154 - CVE-2014-3613 curl: incorrect handling of IP addresses in cookie domain\n1154059 - curl: Disable out-of-protocol fallback to SSL 3.0\n1154747 - NTLM: ignore CURLOPT_FORBID_REUSE during NTLM HTTP auth\n1154941 - CVE-2014-3707 curl: incorrect handle duplication after COPYPOSTFIELDS\n1156422 - curl does not allow explicit control of DHE ciphers\n1161163 - Response headers added by proxy servers missing in CURLINFO_HEADER_SIZE\n1168137 - curl closes connection after HEAD request fails\n1178692 - CVE-2014-8150 curl: URL request injection vulnerability in parseurlandfillconn()\n1213306 - CVE-2015-3143 curl: re-using authenticated connection when unauthenticated\n1213351 - CVE-2015-3148 curl: Negotiate not treated as connection-oriented\n\n6. Package List:\n\nRed Hat Enterprise Linux Desktop (v. 6):\n\nSource:\ncurl-7.19.7-46.el6.src.rpm\n\ni386:\ncurl-7.19.7-46.el6.i686.rpm\ncurl-debuginfo-7.19.7-46.el6.i686.rpm\nlibcurl-7.19.7-46.el6.i686.rpm\n\nx86_64:\ncurl-7.19.7-46.el6.x86_64.rpm\ncurl-debuginfo-7.19.7-46.el6.i686.rpm\ncurl-debuginfo-7.19.7-46.el6.x86_64.rpm\nlibcurl-7.19.7-46.el6.i686.rpm\nlibcurl-7.19.7-46.el6.x86_64.rpm\n\nRed Hat Enterprise Linux Desktop Optional (v. 6):\n\ni386:\ncurl-debuginfo-7.19.7-46.el6.i686.rpm\nlibcurl-devel-7.19.7-46.el6.i686.rpm\n\nx86_64:\ncurl-debuginfo-7.19.7-46.el6.i686.rpm\ncurl-debuginfo-7.19.7-46.el6.x86_64.rpm\nlibcurl-devel-7.19.7-46.el6.i686.rpm\nlibcurl-devel-7.19.7-46.el6.x86_64.rpm\n\nRed Hat Enterprise Linux HPC Node (v. 6):\n\nSource:\ncurl-7.19.7-46.el6.src.rpm\n\nx86_64:\ncurl-7.19.7-46.el6.x86_64.rpm\ncurl-debuginfo-7.19.7-46.el6.i686.rpm\ncurl-debuginfo-7.19.7-46.el6.x86_64.rpm\nlibcurl-7.19.7-46.el6.i686.rpm\nlibcurl-7.19.7-46.el6.x86_64.rpm\n\nRed Hat Enterprise Linux HPC Node Optional (v. 6):\n\nx86_64:\ncurl-debuginfo-7.19.7-46.el6.i686.rpm\ncurl-debuginfo-7.19.7-46.el6.x86_64.rpm\nlibcurl-devel-7.19.7-46.el6.i686.rpm\nlibcurl-devel-7.19.7-46.el6.x86_64.rpm\n\nRed Hat Enterprise Linux Server (v. 6):\n\nSource:\ncurl-7.19.7-46.el6.src.rpm\n\ni386:\ncurl-7.19.7-46.el6.i686.rpm\ncurl-debuginfo-7.19.7-46.el6.i686.rpm\nlibcurl-7.19.7-46.el6.i686.rpm\nlibcurl-devel-7.19.7-46.el6.i686.rpm\n\nppc64:\ncurl-7.19.7-46.el6.ppc64.rpm\ncurl-debuginfo-7.19.7-46.el6.ppc.rpm\ncurl-debuginfo-7.19.7-46.el6.ppc64.rpm\nlibcurl-7.19.7-46.el6.ppc.rpm\nlibcurl-7.19.7-46.el6.ppc64.rpm\nlibcurl-devel-7.19.7-46.el6.ppc.rpm\nlibcurl-devel-7.19.7-46.el6.ppc64.rpm\n\ns390x:\ncurl-7.19.7-46.el6.s390x.rpm\ncurl-debuginfo-7.19.7-46.el6.s390.rpm\ncurl-debuginfo-7.19.7-46.el6.s390x.rpm\nlibcurl-7.19.7-46.el6.s390.rpm\nlibcurl-7.19.7-46.el6.s390x.rpm\nlibcurl-devel-7.19.7-46.el6.s390.rpm\nlibcurl-devel-7.19.7-46.el6.s390x.rpm\n\nx86_64:\ncurl-7.19.7-46.el6.x86_64.rpm\ncurl-debuginfo-7.19.7-46.el6.i686.rpm\ncurl-debuginfo-7.19.7-46.el6.x86_64.rpm\nlibcurl-7.19.7-46.el6.i686.rpm\nlibcurl-7.19.7-46.el6.x86_64.rpm\nlibcurl-devel-7.19.7-46.el6.i686.rpm\nlibcurl-devel-7.19.7-46.el6.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation (v. 6):\n\nSource:\ncurl-7.19.7-46.el6.src.rpm\n\ni386:\ncurl-7.19.7-46.el6.i686.rpm\ncurl-debuginfo-7.19.7-46.el6.i686.rpm\nlibcurl-7.19.7-46.el6.i686.rpm\nlibcurl-devel-7.19.7-46.el6.i686.rpm\n\nx86_64:\ncurl-7.19.7-46.el6.x86_64.rpm\ncurl-debuginfo-7.19.7-46.el6.i686.rpm\ncurl-debuginfo-7.19.7-46.el6.x86_64.rpm\nlibcurl-7.19.7-46.el6.i686.rpm\nlibcurl-7.19.7-46.el6.x86_64.rpm\nlibcurl-devel-7.19.7-46.el6.i686.rpm\nlibcurl-devel-7.19.7-46.el6.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2014-3613\nhttps://access.redhat.com/security/cve/CVE-2014-3707\nhttps://access.redhat.com/security/cve/CVE-2014-8150\nhttps://access.redhat.com/security/cve/CVE-2015-3143\nhttps://access.redhat.com/security/cve/CVE-2015-3148\nhttps://access.redhat.com/security/updates/classification/#moderate\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2014 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niD8DBQFVrzSJXlSAg2UNWIIRAnEiAJ9xqOogsAzooomZ4VeMgA+gUwEuTwCfTzMn\nemWApg/iYw5vIs3rWoqmU7A=\n=p+Xb\n-----END PGP SIGNATURE-----\n\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n. \n\nFor the stable distribution (wheezy), these problems have been fixed in\nversion 7.26.0-1+wheezy10. \n\nFor the testing distribution (jessie), these problems have been fixed in\nversion 7.38.0-1. \n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 7.38.0-1. \n\nWe recommend that you upgrade your curl packages",
"sources": [
{
"db": "NVD",
"id": "CVE-2014-3613"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005511"
},
{
"db": "BID",
"id": "69748"
},
{
"db": "VULHUB",
"id": "VHN-71553"
},
{
"db": "VULMON",
"id": "CVE-2014-3613"
},
{
"db": "PACKETSTORM",
"id": "134443"
},
{
"db": "PACKETSTORM",
"id": "131105"
},
{
"db": "PACKETSTORM",
"id": "132792"
},
{
"db": "PACKETSTORM",
"id": "128403"
},
{
"db": "PACKETSTORM",
"id": "128204"
}
],
"trust": 2.52
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-71553",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-71553"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2014-3613",
"trust": 3.4
},
{
"db": "BID",
"id": "69748",
"trust": 2.1
},
{
"db": "JUNIPER",
"id": "JSA10743",
"trust": 1.2
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005511",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201410-1276",
"trust": 0.7
},
{
"db": "SECUNIA",
"id": "61077",
"trust": 0.6
},
{
"db": "SECUNIA",
"id": "61591",
"trust": 0.6
},
{
"db": "SECUNIA",
"id": "61026",
"trust": 0.6
},
{
"db": "SECUNIA",
"id": "60411",
"trust": 0.6
},
{
"db": "SECUNIA",
"id": "61239",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "134443",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "128403",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "132792",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "128204",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "128244",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-71553",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2014-3613",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "131105",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-71553"
},
{
"db": "VULMON",
"id": "CVE-2014-3613"
},
{
"db": "BID",
"id": "69748"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005511"
},
{
"db": "PACKETSTORM",
"id": "134443"
},
{
"db": "PACKETSTORM",
"id": "131105"
},
{
"db": "PACKETSTORM",
"id": "132792"
},
{
"db": "PACKETSTORM",
"id": "128403"
},
{
"db": "PACKETSTORM",
"id": "128204"
},
{
"db": "CNNVD",
"id": "CNNVD-201410-1276"
},
{
"db": "NVD",
"id": "CVE-2014-3613"
}
]
},
"id": "VAR-201411-0410",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-71553"
}
],
"trust": 0.01
},
"last_update_date": "2024-11-29T21:41:20.617000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APPLE-SA-2015-08-13-2 OS X Yosemite v10.10.5 and Security Update 2015-006",
"trust": 0.8,
"url": "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html"
},
{
"title": "HT205031",
"trust": 0.8,
"url": "https://support.apple.com/en-us/HT205031"
},
{
"title": "HT205031",
"trust": 0.8,
"url": "https://support.apple.com/ja-jp/HT205031"
},
{
"title": "Oracle Critical Patch Update Advisory - July 2015",
"trust": 0.8,
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html"
},
{
"title": "Text Form of Oracle Critical Patch Update - July 2015 Risk Matrices",
"trust": 0.8,
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2015verbose-2367947.html"
},
{
"title": "libcurl cookie leak with IP address as domain",
"trust": 0.8,
"url": "http://curl.haxx.se/docs/adv_20140910A.html"
},
{
"title": "July 2015 Critical Patch Update Released",
"trust": 0.8,
"url": "https://blogs.oracle.com/security/entry/july_2015_critical_patch_update"
},
{
"title": "Red Hat: Moderate: curl security, bug fix, and enhancement update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20152159 - Security Advisory"
},
{
"title": "Ubuntu Security Notice: curl vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-2346-1"
},
{
"title": "Debian Security Advisories: DSA-3022-1 curl -- security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=35cc15eaec0478affc20cf6c42bfcea2"
},
{
"title": "Red Hat: CVE-2014-3613",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database\u0026qid=CVE-2014-3613"
},
{
"title": "Amazon Linux AMI: ALAS-2014-407",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami\u0026qid=ALAS-2014-407"
},
{
"title": "Apple: OS X Yosemite v10.10.5 and Security Update 2015-006",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories\u0026qid=9834d0d73bf28fb80d3390930bafd906"
},
{
"title": "Oracle Linux Bulletins: Oracle Linux Bulletin - October 2015",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_linux_bulletins\u0026qid=435ed9abc2fb1e74ce2a69605a01e326"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - October 2017",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=523d3f220a64ff01dd95e064bd37566a"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - July 2015",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=459961024c4bdce7bb3a1a40a65a6f2e"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2014-3613"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005511"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-310",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-71553"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005511"
},
{
"db": "NVD",
"id": "CVE-2014-3613"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.8,
"url": "http://www.securityfocus.com/bid/69748"
},
{
"trust": 1.8,
"url": "http://curl.haxx.se/docs/adv_20140910a.html"
},
{
"trust": 1.8,
"url": "http://www.debian.org/security/2014/dsa-3022"
},
{
"trust": 1.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00024.html"
},
{
"trust": 1.3,
"url": "http://rhn.redhat.com/errata/rhsa-2015-1254.html"
},
{
"trust": 1.2,
"url": "http://lists.apple.com/archives/security-announce/2015/aug/msg00001.html"
},
{
"trust": 1.2,
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html"
},
{
"trust": 1.2,
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html"
},
{
"trust": 1.2,
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html"
},
{
"trust": 1.2,
"url": "https://support.apple.com/kb/ht205031"
},
{
"trust": 1.1,
"url": "http://kb.juniper.net/infocenter/index?page=content\u0026id=jsa10743"
},
{
"trust": 1.0,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-3613"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-3613"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/60411"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/61026"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/61077"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/61239"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/61591"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3613"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2014-3613"
},
{
"trust": 0.3,
"url": "http://curl.haxx.se/"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-8150"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3707"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3620"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2015-3143"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-3148"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2014-3707"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-3143"
},
{
"trust": 0.2,
"url": "https://bugzilla.redhat.com/):"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/team/key/"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2015-3148"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/articles/11258"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2014-8150"
},
{
"trust": 0.2,
"url": "http://advisories.mageia.org/mgasa-2014-0385.html"
},
{
"trust": 0.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-3620"
},
{
"trust": 0.2,
"url": "http://www.mandriva.com/en/support/security/"
},
{
"trust": 0.2,
"url": "http://www.mandriva.com/en/support/security/advisories/"
},
{
"trust": 0.2,
"url": "http://www.debian.org/security/"
},
{
"trust": 0.1,
"url": "http://kb.juniper.net/infocenter/index?page=content\u0026amp;id=jsa10743"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/310.html"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2015:2159"
},
{
"trust": 0.1,
"url": "http://tools.cisco.com/security/center/viewalert.x?alertid=37164"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://usn.ubuntu.com/2346-1/"
},
{
"trust": 0.1,
"url": "https://rhn.redhat.com/errata/rhsa-2015-2159.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-0015"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-0015"
},
{
"trust": 0.1,
"url": "http://advisories.mageia.org/mgasa-2015-0020.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-0138"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-0139"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-8150"
},
{
"trust": 0.1,
"url": "http://advisories.mageia.org/mgasa-2014-0444.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-0139"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-0138"
},
{
"trust": 0.1,
"url": "http://advisories.mageia.org/mgasa-2014-0153.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-3707"
},
{
"trust": 0.1,
"url": "http://www.debian.org/security/faq"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-71553"
},
{
"db": "VULMON",
"id": "CVE-2014-3613"
},
{
"db": "BID",
"id": "69748"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005511"
},
{
"db": "PACKETSTORM",
"id": "134443"
},
{
"db": "PACKETSTORM",
"id": "131105"
},
{
"db": "PACKETSTORM",
"id": "132792"
},
{
"db": "PACKETSTORM",
"id": "128403"
},
{
"db": "PACKETSTORM",
"id": "128204"
},
{
"db": "CNNVD",
"id": "CNNVD-201410-1276"
},
{
"db": "NVD",
"id": "CVE-2014-3613"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-71553"
},
{
"db": "VULMON",
"id": "CVE-2014-3613"
},
{
"db": "BID",
"id": "69748"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005511"
},
{
"db": "PACKETSTORM",
"id": "134443"
},
{
"db": "PACKETSTORM",
"id": "131105"
},
{
"db": "PACKETSTORM",
"id": "132792"
},
{
"db": "PACKETSTORM",
"id": "128403"
},
{
"db": "PACKETSTORM",
"id": "128204"
},
{
"db": "CNNVD",
"id": "CNNVD-201410-1276"
},
{
"db": "NVD",
"id": "CVE-2014-3613"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-11-18T00:00:00",
"db": "VULHUB",
"id": "VHN-71553"
},
{
"date": "2014-11-18T00:00:00",
"db": "VULMON",
"id": "CVE-2014-3613"
},
{
"date": "2014-09-11T00:00:00",
"db": "BID",
"id": "69748"
},
{
"date": "2014-11-19T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-005511"
},
{
"date": "2015-11-20T00:41:15",
"db": "PACKETSTORM",
"id": "134443"
},
{
"date": "2015-03-30T21:28:34",
"db": "PACKETSTORM",
"id": "131105"
},
{
"date": "2015-07-22T17:57:59",
"db": "PACKETSTORM",
"id": "132792"
},
{
"date": "2014-09-25T15:14:15",
"db": "PACKETSTORM",
"id": "128403"
},
{
"date": "2014-09-11T21:05:15",
"db": "PACKETSTORM",
"id": "128204"
},
{
"date": "2014-09-11T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201410-1276"
},
{
"date": "2014-11-18T15:59:00.140000",
"db": "NVD",
"id": "CVE-2014-3613"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-01-05T00:00:00",
"db": "VULHUB",
"id": "VHN-71553"
},
{
"date": "2018-01-05T00:00:00",
"db": "VULMON",
"id": "CVE-2014-3613"
},
{
"date": "2016-07-05T22:09:00",
"db": "BID",
"id": "69748"
},
{
"date": "2015-08-31T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-005511"
},
{
"date": "2014-11-19T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201410-1276"
},
{
"date": "2024-11-21T02:08:30.313000",
"db": "NVD",
"id": "CVE-2014-3613"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201410-1276"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "cURL and libcurl In Cookie Vulnerability set",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-005511"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "encryption problem",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201410-1276"
}
],
"trust": 0.6
}
}
wid-sec-w-2023-1653
Vulnerability from csaf_certbund
Published
2014-09-10 22:00
Modified
2023-07-04 22:00
Summary
cURL: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
cURL ist eine Client-Software, die das Austauschen von Dateien mittels mehrerer Protokolle wie z. B. HTTP oder FTP erlaubt.
Angriff
Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in cURL ausnutzen, um Informationen offenzulegen oder zu manipulieren.
Betroffene Betriebssysteme
- Linux
{
"document": {
"aggregate_severity": {
"text": "mittel"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "cURL ist eine Client-Software, die das Austauschen von Dateien mittels mehrerer Protokolle wie z. B. HTTP oder FTP erlaubt.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in cURL ausnutzen, um Informationen offenzulegen oder zu manipulieren.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Linux",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2023-1653 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2014/wid-sec-w-2023-1653.json"
},
{
"category": "self",
"summary": "WID-SEC-2023-1653 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-1653"
},
{
"category": "external",
"summary": "Security update for Dell NetWorker",
"url": "https://www.dell.com/support/kbdoc/de-de/000215497/dsa-2023-233-security-update-for-dell-networker-curl-7-51-0"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-2346-1 vom 2014-09-15",
"url": "http://www.ubuntu.com/usn/usn-2346-1/"
},
{
"category": "external",
"summary": "Project cURL Security Advisory adv_20140910A vom 2014-09-10",
"url": "http://curl.haxx.se/docs/adv_20140910A.html"
},
{
"category": "external",
"summary": "Project cURL Security Advisory adv_20140910B vom 2014-09-10",
"url": "http://curl.haxx.se/docs/adv_20140910B.html"
},
{
"category": "external",
"summary": "Mandriva Security Advisory MDVSA-2014:187 vom 2014-09-25",
"url": "http://www.mandriva.com/de/support/security/advisories/advisory/MDVSA-2014%3A187/"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2015:1254-2 vom 2015-07-22",
"url": "https://rhn.redhat.com/errata/RHSA-2015-1254.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2015:2159 vom 2015-11-19",
"url": "https://rhn.redhat.com/errata/RHSA-2015-2159.html"
},
{
"category": "external",
"summary": "Juniper Security Bulletin JSA10743 vom 2016-04-13",
"url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10743"
},
{
"category": "external",
"summary": "F5 Security Advisory SOL85307687 vom 2016-11-16",
"url": "https://support.f5.com/kb/en-us/solutions/public/k/85/sol85307687.html"
},
{
"category": "external",
"summary": "Juniper Security Bulletin: JSA10874",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10874\u0026actp=RSS"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2019-4652 vom 2019-05-21",
"url": "http://linux.oracle.com/errata/ELSA-2019-4652.html"
}
],
"source_lang": "en-US",
"title": "cURL: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2023-07-04T22:00:00.000+00:00",
"generator": {
"date": "2024-08-15T17:54:14.694+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.5"
}
},
"id": "WID-SEC-W-2023-1653",
"initial_release_date": "2014-09-10T22:00:00.000+00:00",
"revision_history": [
{
"date": "2014-09-10T22:00:00.000+00:00",
"number": "1",
"summary": "Initial Release"
},
{
"date": "2014-09-10T22:00:00.000+00:00",
"number": "2",
"summary": "Version nicht vorhanden"
},
{
"date": "2014-09-15T22:00:00.000+00:00",
"number": "3",
"summary": "New remediations available"
},
{
"date": "2014-09-25T22:00:00.000+00:00",
"number": "4",
"summary": "New remediations available"
},
{
"date": "2015-07-22T22:00:00.000+00:00",
"number": "5",
"summary": "New remediations available"
},
{
"date": "2015-07-22T22:00:00.000+00:00",
"number": "6",
"summary": "Version nicht vorhanden"
},
{
"date": "2015-11-19T23:00:00.000+00:00",
"number": "7",
"summary": "New remediations available"
},
{
"date": "2015-11-19T23:00:00.000+00:00",
"number": "8",
"summary": "Version nicht vorhanden"
},
{
"date": "2016-04-13T22:00:00.000+00:00",
"number": "9",
"summary": "New remediations available"
},
{
"date": "2016-04-13T22:00:00.000+00:00",
"number": "10",
"summary": "Version nicht vorhanden"
},
{
"date": "2016-04-13T22:00:00.000+00:00",
"number": "11",
"summary": "Version nicht vorhanden"
},
{
"date": "2016-11-16T23:00:00.000+00:00",
"number": "12",
"summary": "New remediations available"
},
{
"date": "2016-11-16T23:00:00.000+00:00",
"number": "13",
"summary": "Version nicht vorhanden"
},
{
"date": "2018-07-31T22:00:00.000+00:00",
"number": "14",
"summary": "New remediations available"
},
{
"date": "2019-05-21T22:00:00.000+00:00",
"number": "15",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2023-07-04T22:00:00.000+00:00",
"number": "16",
"summary": "Neue Updates von Dell aufgenommen"
}
],
"status": "final",
"version": "16"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Dell NetWorker \u003c 19.9.0.1",
"product": {
"name": "Dell NetWorker \u003c 19.9.0.1",
"product_id": "T028404",
"product_identification_helper": {
"cpe": "cpe:/a:dell:networker:19.9.0.1"
}
}
}
],
"category": "vendor",
"name": "Dell"
},
{
"branches": [
{
"category": "product_name",
"name": "F5 ARX",
"product": {
"name": "F5 ARX",
"product_id": "T008306",
"product_identification_helper": {
"cpe": "cpe:/a:f5:arx:6.2.0_-_6.4.0"
}
}
}
],
"category": "vendor",
"name": "F5"
},
{
"branches": [
{
"category": "product_name",
"name": "Juniper JUNOS",
"product": {
"name": "Juniper JUNOS",
"product_id": "5930",
"product_identification_helper": {
"cpe": "cpe:/o:juniper:junos:-"
}
}
}
],
"category": "vendor",
"name": "Juniper"
},
{
"branches": [
{
"category": "product_name",
"name": "Open Source cURL \u003c 7.38",
"product": {
"name": "Open Source cURL \u003c 7.38",
"product_id": "T003762",
"product_identification_helper": {
"cpe": "cpe:/a:curl:curl:7.38"
}
}
}
],
"category": "vendor",
"name": "Open Source"
},
{
"branches": [
{
"category": "product_name",
"name": "Oracle Linux",
"product": {
"name": "Oracle Linux",
"product_id": "T004914",
"product_identification_helper": {
"cpe": "cpe:/o:oracle:linux:-"
}
}
}
],
"category": "vendor",
"name": "Oracle"
},
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux",
"product": {
"name": "Red Hat Enterprise Linux",
"product_id": "67646",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:-"
}
}
}
],
"category": "vendor",
"name": "Red Hat"
},
{
"branches": [
{
"category": "product_name",
"name": "Ubuntu Linux",
"product": {
"name": "Ubuntu Linux",
"product_id": "T000126",
"product_identification_helper": {
"cpe": "cpe:/o:canonical:ubuntu_linux:-"
}
}
}
],
"category": "vendor",
"name": "Ubuntu"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2014-3613",
"notes": [
{
"category": "description",
"text": "Es existiert eine Information Disclosure Schwachstelle in cURL. Ein Fehler bei der Verarbeitung von bestimmten IP Adressen w\u00e4hrend des Parsens von empfangenen HTTP-Cookies kann von einem Angreifer ausgenutzt werden um ansonsten unzug\u00e4ngliche Cookies auszulesen."
}
],
"product_status": {
"known_affected": [
"67646",
"T000126",
"T008306",
"T028404",
"5930",
"T004914"
]
},
"release_date": "2014-09-10T22:00:00.000+00:00",
"title": "CVE-2014-3613"
},
{
"cve": "CVE-2014-3620",
"notes": [
{
"category": "description",
"text": "Es existiert eine Schwachstelle in cURL. Diese Schwachstelle wird durch ein fehlerhaftes Parsen von empfangenen HTTP Cookies verursacht. In der Folge kann diese Schwachstelle ausgenutzt werden, um Cookies f\u00fcr Top-Level-Domains zu setzen."
}
],
"product_status": {
"known_affected": [
"67646",
"T000126",
"T028404",
"5930",
"T004914"
]
},
"release_date": "2014-09-10T22:00:00.000+00:00",
"title": "CVE-2014-3620"
}
]
}
rhsa-2015_2159
Vulnerability from csaf_redhat
Published
2015-11-19 03:26
Modified
2024-11-22 08:47
Summary
Red Hat Security Advisory: curl security, bug fix, and enhancement update
Notes
Topic
Updated curl packages that fix multiple security issues, several bugs, and
add two enhancements are now available for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having Moderate security
impact. Common Vulnerability Scoring System (CVSS) base scores, which give
detailed severity ratings, are available for each vulnerability from the
CVE links in the References section.
Details
The curl packages provide the libcurl library and the curl utility for
downloading files from servers using various protocols, including HTTP,
FTP, and LDAP.
It was found that the libcurl library did not correctly handle partial
literal IP addresses when parsing received HTTP cookies. An attacker able
to trick a user into connecting to a malicious server could use this flaw
to set the user's cookie to a crafted domain, making other cookie-related
issues easier to exploit. (CVE-2014-3613)
A flaw was found in the way the libcurl library performed the duplication
of connection handles. If an application set the CURLOPT_COPYPOSTFIELDS
option for a handle, using the handle's duplicate could cause the
application to crash or disclose a portion of its memory. (CVE-2014-3707)
It was discovered that the libcurl library failed to properly handle URLs
with embedded end-of-line characters. An attacker able to make an
application using libcurl access a specially crafted URL via an HTTP proxy
could use this flaw to inject additional headers to the request or
construct additional requests. (CVE-2014-8150)
It was discovered that libcurl implemented aspects of the NTLM and
Negotatiate authentication incorrectly. If an application uses libcurl
and the affected mechanisms in a specifc way, certain requests to a
previously NTLM-authenticated server could appears as sent by the wrong
authenticated user. Additionally, the initial set of credentials for HTTP
Negotiate-authenticated requests could be reused in subsequent requests,
although a different set of credentials was specified. (CVE-2015-3143,
CVE-2015-3148)
Red Hat would like to thank the cURL project for reporting these issues.
Bug fixes:
* An out-of-protocol fallback to SSL 3.0 was available with libcurl.
Attackers could abuse the fallback to force downgrade of the SSL version.
The fallback has been removed from libcurl. Users requiring this
functionality can explicitly enable SSL 3.0 through the libcurl API.
(BZ#1154060)
* TLS 1.1 and TLS 1.2 are no longer disabled by default in libcurl. You can
explicitly disable them through the libcurl API. (BZ#1170339)
* FTP operations such as downloading files took a significantly long time
to complete. Now, the FTP implementation in libcurl correctly sets blocking
direction and estimated timeout for connections, resulting in faster FTP
transfers. (BZ#1218272)
Enhancements:
* With the updated packages, it is possible to explicitly enable or disable
new Advanced Encryption Standard (AES) cipher suites to be used for the TLS
protocol. (BZ#1066065)
* The libcurl library did not implement a non-blocking SSL handshake, which
negatively affected performance of applications based on the libcurl multi
API. The non-blocking SSL handshake has been implemented in libcurl, and
the libcurl multi API now immediately returns the control back to the
application whenever it cannot read or write data from or to the underlying
network socket. (BZ#1091429)
* The libcurl library used an unnecessarily long blocking delay for actions
with no active file descriptors, even for short operations. Some actions,
such as resolving a host name using /etc/hosts, took a long time to
complete. The blocking code in libcurl has been modified so that the
initial delay is short and gradually increases until an event occurs.
(BZ#1130239)
All curl users are advised to upgrade to these updated packages, which
contain backported patches to correct these issues and add these
enhancements.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated curl packages that fix multiple security issues, several bugs, and\nadd two enhancements are now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having Moderate security\nimpact. Common Vulnerability Scoring System (CVSS) base scores, which give\ndetailed severity ratings, are available for each vulnerability from the\nCVE links in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The curl packages provide the libcurl library and the curl utility for\ndownloading files from servers using various protocols, including HTTP,\nFTP, and LDAP.\n\nIt was found that the libcurl library did not correctly handle partial\nliteral IP addresses when parsing received HTTP cookies. An attacker able\nto trick a user into connecting to a malicious server could use this flaw\nto set the user\u0027s cookie to a crafted domain, making other cookie-related\nissues easier to exploit. (CVE-2014-3613)\n\nA flaw was found in the way the libcurl library performed the duplication\nof connection handles. If an application set the CURLOPT_COPYPOSTFIELDS\noption for a handle, using the handle\u0027s duplicate could cause the\napplication to crash or disclose a portion of its memory. (CVE-2014-3707)\n\nIt was discovered that the libcurl library failed to properly handle URLs\nwith embedded end-of-line characters. An attacker able to make an\napplication using libcurl access a specially crafted URL via an HTTP proxy\ncould use this flaw to inject additional headers to the request or\nconstruct additional requests. (CVE-2014-8150)\n\nIt was discovered that libcurl implemented aspects of the NTLM and\nNegotatiate authentication incorrectly. If an application uses libcurl\nand the affected mechanisms in a specifc way, certain requests to a\npreviously NTLM-authenticated server could appears as sent by the wrong\nauthenticated user. Additionally, the initial set of credentials for HTTP\nNegotiate-authenticated requests could be reused in subsequent requests,\nalthough a different set of credentials was specified. (CVE-2015-3143,\nCVE-2015-3148)\n\nRed Hat would like to thank the cURL project for reporting these issues.\n\nBug fixes:\n\n* An out-of-protocol fallback to SSL 3.0 was available with libcurl.\nAttackers could abuse the fallback to force downgrade of the SSL version.\nThe fallback has been removed from libcurl. Users requiring this\nfunctionality can explicitly enable SSL 3.0 through the libcurl API.\n(BZ#1154060)\n\n* TLS 1.1 and TLS 1.2 are no longer disabled by default in libcurl. You can\nexplicitly disable them through the libcurl API. (BZ#1170339)\n\n* FTP operations such as downloading files took a significantly long time\nto complete. Now, the FTP implementation in libcurl correctly sets blocking\ndirection and estimated timeout for connections, resulting in faster FTP\ntransfers. (BZ#1218272)\n\nEnhancements:\n\n* With the updated packages, it is possible to explicitly enable or disable\nnew Advanced Encryption Standard (AES) cipher suites to be used for the TLS\nprotocol. (BZ#1066065)\n\n* The libcurl library did not implement a non-blocking SSL handshake, which\nnegatively affected performance of applications based on the libcurl multi\nAPI. The non-blocking SSL handshake has been implemented in libcurl, and\nthe libcurl multi API now immediately returns the control back to the\napplication whenever it cannot read or write data from or to the underlying\nnetwork socket. (BZ#1091429)\n\n* The libcurl library used an unnecessarily long blocking delay for actions\nwith no active file descriptors, even for short operations. Some actions,\nsuch as resolving a host name using /etc/hosts, took a long time to\ncomplete. The blocking code in libcurl has been modified so that the\ninitial delay is short and gradually increases until an event occurs.\n(BZ#1130239)\n\nAll curl users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues and add these\nenhancements.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2015:2159",
"url": "https://access.redhat.com/errata/RHSA-2015:2159"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "1130239",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1130239"
},
{
"category": "external",
"summary": "1136154",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1136154"
},
{
"category": "external",
"summary": "1154060",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1154060"
},
{
"category": "external",
"summary": "1154941",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1154941"
},
{
"category": "external",
"summary": "1161182",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1161182"
},
{
"category": "external",
"summary": "1166264",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1166264"
},
{
"category": "external",
"summary": "1170339",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1170339"
},
{
"category": "external",
"summary": "1178692",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1178692"
},
{
"category": "external",
"summary": "1213306",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1213306"
},
{
"category": "external",
"summary": "1213351",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1213351"
},
{
"category": "external",
"summary": "1218272",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1218272"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2015/rhsa-2015_2159.json"
}
],
"title": "Red Hat Security Advisory: curl security, bug fix, and enhancement update",
"tracking": {
"current_release_date": "2024-11-22T08:47:38+00:00",
"generator": {
"date": "2024-11-22T08:47:38+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.1"
}
},
"id": "RHSA-2015:2159",
"initial_release_date": "2015-11-19T03:26:18+00:00",
"revision_history": [
{
"date": "2015-11-19T03:26:18+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2015-11-19T03:26:18+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-22T08:47:38+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Client (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:7::client"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Client Optional (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:7::client"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux ComputeNode (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:7::computenode"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:7::computenode"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Server (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:7::server"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Workstation (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:7::workstation"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "curl-debuginfo-0:7.29.0-25.el7.x86_64",
"product": {
"name": "curl-debuginfo-0:7.29.0-25.el7.x86_64",
"product_id": "curl-debuginfo-0:7.29.0-25.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/curl-debuginfo@7.29.0-25.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "libcurl-devel-0:7.29.0-25.el7.x86_64",
"product": {
"name": "libcurl-devel-0:7.29.0-25.el7.x86_64",
"product_id": "libcurl-devel-0:7.29.0-25.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libcurl-devel@7.29.0-25.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "curl-0:7.29.0-25.el7.x86_64",
"product": {
"name": "curl-0:7.29.0-25.el7.x86_64",
"product_id": "curl-0:7.29.0-25.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/curl@7.29.0-25.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "libcurl-0:7.29.0-25.el7.x86_64",
"product": {
"name": "libcurl-0:7.29.0-25.el7.x86_64",
"product_id": "libcurl-0:7.29.0-25.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libcurl@7.29.0-25.el7?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "libcurl-devel-0:7.29.0-25.el7.i686",
"product": {
"name": "libcurl-devel-0:7.29.0-25.el7.i686",
"product_id": "libcurl-devel-0:7.29.0-25.el7.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libcurl-devel@7.29.0-25.el7?arch=i686"
}
}
},
{
"category": "product_version",
"name": "curl-debuginfo-0:7.29.0-25.el7.i686",
"product": {
"name": "curl-debuginfo-0:7.29.0-25.el7.i686",
"product_id": "curl-debuginfo-0:7.29.0-25.el7.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/curl-debuginfo@7.29.0-25.el7?arch=i686"
}
}
},
{
"category": "product_version",
"name": "libcurl-0:7.29.0-25.el7.i686",
"product": {
"name": "libcurl-0:7.29.0-25.el7.i686",
"product_id": "libcurl-0:7.29.0-25.el7.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libcurl@7.29.0-25.el7?arch=i686"
}
}
}
],
"category": "architecture",
"name": "i686"
},
{
"branches": [
{
"category": "product_version",
"name": "curl-0:7.29.0-25.el7.src",
"product": {
"name": "curl-0:7.29.0-25.el7.src",
"product_id": "curl-0:7.29.0-25.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/curl@7.29.0-25.el7?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "libcurl-devel-0:7.29.0-25.el7.ppc64",
"product": {
"name": "libcurl-devel-0:7.29.0-25.el7.ppc64",
"product_id": "libcurl-devel-0:7.29.0-25.el7.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libcurl-devel@7.29.0-25.el7?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "curl-debuginfo-0:7.29.0-25.el7.ppc64",
"product": {
"name": "curl-debuginfo-0:7.29.0-25.el7.ppc64",
"product_id": "curl-debuginfo-0:7.29.0-25.el7.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/curl-debuginfo@7.29.0-25.el7?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "curl-0:7.29.0-25.el7.ppc64",
"product": {
"name": "curl-0:7.29.0-25.el7.ppc64",
"product_id": "curl-0:7.29.0-25.el7.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/curl@7.29.0-25.el7?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "libcurl-0:7.29.0-25.el7.ppc64",
"product": {
"name": "libcurl-0:7.29.0-25.el7.ppc64",
"product_id": "libcurl-0:7.29.0-25.el7.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libcurl@7.29.0-25.el7?arch=ppc64"
}
}
}
],
"category": "architecture",
"name": "ppc64"
},
{
"branches": [
{
"category": "product_version",
"name": "libcurl-0:7.29.0-25.el7.ppc",
"product": {
"name": "libcurl-0:7.29.0-25.el7.ppc",
"product_id": "libcurl-0:7.29.0-25.el7.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libcurl@7.29.0-25.el7?arch=ppc"
}
}
},
{
"category": "product_version",
"name": "curl-debuginfo-0:7.29.0-25.el7.ppc",
"product": {
"name": "curl-debuginfo-0:7.29.0-25.el7.ppc",
"product_id": "curl-debuginfo-0:7.29.0-25.el7.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/curl-debuginfo@7.29.0-25.el7?arch=ppc"
}
}
},
{
"category": "product_version",
"name": "libcurl-devel-0:7.29.0-25.el7.ppc",
"product": {
"name": "libcurl-devel-0:7.29.0-25.el7.ppc",
"product_id": "libcurl-devel-0:7.29.0-25.el7.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libcurl-devel@7.29.0-25.el7?arch=ppc"
}
}
}
],
"category": "architecture",
"name": "ppc"
},
{
"branches": [
{
"category": "product_version",
"name": "libcurl-devel-0:7.29.0-25.el7.s390x",
"product": {
"name": "libcurl-devel-0:7.29.0-25.el7.s390x",
"product_id": "libcurl-devel-0:7.29.0-25.el7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libcurl-devel@7.29.0-25.el7?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "libcurl-0:7.29.0-25.el7.s390x",
"product": {
"name": "libcurl-0:7.29.0-25.el7.s390x",
"product_id": "libcurl-0:7.29.0-25.el7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libcurl@7.29.0-25.el7?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "curl-debuginfo-0:7.29.0-25.el7.s390x",
"product": {
"name": "curl-debuginfo-0:7.29.0-25.el7.s390x",
"product_id": "curl-debuginfo-0:7.29.0-25.el7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/curl-debuginfo@7.29.0-25.el7?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "curl-0:7.29.0-25.el7.s390x",
"product": {
"name": "curl-0:7.29.0-25.el7.s390x",
"product_id": "curl-0:7.29.0-25.el7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/curl@7.29.0-25.el7?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "libcurl-devel-0:7.29.0-25.el7.s390",
"product": {
"name": "libcurl-devel-0:7.29.0-25.el7.s390",
"product_id": "libcurl-devel-0:7.29.0-25.el7.s390",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libcurl-devel@7.29.0-25.el7?arch=s390"
}
}
},
{
"category": "product_version",
"name": "curl-debuginfo-0:7.29.0-25.el7.s390",
"product": {
"name": "curl-debuginfo-0:7.29.0-25.el7.s390",
"product_id": "curl-debuginfo-0:7.29.0-25.el7.s390",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/curl-debuginfo@7.29.0-25.el7?arch=s390"
}
}
},
{
"category": "product_version",
"name": "libcurl-0:7.29.0-25.el7.s390",
"product": {
"name": "libcurl-0:7.29.0-25.el7.s390",
"product_id": "libcurl-0:7.29.0-25.el7.s390",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libcurl@7.29.0-25.el7?arch=s390"
}
}
}
],
"category": "architecture",
"name": "s390"
},
{
"branches": [
{
"category": "product_version",
"name": "libcurl-devel-0:7.29.0-25.el7.ppc64le",
"product": {
"name": "libcurl-devel-0:7.29.0-25.el7.ppc64le",
"product_id": "libcurl-devel-0:7.29.0-25.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libcurl-devel@7.29.0-25.el7?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "libcurl-0:7.29.0-25.el7.ppc64le",
"product": {
"name": "libcurl-0:7.29.0-25.el7.ppc64le",
"product_id": "libcurl-0:7.29.0-25.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libcurl@7.29.0-25.el7?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "curl-0:7.29.0-25.el7.ppc64le",
"product": {
"name": "curl-0:7.29.0-25.el7.ppc64le",
"product_id": "curl-0:7.29.0-25.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/curl@7.29.0-25.el7?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "curl-debuginfo-0:7.29.0-25.el7.ppc64le",
"product": {
"name": "curl-debuginfo-0:7.29.0-25.el7.ppc64le",
"product_id": "curl-debuginfo-0:7.29.0-25.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/curl-debuginfo@7.29.0-25.el7?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "libcurl-devel-0:7.29.0-25.el7.aarch64",
"product": {
"name": "libcurl-devel-0:7.29.0-25.el7.aarch64",
"product_id": "libcurl-devel-0:7.29.0-25.el7.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libcurl-devel@7.29.0-25.el7?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "curl-0:7.29.0-25.el7.aarch64",
"product": {
"name": "curl-0:7.29.0-25.el7.aarch64",
"product_id": "curl-0:7.29.0-25.el7.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/curl@7.29.0-25.el7?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "libcurl-0:7.29.0-25.el7.aarch64",
"product": {
"name": "libcurl-0:7.29.0-25.el7.aarch64",
"product_id": "libcurl-0:7.29.0-25.el7.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libcurl@7.29.0-25.el7?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "curl-debuginfo-0:7.29.0-25.el7.aarch64",
"product": {
"name": "curl-debuginfo-0:7.29.0-25.el7.aarch64",
"product_id": "curl-debuginfo-0:7.29.0-25.el7.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/curl-debuginfo@7.29.0-25.el7?arch=aarch64"
}
}
}
],
"category": "architecture",
"name": "aarch64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-0:7.29.0-25.el7.aarch64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional:curl-0:7.29.0-25.el7.aarch64"
},
"product_reference": "curl-0:7.29.0-25.el7.aarch64",
"relates_to_product_reference": "7Client-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-0:7.29.0-25.el7.ppc64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional:curl-0:7.29.0-25.el7.ppc64"
},
"product_reference": "curl-0:7.29.0-25.el7.ppc64",
"relates_to_product_reference": "7Client-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-0:7.29.0-25.el7.ppc64le as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional:curl-0:7.29.0-25.el7.ppc64le"
},
"product_reference": "curl-0:7.29.0-25.el7.ppc64le",
"relates_to_product_reference": "7Client-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-0:7.29.0-25.el7.s390x as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional:curl-0:7.29.0-25.el7.s390x"
},
"product_reference": "curl-0:7.29.0-25.el7.s390x",
"relates_to_product_reference": "7Client-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-0:7.29.0-25.el7.src as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional:curl-0:7.29.0-25.el7.src"
},
"product_reference": "curl-0:7.29.0-25.el7.src",
"relates_to_product_reference": "7Client-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-0:7.29.0-25.el7.x86_64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional:curl-0:7.29.0-25.el7.x86_64"
},
"product_reference": "curl-0:7.29.0-25.el7.x86_64",
"relates_to_product_reference": "7Client-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-debuginfo-0:7.29.0-25.el7.aarch64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional:curl-debuginfo-0:7.29.0-25.el7.aarch64"
},
"product_reference": "curl-debuginfo-0:7.29.0-25.el7.aarch64",
"relates_to_product_reference": "7Client-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-debuginfo-0:7.29.0-25.el7.i686 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional:curl-debuginfo-0:7.29.0-25.el7.i686"
},
"product_reference": "curl-debuginfo-0:7.29.0-25.el7.i686",
"relates_to_product_reference": "7Client-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-debuginfo-0:7.29.0-25.el7.ppc as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional:curl-debuginfo-0:7.29.0-25.el7.ppc"
},
"product_reference": "curl-debuginfo-0:7.29.0-25.el7.ppc",
"relates_to_product_reference": "7Client-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-debuginfo-0:7.29.0-25.el7.ppc64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional:curl-debuginfo-0:7.29.0-25.el7.ppc64"
},
"product_reference": "curl-debuginfo-0:7.29.0-25.el7.ppc64",
"relates_to_product_reference": "7Client-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-debuginfo-0:7.29.0-25.el7.ppc64le as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional:curl-debuginfo-0:7.29.0-25.el7.ppc64le"
},
"product_reference": "curl-debuginfo-0:7.29.0-25.el7.ppc64le",
"relates_to_product_reference": "7Client-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-debuginfo-0:7.29.0-25.el7.s390 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional:curl-debuginfo-0:7.29.0-25.el7.s390"
},
"product_reference": "curl-debuginfo-0:7.29.0-25.el7.s390",
"relates_to_product_reference": "7Client-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-debuginfo-0:7.29.0-25.el7.s390x as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional:curl-debuginfo-0:7.29.0-25.el7.s390x"
},
"product_reference": "curl-debuginfo-0:7.29.0-25.el7.s390x",
"relates_to_product_reference": "7Client-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-debuginfo-0:7.29.0-25.el7.x86_64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional:curl-debuginfo-0:7.29.0-25.el7.x86_64"
},
"product_reference": "curl-debuginfo-0:7.29.0-25.el7.x86_64",
"relates_to_product_reference": "7Client-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-0:7.29.0-25.el7.aarch64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional:libcurl-0:7.29.0-25.el7.aarch64"
},
"product_reference": "libcurl-0:7.29.0-25.el7.aarch64",
"relates_to_product_reference": "7Client-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-0:7.29.0-25.el7.i686 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional:libcurl-0:7.29.0-25.el7.i686"
},
"product_reference": "libcurl-0:7.29.0-25.el7.i686",
"relates_to_product_reference": "7Client-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-0:7.29.0-25.el7.ppc as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional:libcurl-0:7.29.0-25.el7.ppc"
},
"product_reference": "libcurl-0:7.29.0-25.el7.ppc",
"relates_to_product_reference": "7Client-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-0:7.29.0-25.el7.ppc64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional:libcurl-0:7.29.0-25.el7.ppc64"
},
"product_reference": "libcurl-0:7.29.0-25.el7.ppc64",
"relates_to_product_reference": "7Client-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-0:7.29.0-25.el7.ppc64le as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional:libcurl-0:7.29.0-25.el7.ppc64le"
},
"product_reference": "libcurl-0:7.29.0-25.el7.ppc64le",
"relates_to_product_reference": "7Client-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-0:7.29.0-25.el7.s390 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional:libcurl-0:7.29.0-25.el7.s390"
},
"product_reference": "libcurl-0:7.29.0-25.el7.s390",
"relates_to_product_reference": "7Client-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-0:7.29.0-25.el7.s390x as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional:libcurl-0:7.29.0-25.el7.s390x"
},
"product_reference": "libcurl-0:7.29.0-25.el7.s390x",
"relates_to_product_reference": "7Client-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-0:7.29.0-25.el7.x86_64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional:libcurl-0:7.29.0-25.el7.x86_64"
},
"product_reference": "libcurl-0:7.29.0-25.el7.x86_64",
"relates_to_product_reference": "7Client-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-devel-0:7.29.0-25.el7.aarch64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional:libcurl-devel-0:7.29.0-25.el7.aarch64"
},
"product_reference": "libcurl-devel-0:7.29.0-25.el7.aarch64",
"relates_to_product_reference": "7Client-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-devel-0:7.29.0-25.el7.i686 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional:libcurl-devel-0:7.29.0-25.el7.i686"
},
"product_reference": "libcurl-devel-0:7.29.0-25.el7.i686",
"relates_to_product_reference": "7Client-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-devel-0:7.29.0-25.el7.ppc as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional:libcurl-devel-0:7.29.0-25.el7.ppc"
},
"product_reference": "libcurl-devel-0:7.29.0-25.el7.ppc",
"relates_to_product_reference": "7Client-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-devel-0:7.29.0-25.el7.ppc64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional:libcurl-devel-0:7.29.0-25.el7.ppc64"
},
"product_reference": "libcurl-devel-0:7.29.0-25.el7.ppc64",
"relates_to_product_reference": "7Client-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-devel-0:7.29.0-25.el7.ppc64le as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional:libcurl-devel-0:7.29.0-25.el7.ppc64le"
},
"product_reference": "libcurl-devel-0:7.29.0-25.el7.ppc64le",
"relates_to_product_reference": "7Client-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-devel-0:7.29.0-25.el7.s390 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional:libcurl-devel-0:7.29.0-25.el7.s390"
},
"product_reference": "libcurl-devel-0:7.29.0-25.el7.s390",
"relates_to_product_reference": "7Client-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-devel-0:7.29.0-25.el7.s390x as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional:libcurl-devel-0:7.29.0-25.el7.s390x"
},
"product_reference": "libcurl-devel-0:7.29.0-25.el7.s390x",
"relates_to_product_reference": "7Client-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-devel-0:7.29.0-25.el7.x86_64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional:libcurl-devel-0:7.29.0-25.el7.x86_64"
},
"product_reference": "libcurl-devel-0:7.29.0-25.el7.x86_64",
"relates_to_product_reference": "7Client-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-0:7.29.0-25.el7.aarch64 as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client:curl-0:7.29.0-25.el7.aarch64"
},
"product_reference": "curl-0:7.29.0-25.el7.aarch64",
"relates_to_product_reference": "7Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-0:7.29.0-25.el7.ppc64 as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client:curl-0:7.29.0-25.el7.ppc64"
},
"product_reference": "curl-0:7.29.0-25.el7.ppc64",
"relates_to_product_reference": "7Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-0:7.29.0-25.el7.ppc64le as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client:curl-0:7.29.0-25.el7.ppc64le"
},
"product_reference": "curl-0:7.29.0-25.el7.ppc64le",
"relates_to_product_reference": "7Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-0:7.29.0-25.el7.s390x as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client:curl-0:7.29.0-25.el7.s390x"
},
"product_reference": "curl-0:7.29.0-25.el7.s390x",
"relates_to_product_reference": "7Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-0:7.29.0-25.el7.src as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client:curl-0:7.29.0-25.el7.src"
},
"product_reference": "curl-0:7.29.0-25.el7.src",
"relates_to_product_reference": "7Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-0:7.29.0-25.el7.x86_64 as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client:curl-0:7.29.0-25.el7.x86_64"
},
"product_reference": "curl-0:7.29.0-25.el7.x86_64",
"relates_to_product_reference": "7Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-debuginfo-0:7.29.0-25.el7.aarch64 as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client:curl-debuginfo-0:7.29.0-25.el7.aarch64"
},
"product_reference": "curl-debuginfo-0:7.29.0-25.el7.aarch64",
"relates_to_product_reference": "7Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-debuginfo-0:7.29.0-25.el7.i686 as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client:curl-debuginfo-0:7.29.0-25.el7.i686"
},
"product_reference": "curl-debuginfo-0:7.29.0-25.el7.i686",
"relates_to_product_reference": "7Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-debuginfo-0:7.29.0-25.el7.ppc as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client:curl-debuginfo-0:7.29.0-25.el7.ppc"
},
"product_reference": "curl-debuginfo-0:7.29.0-25.el7.ppc",
"relates_to_product_reference": "7Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-debuginfo-0:7.29.0-25.el7.ppc64 as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client:curl-debuginfo-0:7.29.0-25.el7.ppc64"
},
"product_reference": "curl-debuginfo-0:7.29.0-25.el7.ppc64",
"relates_to_product_reference": "7Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-debuginfo-0:7.29.0-25.el7.ppc64le as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client:curl-debuginfo-0:7.29.0-25.el7.ppc64le"
},
"product_reference": "curl-debuginfo-0:7.29.0-25.el7.ppc64le",
"relates_to_product_reference": "7Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-debuginfo-0:7.29.0-25.el7.s390 as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client:curl-debuginfo-0:7.29.0-25.el7.s390"
},
"product_reference": "curl-debuginfo-0:7.29.0-25.el7.s390",
"relates_to_product_reference": "7Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-debuginfo-0:7.29.0-25.el7.s390x as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client:curl-debuginfo-0:7.29.0-25.el7.s390x"
},
"product_reference": "curl-debuginfo-0:7.29.0-25.el7.s390x",
"relates_to_product_reference": "7Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-debuginfo-0:7.29.0-25.el7.x86_64 as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client:curl-debuginfo-0:7.29.0-25.el7.x86_64"
},
"product_reference": "curl-debuginfo-0:7.29.0-25.el7.x86_64",
"relates_to_product_reference": "7Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-0:7.29.0-25.el7.aarch64 as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client:libcurl-0:7.29.0-25.el7.aarch64"
},
"product_reference": "libcurl-0:7.29.0-25.el7.aarch64",
"relates_to_product_reference": "7Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-0:7.29.0-25.el7.i686 as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client:libcurl-0:7.29.0-25.el7.i686"
},
"product_reference": "libcurl-0:7.29.0-25.el7.i686",
"relates_to_product_reference": "7Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-0:7.29.0-25.el7.ppc as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client:libcurl-0:7.29.0-25.el7.ppc"
},
"product_reference": "libcurl-0:7.29.0-25.el7.ppc",
"relates_to_product_reference": "7Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-0:7.29.0-25.el7.ppc64 as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client:libcurl-0:7.29.0-25.el7.ppc64"
},
"product_reference": "libcurl-0:7.29.0-25.el7.ppc64",
"relates_to_product_reference": "7Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-0:7.29.0-25.el7.ppc64le as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client:libcurl-0:7.29.0-25.el7.ppc64le"
},
"product_reference": "libcurl-0:7.29.0-25.el7.ppc64le",
"relates_to_product_reference": "7Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-0:7.29.0-25.el7.s390 as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client:libcurl-0:7.29.0-25.el7.s390"
},
"product_reference": "libcurl-0:7.29.0-25.el7.s390",
"relates_to_product_reference": "7Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-0:7.29.0-25.el7.s390x as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client:libcurl-0:7.29.0-25.el7.s390x"
},
"product_reference": "libcurl-0:7.29.0-25.el7.s390x",
"relates_to_product_reference": "7Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-0:7.29.0-25.el7.x86_64 as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client:libcurl-0:7.29.0-25.el7.x86_64"
},
"product_reference": "libcurl-0:7.29.0-25.el7.x86_64",
"relates_to_product_reference": "7Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-devel-0:7.29.0-25.el7.aarch64 as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client:libcurl-devel-0:7.29.0-25.el7.aarch64"
},
"product_reference": "libcurl-devel-0:7.29.0-25.el7.aarch64",
"relates_to_product_reference": "7Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-devel-0:7.29.0-25.el7.i686 as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client:libcurl-devel-0:7.29.0-25.el7.i686"
},
"product_reference": "libcurl-devel-0:7.29.0-25.el7.i686",
"relates_to_product_reference": "7Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-devel-0:7.29.0-25.el7.ppc as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client:libcurl-devel-0:7.29.0-25.el7.ppc"
},
"product_reference": "libcurl-devel-0:7.29.0-25.el7.ppc",
"relates_to_product_reference": "7Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-devel-0:7.29.0-25.el7.ppc64 as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client:libcurl-devel-0:7.29.0-25.el7.ppc64"
},
"product_reference": "libcurl-devel-0:7.29.0-25.el7.ppc64",
"relates_to_product_reference": "7Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-devel-0:7.29.0-25.el7.ppc64le as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client:libcurl-devel-0:7.29.0-25.el7.ppc64le"
},
"product_reference": "libcurl-devel-0:7.29.0-25.el7.ppc64le",
"relates_to_product_reference": "7Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-devel-0:7.29.0-25.el7.s390 as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client:libcurl-devel-0:7.29.0-25.el7.s390"
},
"product_reference": "libcurl-devel-0:7.29.0-25.el7.s390",
"relates_to_product_reference": "7Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-devel-0:7.29.0-25.el7.s390x as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client:libcurl-devel-0:7.29.0-25.el7.s390x"
},
"product_reference": "libcurl-devel-0:7.29.0-25.el7.s390x",
"relates_to_product_reference": "7Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-devel-0:7.29.0-25.el7.x86_64 as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client:libcurl-devel-0:7.29.0-25.el7.x86_64"
},
"product_reference": "libcurl-devel-0:7.29.0-25.el7.x86_64",
"relates_to_product_reference": "7Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-0:7.29.0-25.el7.aarch64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional:curl-0:7.29.0-25.el7.aarch64"
},
"product_reference": "curl-0:7.29.0-25.el7.aarch64",
"relates_to_product_reference": "7ComputeNode-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-0:7.29.0-25.el7.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional:curl-0:7.29.0-25.el7.ppc64"
},
"product_reference": "curl-0:7.29.0-25.el7.ppc64",
"relates_to_product_reference": "7ComputeNode-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-0:7.29.0-25.el7.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional:curl-0:7.29.0-25.el7.ppc64le"
},
"product_reference": "curl-0:7.29.0-25.el7.ppc64le",
"relates_to_product_reference": "7ComputeNode-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-0:7.29.0-25.el7.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional:curl-0:7.29.0-25.el7.s390x"
},
"product_reference": "curl-0:7.29.0-25.el7.s390x",
"relates_to_product_reference": "7ComputeNode-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-0:7.29.0-25.el7.src as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional:curl-0:7.29.0-25.el7.src"
},
"product_reference": "curl-0:7.29.0-25.el7.src",
"relates_to_product_reference": "7ComputeNode-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-0:7.29.0-25.el7.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional:curl-0:7.29.0-25.el7.x86_64"
},
"product_reference": "curl-0:7.29.0-25.el7.x86_64",
"relates_to_product_reference": "7ComputeNode-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-debuginfo-0:7.29.0-25.el7.aarch64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.aarch64"
},
"product_reference": "curl-debuginfo-0:7.29.0-25.el7.aarch64",
"relates_to_product_reference": "7ComputeNode-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-debuginfo-0:7.29.0-25.el7.i686 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.i686"
},
"product_reference": "curl-debuginfo-0:7.29.0-25.el7.i686",
"relates_to_product_reference": "7ComputeNode-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-debuginfo-0:7.29.0-25.el7.ppc as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.ppc"
},
"product_reference": "curl-debuginfo-0:7.29.0-25.el7.ppc",
"relates_to_product_reference": "7ComputeNode-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-debuginfo-0:7.29.0-25.el7.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.ppc64"
},
"product_reference": "curl-debuginfo-0:7.29.0-25.el7.ppc64",
"relates_to_product_reference": "7ComputeNode-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-debuginfo-0:7.29.0-25.el7.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.ppc64le"
},
"product_reference": "curl-debuginfo-0:7.29.0-25.el7.ppc64le",
"relates_to_product_reference": "7ComputeNode-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-debuginfo-0:7.29.0-25.el7.s390 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.s390"
},
"product_reference": "curl-debuginfo-0:7.29.0-25.el7.s390",
"relates_to_product_reference": "7ComputeNode-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-debuginfo-0:7.29.0-25.el7.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.s390x"
},
"product_reference": "curl-debuginfo-0:7.29.0-25.el7.s390x",
"relates_to_product_reference": "7ComputeNode-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-debuginfo-0:7.29.0-25.el7.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.x86_64"
},
"product_reference": "curl-debuginfo-0:7.29.0-25.el7.x86_64",
"relates_to_product_reference": "7ComputeNode-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-0:7.29.0-25.el7.aarch64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional:libcurl-0:7.29.0-25.el7.aarch64"
},
"product_reference": "libcurl-0:7.29.0-25.el7.aarch64",
"relates_to_product_reference": "7ComputeNode-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-0:7.29.0-25.el7.i686 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional:libcurl-0:7.29.0-25.el7.i686"
},
"product_reference": "libcurl-0:7.29.0-25.el7.i686",
"relates_to_product_reference": "7ComputeNode-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-0:7.29.0-25.el7.ppc as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional:libcurl-0:7.29.0-25.el7.ppc"
},
"product_reference": "libcurl-0:7.29.0-25.el7.ppc",
"relates_to_product_reference": "7ComputeNode-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-0:7.29.0-25.el7.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional:libcurl-0:7.29.0-25.el7.ppc64"
},
"product_reference": "libcurl-0:7.29.0-25.el7.ppc64",
"relates_to_product_reference": "7ComputeNode-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-0:7.29.0-25.el7.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional:libcurl-0:7.29.0-25.el7.ppc64le"
},
"product_reference": "libcurl-0:7.29.0-25.el7.ppc64le",
"relates_to_product_reference": "7ComputeNode-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-0:7.29.0-25.el7.s390 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional:libcurl-0:7.29.0-25.el7.s390"
},
"product_reference": "libcurl-0:7.29.0-25.el7.s390",
"relates_to_product_reference": "7ComputeNode-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-0:7.29.0-25.el7.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional:libcurl-0:7.29.0-25.el7.s390x"
},
"product_reference": "libcurl-0:7.29.0-25.el7.s390x",
"relates_to_product_reference": "7ComputeNode-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-0:7.29.0-25.el7.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional:libcurl-0:7.29.0-25.el7.x86_64"
},
"product_reference": "libcurl-0:7.29.0-25.el7.x86_64",
"relates_to_product_reference": "7ComputeNode-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-devel-0:7.29.0-25.el7.aarch64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.aarch64"
},
"product_reference": "libcurl-devel-0:7.29.0-25.el7.aarch64",
"relates_to_product_reference": "7ComputeNode-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-devel-0:7.29.0-25.el7.i686 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.i686"
},
"product_reference": "libcurl-devel-0:7.29.0-25.el7.i686",
"relates_to_product_reference": "7ComputeNode-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-devel-0:7.29.0-25.el7.ppc as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.ppc"
},
"product_reference": "libcurl-devel-0:7.29.0-25.el7.ppc",
"relates_to_product_reference": "7ComputeNode-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-devel-0:7.29.0-25.el7.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.ppc64"
},
"product_reference": "libcurl-devel-0:7.29.0-25.el7.ppc64",
"relates_to_product_reference": "7ComputeNode-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-devel-0:7.29.0-25.el7.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.ppc64le"
},
"product_reference": "libcurl-devel-0:7.29.0-25.el7.ppc64le",
"relates_to_product_reference": "7ComputeNode-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-devel-0:7.29.0-25.el7.s390 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.s390"
},
"product_reference": "libcurl-devel-0:7.29.0-25.el7.s390",
"relates_to_product_reference": "7ComputeNode-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-devel-0:7.29.0-25.el7.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.s390x"
},
"product_reference": "libcurl-devel-0:7.29.0-25.el7.s390x",
"relates_to_product_reference": "7ComputeNode-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-devel-0:7.29.0-25.el7.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.x86_64"
},
"product_reference": "libcurl-devel-0:7.29.0-25.el7.x86_64",
"relates_to_product_reference": "7ComputeNode-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-0:7.29.0-25.el7.aarch64 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode:curl-0:7.29.0-25.el7.aarch64"
},
"product_reference": "curl-0:7.29.0-25.el7.aarch64",
"relates_to_product_reference": "7ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-0:7.29.0-25.el7.ppc64 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode:curl-0:7.29.0-25.el7.ppc64"
},
"product_reference": "curl-0:7.29.0-25.el7.ppc64",
"relates_to_product_reference": "7ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-0:7.29.0-25.el7.ppc64le as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode:curl-0:7.29.0-25.el7.ppc64le"
},
"product_reference": "curl-0:7.29.0-25.el7.ppc64le",
"relates_to_product_reference": "7ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-0:7.29.0-25.el7.s390x as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode:curl-0:7.29.0-25.el7.s390x"
},
"product_reference": "curl-0:7.29.0-25.el7.s390x",
"relates_to_product_reference": "7ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-0:7.29.0-25.el7.src as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode:curl-0:7.29.0-25.el7.src"
},
"product_reference": "curl-0:7.29.0-25.el7.src",
"relates_to_product_reference": "7ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-0:7.29.0-25.el7.x86_64 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode:curl-0:7.29.0-25.el7.x86_64"
},
"product_reference": "curl-0:7.29.0-25.el7.x86_64",
"relates_to_product_reference": "7ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-debuginfo-0:7.29.0-25.el7.aarch64 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.aarch64"
},
"product_reference": "curl-debuginfo-0:7.29.0-25.el7.aarch64",
"relates_to_product_reference": "7ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-debuginfo-0:7.29.0-25.el7.i686 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.i686"
},
"product_reference": "curl-debuginfo-0:7.29.0-25.el7.i686",
"relates_to_product_reference": "7ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-debuginfo-0:7.29.0-25.el7.ppc as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.ppc"
},
"product_reference": "curl-debuginfo-0:7.29.0-25.el7.ppc",
"relates_to_product_reference": "7ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-debuginfo-0:7.29.0-25.el7.ppc64 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.ppc64"
},
"product_reference": "curl-debuginfo-0:7.29.0-25.el7.ppc64",
"relates_to_product_reference": "7ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-debuginfo-0:7.29.0-25.el7.ppc64le as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.ppc64le"
},
"product_reference": "curl-debuginfo-0:7.29.0-25.el7.ppc64le",
"relates_to_product_reference": "7ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-debuginfo-0:7.29.0-25.el7.s390 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.s390"
},
"product_reference": "curl-debuginfo-0:7.29.0-25.el7.s390",
"relates_to_product_reference": "7ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-debuginfo-0:7.29.0-25.el7.s390x as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.s390x"
},
"product_reference": "curl-debuginfo-0:7.29.0-25.el7.s390x",
"relates_to_product_reference": "7ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-debuginfo-0:7.29.0-25.el7.x86_64 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.x86_64"
},
"product_reference": "curl-debuginfo-0:7.29.0-25.el7.x86_64",
"relates_to_product_reference": "7ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-0:7.29.0-25.el7.aarch64 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode:libcurl-0:7.29.0-25.el7.aarch64"
},
"product_reference": "libcurl-0:7.29.0-25.el7.aarch64",
"relates_to_product_reference": "7ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-0:7.29.0-25.el7.i686 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode:libcurl-0:7.29.0-25.el7.i686"
},
"product_reference": "libcurl-0:7.29.0-25.el7.i686",
"relates_to_product_reference": "7ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-0:7.29.0-25.el7.ppc as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode:libcurl-0:7.29.0-25.el7.ppc"
},
"product_reference": "libcurl-0:7.29.0-25.el7.ppc",
"relates_to_product_reference": "7ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-0:7.29.0-25.el7.ppc64 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode:libcurl-0:7.29.0-25.el7.ppc64"
},
"product_reference": "libcurl-0:7.29.0-25.el7.ppc64",
"relates_to_product_reference": "7ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-0:7.29.0-25.el7.ppc64le as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode:libcurl-0:7.29.0-25.el7.ppc64le"
},
"product_reference": "libcurl-0:7.29.0-25.el7.ppc64le",
"relates_to_product_reference": "7ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-0:7.29.0-25.el7.s390 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode:libcurl-0:7.29.0-25.el7.s390"
},
"product_reference": "libcurl-0:7.29.0-25.el7.s390",
"relates_to_product_reference": "7ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-0:7.29.0-25.el7.s390x as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode:libcurl-0:7.29.0-25.el7.s390x"
},
"product_reference": "libcurl-0:7.29.0-25.el7.s390x",
"relates_to_product_reference": "7ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-0:7.29.0-25.el7.x86_64 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode:libcurl-0:7.29.0-25.el7.x86_64"
},
"product_reference": "libcurl-0:7.29.0-25.el7.x86_64",
"relates_to_product_reference": "7ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-devel-0:7.29.0-25.el7.aarch64 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode:libcurl-devel-0:7.29.0-25.el7.aarch64"
},
"product_reference": "libcurl-devel-0:7.29.0-25.el7.aarch64",
"relates_to_product_reference": "7ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-devel-0:7.29.0-25.el7.i686 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode:libcurl-devel-0:7.29.0-25.el7.i686"
},
"product_reference": "libcurl-devel-0:7.29.0-25.el7.i686",
"relates_to_product_reference": "7ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-devel-0:7.29.0-25.el7.ppc as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode:libcurl-devel-0:7.29.0-25.el7.ppc"
},
"product_reference": "libcurl-devel-0:7.29.0-25.el7.ppc",
"relates_to_product_reference": "7ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-devel-0:7.29.0-25.el7.ppc64 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode:libcurl-devel-0:7.29.0-25.el7.ppc64"
},
"product_reference": "libcurl-devel-0:7.29.0-25.el7.ppc64",
"relates_to_product_reference": "7ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-devel-0:7.29.0-25.el7.ppc64le as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode:libcurl-devel-0:7.29.0-25.el7.ppc64le"
},
"product_reference": "libcurl-devel-0:7.29.0-25.el7.ppc64le",
"relates_to_product_reference": "7ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-devel-0:7.29.0-25.el7.s390 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode:libcurl-devel-0:7.29.0-25.el7.s390"
},
"product_reference": "libcurl-devel-0:7.29.0-25.el7.s390",
"relates_to_product_reference": "7ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-devel-0:7.29.0-25.el7.s390x as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode:libcurl-devel-0:7.29.0-25.el7.s390x"
},
"product_reference": "libcurl-devel-0:7.29.0-25.el7.s390x",
"relates_to_product_reference": "7ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-devel-0:7.29.0-25.el7.x86_64 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode:libcurl-devel-0:7.29.0-25.el7.x86_64"
},
"product_reference": "libcurl-devel-0:7.29.0-25.el7.x86_64",
"relates_to_product_reference": "7ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-0:7.29.0-25.el7.aarch64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server:curl-0:7.29.0-25.el7.aarch64"
},
"product_reference": "curl-0:7.29.0-25.el7.aarch64",
"relates_to_product_reference": "7Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-0:7.29.0-25.el7.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server:curl-0:7.29.0-25.el7.ppc64"
},
"product_reference": "curl-0:7.29.0-25.el7.ppc64",
"relates_to_product_reference": "7Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-0:7.29.0-25.el7.ppc64le as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server:curl-0:7.29.0-25.el7.ppc64le"
},
"product_reference": "curl-0:7.29.0-25.el7.ppc64le",
"relates_to_product_reference": "7Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-0:7.29.0-25.el7.s390x as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server:curl-0:7.29.0-25.el7.s390x"
},
"product_reference": "curl-0:7.29.0-25.el7.s390x",
"relates_to_product_reference": "7Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-0:7.29.0-25.el7.src as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server:curl-0:7.29.0-25.el7.src"
},
"product_reference": "curl-0:7.29.0-25.el7.src",
"relates_to_product_reference": "7Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-0:7.29.0-25.el7.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server:curl-0:7.29.0-25.el7.x86_64"
},
"product_reference": "curl-0:7.29.0-25.el7.x86_64",
"relates_to_product_reference": "7Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-debuginfo-0:7.29.0-25.el7.aarch64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server:curl-debuginfo-0:7.29.0-25.el7.aarch64"
},
"product_reference": "curl-debuginfo-0:7.29.0-25.el7.aarch64",
"relates_to_product_reference": "7Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-debuginfo-0:7.29.0-25.el7.i686 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server:curl-debuginfo-0:7.29.0-25.el7.i686"
},
"product_reference": "curl-debuginfo-0:7.29.0-25.el7.i686",
"relates_to_product_reference": "7Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-debuginfo-0:7.29.0-25.el7.ppc as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server:curl-debuginfo-0:7.29.0-25.el7.ppc"
},
"product_reference": "curl-debuginfo-0:7.29.0-25.el7.ppc",
"relates_to_product_reference": "7Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-debuginfo-0:7.29.0-25.el7.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server:curl-debuginfo-0:7.29.0-25.el7.ppc64"
},
"product_reference": "curl-debuginfo-0:7.29.0-25.el7.ppc64",
"relates_to_product_reference": "7Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-debuginfo-0:7.29.0-25.el7.ppc64le as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server:curl-debuginfo-0:7.29.0-25.el7.ppc64le"
},
"product_reference": "curl-debuginfo-0:7.29.0-25.el7.ppc64le",
"relates_to_product_reference": "7Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-debuginfo-0:7.29.0-25.el7.s390 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server:curl-debuginfo-0:7.29.0-25.el7.s390"
},
"product_reference": "curl-debuginfo-0:7.29.0-25.el7.s390",
"relates_to_product_reference": "7Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-debuginfo-0:7.29.0-25.el7.s390x as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server:curl-debuginfo-0:7.29.0-25.el7.s390x"
},
"product_reference": "curl-debuginfo-0:7.29.0-25.el7.s390x",
"relates_to_product_reference": "7Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-debuginfo-0:7.29.0-25.el7.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server:curl-debuginfo-0:7.29.0-25.el7.x86_64"
},
"product_reference": "curl-debuginfo-0:7.29.0-25.el7.x86_64",
"relates_to_product_reference": "7Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-0:7.29.0-25.el7.aarch64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server:libcurl-0:7.29.0-25.el7.aarch64"
},
"product_reference": "libcurl-0:7.29.0-25.el7.aarch64",
"relates_to_product_reference": "7Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-0:7.29.0-25.el7.i686 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server:libcurl-0:7.29.0-25.el7.i686"
},
"product_reference": "libcurl-0:7.29.0-25.el7.i686",
"relates_to_product_reference": "7Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-0:7.29.0-25.el7.ppc as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server:libcurl-0:7.29.0-25.el7.ppc"
},
"product_reference": "libcurl-0:7.29.0-25.el7.ppc",
"relates_to_product_reference": "7Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-0:7.29.0-25.el7.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server:libcurl-0:7.29.0-25.el7.ppc64"
},
"product_reference": "libcurl-0:7.29.0-25.el7.ppc64",
"relates_to_product_reference": "7Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-0:7.29.0-25.el7.ppc64le as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server:libcurl-0:7.29.0-25.el7.ppc64le"
},
"product_reference": "libcurl-0:7.29.0-25.el7.ppc64le",
"relates_to_product_reference": "7Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-0:7.29.0-25.el7.s390 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server:libcurl-0:7.29.0-25.el7.s390"
},
"product_reference": "libcurl-0:7.29.0-25.el7.s390",
"relates_to_product_reference": "7Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-0:7.29.0-25.el7.s390x as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server:libcurl-0:7.29.0-25.el7.s390x"
},
"product_reference": "libcurl-0:7.29.0-25.el7.s390x",
"relates_to_product_reference": "7Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-0:7.29.0-25.el7.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server:libcurl-0:7.29.0-25.el7.x86_64"
},
"product_reference": "libcurl-0:7.29.0-25.el7.x86_64",
"relates_to_product_reference": "7Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-devel-0:7.29.0-25.el7.aarch64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server:libcurl-devel-0:7.29.0-25.el7.aarch64"
},
"product_reference": "libcurl-devel-0:7.29.0-25.el7.aarch64",
"relates_to_product_reference": "7Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-devel-0:7.29.0-25.el7.i686 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server:libcurl-devel-0:7.29.0-25.el7.i686"
},
"product_reference": "libcurl-devel-0:7.29.0-25.el7.i686",
"relates_to_product_reference": "7Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-devel-0:7.29.0-25.el7.ppc as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server:libcurl-devel-0:7.29.0-25.el7.ppc"
},
"product_reference": "libcurl-devel-0:7.29.0-25.el7.ppc",
"relates_to_product_reference": "7Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-devel-0:7.29.0-25.el7.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server:libcurl-devel-0:7.29.0-25.el7.ppc64"
},
"product_reference": "libcurl-devel-0:7.29.0-25.el7.ppc64",
"relates_to_product_reference": "7Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-devel-0:7.29.0-25.el7.ppc64le as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server:libcurl-devel-0:7.29.0-25.el7.ppc64le"
},
"product_reference": "libcurl-devel-0:7.29.0-25.el7.ppc64le",
"relates_to_product_reference": "7Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-devel-0:7.29.0-25.el7.s390 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server:libcurl-devel-0:7.29.0-25.el7.s390"
},
"product_reference": "libcurl-devel-0:7.29.0-25.el7.s390",
"relates_to_product_reference": "7Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-devel-0:7.29.0-25.el7.s390x as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server:libcurl-devel-0:7.29.0-25.el7.s390x"
},
"product_reference": "libcurl-devel-0:7.29.0-25.el7.s390x",
"relates_to_product_reference": "7Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-devel-0:7.29.0-25.el7.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server:libcurl-devel-0:7.29.0-25.el7.x86_64"
},
"product_reference": "libcurl-devel-0:7.29.0-25.el7.x86_64",
"relates_to_product_reference": "7Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-0:7.29.0-25.el7.aarch64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation:curl-0:7.29.0-25.el7.aarch64"
},
"product_reference": "curl-0:7.29.0-25.el7.aarch64",
"relates_to_product_reference": "7Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-0:7.29.0-25.el7.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation:curl-0:7.29.0-25.el7.ppc64"
},
"product_reference": "curl-0:7.29.0-25.el7.ppc64",
"relates_to_product_reference": "7Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-0:7.29.0-25.el7.ppc64le as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation:curl-0:7.29.0-25.el7.ppc64le"
},
"product_reference": "curl-0:7.29.0-25.el7.ppc64le",
"relates_to_product_reference": "7Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-0:7.29.0-25.el7.s390x as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation:curl-0:7.29.0-25.el7.s390x"
},
"product_reference": "curl-0:7.29.0-25.el7.s390x",
"relates_to_product_reference": "7Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-0:7.29.0-25.el7.src as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation:curl-0:7.29.0-25.el7.src"
},
"product_reference": "curl-0:7.29.0-25.el7.src",
"relates_to_product_reference": "7Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-0:7.29.0-25.el7.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation:curl-0:7.29.0-25.el7.x86_64"
},
"product_reference": "curl-0:7.29.0-25.el7.x86_64",
"relates_to_product_reference": "7Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-debuginfo-0:7.29.0-25.el7.aarch64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation:curl-debuginfo-0:7.29.0-25.el7.aarch64"
},
"product_reference": "curl-debuginfo-0:7.29.0-25.el7.aarch64",
"relates_to_product_reference": "7Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-debuginfo-0:7.29.0-25.el7.i686 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation:curl-debuginfo-0:7.29.0-25.el7.i686"
},
"product_reference": "curl-debuginfo-0:7.29.0-25.el7.i686",
"relates_to_product_reference": "7Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-debuginfo-0:7.29.0-25.el7.ppc as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation:curl-debuginfo-0:7.29.0-25.el7.ppc"
},
"product_reference": "curl-debuginfo-0:7.29.0-25.el7.ppc",
"relates_to_product_reference": "7Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-debuginfo-0:7.29.0-25.el7.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation:curl-debuginfo-0:7.29.0-25.el7.ppc64"
},
"product_reference": "curl-debuginfo-0:7.29.0-25.el7.ppc64",
"relates_to_product_reference": "7Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-debuginfo-0:7.29.0-25.el7.ppc64le as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation:curl-debuginfo-0:7.29.0-25.el7.ppc64le"
},
"product_reference": "curl-debuginfo-0:7.29.0-25.el7.ppc64le",
"relates_to_product_reference": "7Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-debuginfo-0:7.29.0-25.el7.s390 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation:curl-debuginfo-0:7.29.0-25.el7.s390"
},
"product_reference": "curl-debuginfo-0:7.29.0-25.el7.s390",
"relates_to_product_reference": "7Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-debuginfo-0:7.29.0-25.el7.s390x as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation:curl-debuginfo-0:7.29.0-25.el7.s390x"
},
"product_reference": "curl-debuginfo-0:7.29.0-25.el7.s390x",
"relates_to_product_reference": "7Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-debuginfo-0:7.29.0-25.el7.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation:curl-debuginfo-0:7.29.0-25.el7.x86_64"
},
"product_reference": "curl-debuginfo-0:7.29.0-25.el7.x86_64",
"relates_to_product_reference": "7Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-0:7.29.0-25.el7.aarch64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation:libcurl-0:7.29.0-25.el7.aarch64"
},
"product_reference": "libcurl-0:7.29.0-25.el7.aarch64",
"relates_to_product_reference": "7Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-0:7.29.0-25.el7.i686 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation:libcurl-0:7.29.0-25.el7.i686"
},
"product_reference": "libcurl-0:7.29.0-25.el7.i686",
"relates_to_product_reference": "7Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-0:7.29.0-25.el7.ppc as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation:libcurl-0:7.29.0-25.el7.ppc"
},
"product_reference": "libcurl-0:7.29.0-25.el7.ppc",
"relates_to_product_reference": "7Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-0:7.29.0-25.el7.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation:libcurl-0:7.29.0-25.el7.ppc64"
},
"product_reference": "libcurl-0:7.29.0-25.el7.ppc64",
"relates_to_product_reference": "7Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-0:7.29.0-25.el7.ppc64le as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation:libcurl-0:7.29.0-25.el7.ppc64le"
},
"product_reference": "libcurl-0:7.29.0-25.el7.ppc64le",
"relates_to_product_reference": "7Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-0:7.29.0-25.el7.s390 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation:libcurl-0:7.29.0-25.el7.s390"
},
"product_reference": "libcurl-0:7.29.0-25.el7.s390",
"relates_to_product_reference": "7Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-0:7.29.0-25.el7.s390x as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation:libcurl-0:7.29.0-25.el7.s390x"
},
"product_reference": "libcurl-0:7.29.0-25.el7.s390x",
"relates_to_product_reference": "7Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-0:7.29.0-25.el7.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation:libcurl-0:7.29.0-25.el7.x86_64"
},
"product_reference": "libcurl-0:7.29.0-25.el7.x86_64",
"relates_to_product_reference": "7Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-devel-0:7.29.0-25.el7.aarch64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation:libcurl-devel-0:7.29.0-25.el7.aarch64"
},
"product_reference": "libcurl-devel-0:7.29.0-25.el7.aarch64",
"relates_to_product_reference": "7Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-devel-0:7.29.0-25.el7.i686 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation:libcurl-devel-0:7.29.0-25.el7.i686"
},
"product_reference": "libcurl-devel-0:7.29.0-25.el7.i686",
"relates_to_product_reference": "7Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-devel-0:7.29.0-25.el7.ppc as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation:libcurl-devel-0:7.29.0-25.el7.ppc"
},
"product_reference": "libcurl-devel-0:7.29.0-25.el7.ppc",
"relates_to_product_reference": "7Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-devel-0:7.29.0-25.el7.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation:libcurl-devel-0:7.29.0-25.el7.ppc64"
},
"product_reference": "libcurl-devel-0:7.29.0-25.el7.ppc64",
"relates_to_product_reference": "7Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-devel-0:7.29.0-25.el7.ppc64le as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation:libcurl-devel-0:7.29.0-25.el7.ppc64le"
},
"product_reference": "libcurl-devel-0:7.29.0-25.el7.ppc64le",
"relates_to_product_reference": "7Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-devel-0:7.29.0-25.el7.s390 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation:libcurl-devel-0:7.29.0-25.el7.s390"
},
"product_reference": "libcurl-devel-0:7.29.0-25.el7.s390",
"relates_to_product_reference": "7Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-devel-0:7.29.0-25.el7.s390x as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation:libcurl-devel-0:7.29.0-25.el7.s390x"
},
"product_reference": "libcurl-devel-0:7.29.0-25.el7.s390x",
"relates_to_product_reference": "7Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-devel-0:7.29.0-25.el7.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation:libcurl-devel-0:7.29.0-25.el7.x86_64"
},
"product_reference": "libcurl-devel-0:7.29.0-25.el7.x86_64",
"relates_to_product_reference": "7Workstation"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"cURL project"
]
},
{
"names": [
"Tim Ruehsen"
],
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2014-3613",
"cwe": {
"id": "CWE-284",
"name": "Improper Access Control"
},
"discovery_date": "2014-09-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1136154"
}
],
"notes": [
{
"category": "description",
"text": "It was found that the libcurl library did not correctly handle partial literal IP addresses when parsing received HTTP cookies. An attacker able to trick a user into connecting to a malicious server could use this flaw to set the user\u0027s cookie to a crafted domain, making other cookie-related issues easier to exploit.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "curl: incorrect handling of IP addresses in cookie domain",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue affects the versions of curl as shipped with Red Hat Enterprise Linux 5 and is not planned to be corrected in future updates.\n\nInktank Ceph Enterprise 1.1 and 1.2 receives only qualified Important and Critical impact security fixes. This issue has been rated as having Moderate security impact and is not currently planned to be addressed in future updates. For additional information, refer to the Inktank Ceph Enterprise Support Matrix:\nhttp://www.inktank.com/enterprise/support/",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Client-optional:curl-0:7.29.0-25.el7.aarch64",
"7Client-optional:curl-0:7.29.0-25.el7.ppc64",
"7Client-optional:curl-0:7.29.0-25.el7.ppc64le",
"7Client-optional:curl-0:7.29.0-25.el7.s390x",
"7Client-optional:curl-0:7.29.0-25.el7.src",
"7Client-optional:curl-0:7.29.0-25.el7.x86_64",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.aarch64",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.i686",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.ppc",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.ppc64",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.ppc64le",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.s390",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.s390x",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.x86_64",
"7Client-optional:libcurl-0:7.29.0-25.el7.aarch64",
"7Client-optional:libcurl-0:7.29.0-25.el7.i686",
"7Client-optional:libcurl-0:7.29.0-25.el7.ppc",
"7Client-optional:libcurl-0:7.29.0-25.el7.ppc64",
"7Client-optional:libcurl-0:7.29.0-25.el7.ppc64le",
"7Client-optional:libcurl-0:7.29.0-25.el7.s390",
"7Client-optional:libcurl-0:7.29.0-25.el7.s390x",
"7Client-optional:libcurl-0:7.29.0-25.el7.x86_64",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.aarch64",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.i686",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.ppc",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.ppc64",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.ppc64le",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.s390",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.s390x",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.x86_64",
"7Client:curl-0:7.29.0-25.el7.aarch64",
"7Client:curl-0:7.29.0-25.el7.ppc64",
"7Client:curl-0:7.29.0-25.el7.ppc64le",
"7Client:curl-0:7.29.0-25.el7.s390x",
"7Client:curl-0:7.29.0-25.el7.src",
"7Client:curl-0:7.29.0-25.el7.x86_64",
"7Client:curl-debuginfo-0:7.29.0-25.el7.aarch64",
"7Client:curl-debuginfo-0:7.29.0-25.el7.i686",
"7Client:curl-debuginfo-0:7.29.0-25.el7.ppc",
"7Client:curl-debuginfo-0:7.29.0-25.el7.ppc64",
"7Client:curl-debuginfo-0:7.29.0-25.el7.ppc64le",
"7Client:curl-debuginfo-0:7.29.0-25.el7.s390",
"7Client:curl-debuginfo-0:7.29.0-25.el7.s390x",
"7Client:curl-debuginfo-0:7.29.0-25.el7.x86_64",
"7Client:libcurl-0:7.29.0-25.el7.aarch64",
"7Client:libcurl-0:7.29.0-25.el7.i686",
"7Client:libcurl-0:7.29.0-25.el7.ppc",
"7Client:libcurl-0:7.29.0-25.el7.ppc64",
"7Client:libcurl-0:7.29.0-25.el7.ppc64le",
"7Client:libcurl-0:7.29.0-25.el7.s390",
"7Client:libcurl-0:7.29.0-25.el7.s390x",
"7Client:libcurl-0:7.29.0-25.el7.x86_64",
"7Client:libcurl-devel-0:7.29.0-25.el7.aarch64",
"7Client:libcurl-devel-0:7.29.0-25.el7.i686",
"7Client:libcurl-devel-0:7.29.0-25.el7.ppc",
"7Client:libcurl-devel-0:7.29.0-25.el7.ppc64",
"7Client:libcurl-devel-0:7.29.0-25.el7.ppc64le",
"7Client:libcurl-devel-0:7.29.0-25.el7.s390",
"7Client:libcurl-devel-0:7.29.0-25.el7.s390x",
"7Client:libcurl-devel-0:7.29.0-25.el7.x86_64",
"7ComputeNode-optional:curl-0:7.29.0-25.el7.aarch64",
"7ComputeNode-optional:curl-0:7.29.0-25.el7.ppc64",
"7ComputeNode-optional:curl-0:7.29.0-25.el7.ppc64le",
"7ComputeNode-optional:curl-0:7.29.0-25.el7.s390x",
"7ComputeNode-optional:curl-0:7.29.0-25.el7.src",
"7ComputeNode-optional:curl-0:7.29.0-25.el7.x86_64",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.aarch64",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.i686",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.ppc",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.ppc64",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.ppc64le",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.s390",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.s390x",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.x86_64",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.aarch64",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.i686",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.ppc",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.ppc64",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.ppc64le",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.s390",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.s390x",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.x86_64",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.aarch64",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.i686",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.ppc",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.ppc64",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.ppc64le",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.s390",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.s390x",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.x86_64",
"7ComputeNode:curl-0:7.29.0-25.el7.aarch64",
"7ComputeNode:curl-0:7.29.0-25.el7.ppc64",
"7ComputeNode:curl-0:7.29.0-25.el7.ppc64le",
"7ComputeNode:curl-0:7.29.0-25.el7.s390x",
"7ComputeNode:curl-0:7.29.0-25.el7.src",
"7ComputeNode:curl-0:7.29.0-25.el7.x86_64",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.aarch64",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.i686",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.ppc",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.ppc64",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.ppc64le",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.s390",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.s390x",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.x86_64",
"7ComputeNode:libcurl-0:7.29.0-25.el7.aarch64",
"7ComputeNode:libcurl-0:7.29.0-25.el7.i686",
"7ComputeNode:libcurl-0:7.29.0-25.el7.ppc",
"7ComputeNode:libcurl-0:7.29.0-25.el7.ppc64",
"7ComputeNode:libcurl-0:7.29.0-25.el7.ppc64le",
"7ComputeNode:libcurl-0:7.29.0-25.el7.s390",
"7ComputeNode:libcurl-0:7.29.0-25.el7.s390x",
"7ComputeNode:libcurl-0:7.29.0-25.el7.x86_64",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.aarch64",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.i686",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.ppc",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.ppc64",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.ppc64le",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.s390",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.s390x",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.x86_64",
"7Server:curl-0:7.29.0-25.el7.aarch64",
"7Server:curl-0:7.29.0-25.el7.ppc64",
"7Server:curl-0:7.29.0-25.el7.ppc64le",
"7Server:curl-0:7.29.0-25.el7.s390x",
"7Server:curl-0:7.29.0-25.el7.src",
"7Server:curl-0:7.29.0-25.el7.x86_64",
"7Server:curl-debuginfo-0:7.29.0-25.el7.aarch64",
"7Server:curl-debuginfo-0:7.29.0-25.el7.i686",
"7Server:curl-debuginfo-0:7.29.0-25.el7.ppc",
"7Server:curl-debuginfo-0:7.29.0-25.el7.ppc64",
"7Server:curl-debuginfo-0:7.29.0-25.el7.ppc64le",
"7Server:curl-debuginfo-0:7.29.0-25.el7.s390",
"7Server:curl-debuginfo-0:7.29.0-25.el7.s390x",
"7Server:curl-debuginfo-0:7.29.0-25.el7.x86_64",
"7Server:libcurl-0:7.29.0-25.el7.aarch64",
"7Server:libcurl-0:7.29.0-25.el7.i686",
"7Server:libcurl-0:7.29.0-25.el7.ppc",
"7Server:libcurl-0:7.29.0-25.el7.ppc64",
"7Server:libcurl-0:7.29.0-25.el7.ppc64le",
"7Server:libcurl-0:7.29.0-25.el7.s390",
"7Server:libcurl-0:7.29.0-25.el7.s390x",
"7Server:libcurl-0:7.29.0-25.el7.x86_64",
"7Server:libcurl-devel-0:7.29.0-25.el7.aarch64",
"7Server:libcurl-devel-0:7.29.0-25.el7.i686",
"7Server:libcurl-devel-0:7.29.0-25.el7.ppc",
"7Server:libcurl-devel-0:7.29.0-25.el7.ppc64",
"7Server:libcurl-devel-0:7.29.0-25.el7.ppc64le",
"7Server:libcurl-devel-0:7.29.0-25.el7.s390",
"7Server:libcurl-devel-0:7.29.0-25.el7.s390x",
"7Server:libcurl-devel-0:7.29.0-25.el7.x86_64",
"7Workstation:curl-0:7.29.0-25.el7.aarch64",
"7Workstation:curl-0:7.29.0-25.el7.ppc64",
"7Workstation:curl-0:7.29.0-25.el7.ppc64le",
"7Workstation:curl-0:7.29.0-25.el7.s390x",
"7Workstation:curl-0:7.29.0-25.el7.src",
"7Workstation:curl-0:7.29.0-25.el7.x86_64",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.aarch64",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.i686",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.ppc",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.ppc64",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.ppc64le",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.s390",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.s390x",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.x86_64",
"7Workstation:libcurl-0:7.29.0-25.el7.aarch64",
"7Workstation:libcurl-0:7.29.0-25.el7.i686",
"7Workstation:libcurl-0:7.29.0-25.el7.ppc",
"7Workstation:libcurl-0:7.29.0-25.el7.ppc64",
"7Workstation:libcurl-0:7.29.0-25.el7.ppc64le",
"7Workstation:libcurl-0:7.29.0-25.el7.s390",
"7Workstation:libcurl-0:7.29.0-25.el7.s390x",
"7Workstation:libcurl-0:7.29.0-25.el7.x86_64",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.aarch64",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.i686",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.ppc",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.ppc64",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.ppc64le",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.s390",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.s390x",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2014-3613"
},
{
"category": "external",
"summary": "RHBZ#1136154",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1136154"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2014-3613",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-3613"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-3613",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2014-3613"
},
{
"category": "external",
"summary": "http://curl.haxx.se/docs/adv_20140910A.html",
"url": "http://curl.haxx.se/docs/adv_20140910A.html"
}
],
"release_date": "2014-09-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2015-11-19T03:26:18+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Client-optional:curl-0:7.29.0-25.el7.aarch64",
"7Client-optional:curl-0:7.29.0-25.el7.ppc64",
"7Client-optional:curl-0:7.29.0-25.el7.ppc64le",
"7Client-optional:curl-0:7.29.0-25.el7.s390x",
"7Client-optional:curl-0:7.29.0-25.el7.src",
"7Client-optional:curl-0:7.29.0-25.el7.x86_64",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.aarch64",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.i686",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.ppc",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.ppc64",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.ppc64le",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.s390",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.s390x",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.x86_64",
"7Client-optional:libcurl-0:7.29.0-25.el7.aarch64",
"7Client-optional:libcurl-0:7.29.0-25.el7.i686",
"7Client-optional:libcurl-0:7.29.0-25.el7.ppc",
"7Client-optional:libcurl-0:7.29.0-25.el7.ppc64",
"7Client-optional:libcurl-0:7.29.0-25.el7.ppc64le",
"7Client-optional:libcurl-0:7.29.0-25.el7.s390",
"7Client-optional:libcurl-0:7.29.0-25.el7.s390x",
"7Client-optional:libcurl-0:7.29.0-25.el7.x86_64",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.aarch64",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.i686",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.ppc",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.ppc64",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.ppc64le",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.s390",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.s390x",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.x86_64",
"7Client:curl-0:7.29.0-25.el7.aarch64",
"7Client:curl-0:7.29.0-25.el7.ppc64",
"7Client:curl-0:7.29.0-25.el7.ppc64le",
"7Client:curl-0:7.29.0-25.el7.s390x",
"7Client:curl-0:7.29.0-25.el7.src",
"7Client:curl-0:7.29.0-25.el7.x86_64",
"7Client:curl-debuginfo-0:7.29.0-25.el7.aarch64",
"7Client:curl-debuginfo-0:7.29.0-25.el7.i686",
"7Client:curl-debuginfo-0:7.29.0-25.el7.ppc",
"7Client:curl-debuginfo-0:7.29.0-25.el7.ppc64",
"7Client:curl-debuginfo-0:7.29.0-25.el7.ppc64le",
"7Client:curl-debuginfo-0:7.29.0-25.el7.s390",
"7Client:curl-debuginfo-0:7.29.0-25.el7.s390x",
"7Client:curl-debuginfo-0:7.29.0-25.el7.x86_64",
"7Client:libcurl-0:7.29.0-25.el7.aarch64",
"7Client:libcurl-0:7.29.0-25.el7.i686",
"7Client:libcurl-0:7.29.0-25.el7.ppc",
"7Client:libcurl-0:7.29.0-25.el7.ppc64",
"7Client:libcurl-0:7.29.0-25.el7.ppc64le",
"7Client:libcurl-0:7.29.0-25.el7.s390",
"7Client:libcurl-0:7.29.0-25.el7.s390x",
"7Client:libcurl-0:7.29.0-25.el7.x86_64",
"7Client:libcurl-devel-0:7.29.0-25.el7.aarch64",
"7Client:libcurl-devel-0:7.29.0-25.el7.i686",
"7Client:libcurl-devel-0:7.29.0-25.el7.ppc",
"7Client:libcurl-devel-0:7.29.0-25.el7.ppc64",
"7Client:libcurl-devel-0:7.29.0-25.el7.ppc64le",
"7Client:libcurl-devel-0:7.29.0-25.el7.s390",
"7Client:libcurl-devel-0:7.29.0-25.el7.s390x",
"7Client:libcurl-devel-0:7.29.0-25.el7.x86_64",
"7ComputeNode-optional:curl-0:7.29.0-25.el7.aarch64",
"7ComputeNode-optional:curl-0:7.29.0-25.el7.ppc64",
"7ComputeNode-optional:curl-0:7.29.0-25.el7.ppc64le",
"7ComputeNode-optional:curl-0:7.29.0-25.el7.s390x",
"7ComputeNode-optional:curl-0:7.29.0-25.el7.src",
"7ComputeNode-optional:curl-0:7.29.0-25.el7.x86_64",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.aarch64",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.i686",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.ppc",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.ppc64",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.ppc64le",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.s390",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.s390x",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.x86_64",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.aarch64",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.i686",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.ppc",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.ppc64",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.ppc64le",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.s390",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.s390x",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.x86_64",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.aarch64",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.i686",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.ppc",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.ppc64",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.ppc64le",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.s390",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.s390x",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.x86_64",
"7ComputeNode:curl-0:7.29.0-25.el7.aarch64",
"7ComputeNode:curl-0:7.29.0-25.el7.ppc64",
"7ComputeNode:curl-0:7.29.0-25.el7.ppc64le",
"7ComputeNode:curl-0:7.29.0-25.el7.s390x",
"7ComputeNode:curl-0:7.29.0-25.el7.src",
"7ComputeNode:curl-0:7.29.0-25.el7.x86_64",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.aarch64",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.i686",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.ppc",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.ppc64",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.ppc64le",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.s390",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.s390x",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.x86_64",
"7ComputeNode:libcurl-0:7.29.0-25.el7.aarch64",
"7ComputeNode:libcurl-0:7.29.0-25.el7.i686",
"7ComputeNode:libcurl-0:7.29.0-25.el7.ppc",
"7ComputeNode:libcurl-0:7.29.0-25.el7.ppc64",
"7ComputeNode:libcurl-0:7.29.0-25.el7.ppc64le",
"7ComputeNode:libcurl-0:7.29.0-25.el7.s390",
"7ComputeNode:libcurl-0:7.29.0-25.el7.s390x",
"7ComputeNode:libcurl-0:7.29.0-25.el7.x86_64",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.aarch64",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.i686",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.ppc",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.ppc64",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.ppc64le",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.s390",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.s390x",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.x86_64",
"7Server:curl-0:7.29.0-25.el7.aarch64",
"7Server:curl-0:7.29.0-25.el7.ppc64",
"7Server:curl-0:7.29.0-25.el7.ppc64le",
"7Server:curl-0:7.29.0-25.el7.s390x",
"7Server:curl-0:7.29.0-25.el7.src",
"7Server:curl-0:7.29.0-25.el7.x86_64",
"7Server:curl-debuginfo-0:7.29.0-25.el7.aarch64",
"7Server:curl-debuginfo-0:7.29.0-25.el7.i686",
"7Server:curl-debuginfo-0:7.29.0-25.el7.ppc",
"7Server:curl-debuginfo-0:7.29.0-25.el7.ppc64",
"7Server:curl-debuginfo-0:7.29.0-25.el7.ppc64le",
"7Server:curl-debuginfo-0:7.29.0-25.el7.s390",
"7Server:curl-debuginfo-0:7.29.0-25.el7.s390x",
"7Server:curl-debuginfo-0:7.29.0-25.el7.x86_64",
"7Server:libcurl-0:7.29.0-25.el7.aarch64",
"7Server:libcurl-0:7.29.0-25.el7.i686",
"7Server:libcurl-0:7.29.0-25.el7.ppc",
"7Server:libcurl-0:7.29.0-25.el7.ppc64",
"7Server:libcurl-0:7.29.0-25.el7.ppc64le",
"7Server:libcurl-0:7.29.0-25.el7.s390",
"7Server:libcurl-0:7.29.0-25.el7.s390x",
"7Server:libcurl-0:7.29.0-25.el7.x86_64",
"7Server:libcurl-devel-0:7.29.0-25.el7.aarch64",
"7Server:libcurl-devel-0:7.29.0-25.el7.i686",
"7Server:libcurl-devel-0:7.29.0-25.el7.ppc",
"7Server:libcurl-devel-0:7.29.0-25.el7.ppc64",
"7Server:libcurl-devel-0:7.29.0-25.el7.ppc64le",
"7Server:libcurl-devel-0:7.29.0-25.el7.s390",
"7Server:libcurl-devel-0:7.29.0-25.el7.s390x",
"7Server:libcurl-devel-0:7.29.0-25.el7.x86_64",
"7Workstation:curl-0:7.29.0-25.el7.aarch64",
"7Workstation:curl-0:7.29.0-25.el7.ppc64",
"7Workstation:curl-0:7.29.0-25.el7.ppc64le",
"7Workstation:curl-0:7.29.0-25.el7.s390x",
"7Workstation:curl-0:7.29.0-25.el7.src",
"7Workstation:curl-0:7.29.0-25.el7.x86_64",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.aarch64",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.i686",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.ppc",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.ppc64",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.ppc64le",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.s390",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.s390x",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.x86_64",
"7Workstation:libcurl-0:7.29.0-25.el7.aarch64",
"7Workstation:libcurl-0:7.29.0-25.el7.i686",
"7Workstation:libcurl-0:7.29.0-25.el7.ppc",
"7Workstation:libcurl-0:7.29.0-25.el7.ppc64",
"7Workstation:libcurl-0:7.29.0-25.el7.ppc64le",
"7Workstation:libcurl-0:7.29.0-25.el7.s390",
"7Workstation:libcurl-0:7.29.0-25.el7.s390x",
"7Workstation:libcurl-0:7.29.0-25.el7.x86_64",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.aarch64",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.i686",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.ppc",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.ppc64",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.ppc64le",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.s390",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.s390x",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2015:2159"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"products": [
"7Client-optional:curl-0:7.29.0-25.el7.aarch64",
"7Client-optional:curl-0:7.29.0-25.el7.ppc64",
"7Client-optional:curl-0:7.29.0-25.el7.ppc64le",
"7Client-optional:curl-0:7.29.0-25.el7.s390x",
"7Client-optional:curl-0:7.29.0-25.el7.src",
"7Client-optional:curl-0:7.29.0-25.el7.x86_64",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.aarch64",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.i686",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.ppc",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.ppc64",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.ppc64le",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.s390",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.s390x",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.x86_64",
"7Client-optional:libcurl-0:7.29.0-25.el7.aarch64",
"7Client-optional:libcurl-0:7.29.0-25.el7.i686",
"7Client-optional:libcurl-0:7.29.0-25.el7.ppc",
"7Client-optional:libcurl-0:7.29.0-25.el7.ppc64",
"7Client-optional:libcurl-0:7.29.0-25.el7.ppc64le",
"7Client-optional:libcurl-0:7.29.0-25.el7.s390",
"7Client-optional:libcurl-0:7.29.0-25.el7.s390x",
"7Client-optional:libcurl-0:7.29.0-25.el7.x86_64",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.aarch64",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.i686",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.ppc",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.ppc64",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.ppc64le",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.s390",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.s390x",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.x86_64",
"7Client:curl-0:7.29.0-25.el7.aarch64",
"7Client:curl-0:7.29.0-25.el7.ppc64",
"7Client:curl-0:7.29.0-25.el7.ppc64le",
"7Client:curl-0:7.29.0-25.el7.s390x",
"7Client:curl-0:7.29.0-25.el7.src",
"7Client:curl-0:7.29.0-25.el7.x86_64",
"7Client:curl-debuginfo-0:7.29.0-25.el7.aarch64",
"7Client:curl-debuginfo-0:7.29.0-25.el7.i686",
"7Client:curl-debuginfo-0:7.29.0-25.el7.ppc",
"7Client:curl-debuginfo-0:7.29.0-25.el7.ppc64",
"7Client:curl-debuginfo-0:7.29.0-25.el7.ppc64le",
"7Client:curl-debuginfo-0:7.29.0-25.el7.s390",
"7Client:curl-debuginfo-0:7.29.0-25.el7.s390x",
"7Client:curl-debuginfo-0:7.29.0-25.el7.x86_64",
"7Client:libcurl-0:7.29.0-25.el7.aarch64",
"7Client:libcurl-0:7.29.0-25.el7.i686",
"7Client:libcurl-0:7.29.0-25.el7.ppc",
"7Client:libcurl-0:7.29.0-25.el7.ppc64",
"7Client:libcurl-0:7.29.0-25.el7.ppc64le",
"7Client:libcurl-0:7.29.0-25.el7.s390",
"7Client:libcurl-0:7.29.0-25.el7.s390x",
"7Client:libcurl-0:7.29.0-25.el7.x86_64",
"7Client:libcurl-devel-0:7.29.0-25.el7.aarch64",
"7Client:libcurl-devel-0:7.29.0-25.el7.i686",
"7Client:libcurl-devel-0:7.29.0-25.el7.ppc",
"7Client:libcurl-devel-0:7.29.0-25.el7.ppc64",
"7Client:libcurl-devel-0:7.29.0-25.el7.ppc64le",
"7Client:libcurl-devel-0:7.29.0-25.el7.s390",
"7Client:libcurl-devel-0:7.29.0-25.el7.s390x",
"7Client:libcurl-devel-0:7.29.0-25.el7.x86_64",
"7ComputeNode-optional:curl-0:7.29.0-25.el7.aarch64",
"7ComputeNode-optional:curl-0:7.29.0-25.el7.ppc64",
"7ComputeNode-optional:curl-0:7.29.0-25.el7.ppc64le",
"7ComputeNode-optional:curl-0:7.29.0-25.el7.s390x",
"7ComputeNode-optional:curl-0:7.29.0-25.el7.src",
"7ComputeNode-optional:curl-0:7.29.0-25.el7.x86_64",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.aarch64",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.i686",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.ppc",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.ppc64",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.ppc64le",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.s390",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.s390x",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.x86_64",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.aarch64",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.i686",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.ppc",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.ppc64",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.ppc64le",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.s390",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.s390x",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.x86_64",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.aarch64",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.i686",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.ppc",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.ppc64",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.ppc64le",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.s390",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.s390x",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.x86_64",
"7ComputeNode:curl-0:7.29.0-25.el7.aarch64",
"7ComputeNode:curl-0:7.29.0-25.el7.ppc64",
"7ComputeNode:curl-0:7.29.0-25.el7.ppc64le",
"7ComputeNode:curl-0:7.29.0-25.el7.s390x",
"7ComputeNode:curl-0:7.29.0-25.el7.src",
"7ComputeNode:curl-0:7.29.0-25.el7.x86_64",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.aarch64",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.i686",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.ppc",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.ppc64",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.ppc64le",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.s390",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.s390x",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.x86_64",
"7ComputeNode:libcurl-0:7.29.0-25.el7.aarch64",
"7ComputeNode:libcurl-0:7.29.0-25.el7.i686",
"7ComputeNode:libcurl-0:7.29.0-25.el7.ppc",
"7ComputeNode:libcurl-0:7.29.0-25.el7.ppc64",
"7ComputeNode:libcurl-0:7.29.0-25.el7.ppc64le",
"7ComputeNode:libcurl-0:7.29.0-25.el7.s390",
"7ComputeNode:libcurl-0:7.29.0-25.el7.s390x",
"7ComputeNode:libcurl-0:7.29.0-25.el7.x86_64",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.aarch64",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.i686",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.ppc",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.ppc64",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.ppc64le",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.s390",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.s390x",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.x86_64",
"7Server:curl-0:7.29.0-25.el7.aarch64",
"7Server:curl-0:7.29.0-25.el7.ppc64",
"7Server:curl-0:7.29.0-25.el7.ppc64le",
"7Server:curl-0:7.29.0-25.el7.s390x",
"7Server:curl-0:7.29.0-25.el7.src",
"7Server:curl-0:7.29.0-25.el7.x86_64",
"7Server:curl-debuginfo-0:7.29.0-25.el7.aarch64",
"7Server:curl-debuginfo-0:7.29.0-25.el7.i686",
"7Server:curl-debuginfo-0:7.29.0-25.el7.ppc",
"7Server:curl-debuginfo-0:7.29.0-25.el7.ppc64",
"7Server:curl-debuginfo-0:7.29.0-25.el7.ppc64le",
"7Server:curl-debuginfo-0:7.29.0-25.el7.s390",
"7Server:curl-debuginfo-0:7.29.0-25.el7.s390x",
"7Server:curl-debuginfo-0:7.29.0-25.el7.x86_64",
"7Server:libcurl-0:7.29.0-25.el7.aarch64",
"7Server:libcurl-0:7.29.0-25.el7.i686",
"7Server:libcurl-0:7.29.0-25.el7.ppc",
"7Server:libcurl-0:7.29.0-25.el7.ppc64",
"7Server:libcurl-0:7.29.0-25.el7.ppc64le",
"7Server:libcurl-0:7.29.0-25.el7.s390",
"7Server:libcurl-0:7.29.0-25.el7.s390x",
"7Server:libcurl-0:7.29.0-25.el7.x86_64",
"7Server:libcurl-devel-0:7.29.0-25.el7.aarch64",
"7Server:libcurl-devel-0:7.29.0-25.el7.i686",
"7Server:libcurl-devel-0:7.29.0-25.el7.ppc",
"7Server:libcurl-devel-0:7.29.0-25.el7.ppc64",
"7Server:libcurl-devel-0:7.29.0-25.el7.ppc64le",
"7Server:libcurl-devel-0:7.29.0-25.el7.s390",
"7Server:libcurl-devel-0:7.29.0-25.el7.s390x",
"7Server:libcurl-devel-0:7.29.0-25.el7.x86_64",
"7Workstation:curl-0:7.29.0-25.el7.aarch64",
"7Workstation:curl-0:7.29.0-25.el7.ppc64",
"7Workstation:curl-0:7.29.0-25.el7.ppc64le",
"7Workstation:curl-0:7.29.0-25.el7.s390x",
"7Workstation:curl-0:7.29.0-25.el7.src",
"7Workstation:curl-0:7.29.0-25.el7.x86_64",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.aarch64",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.i686",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.ppc",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.ppc64",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.ppc64le",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.s390",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.s390x",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.x86_64",
"7Workstation:libcurl-0:7.29.0-25.el7.aarch64",
"7Workstation:libcurl-0:7.29.0-25.el7.i686",
"7Workstation:libcurl-0:7.29.0-25.el7.ppc",
"7Workstation:libcurl-0:7.29.0-25.el7.ppc64",
"7Workstation:libcurl-0:7.29.0-25.el7.ppc64le",
"7Workstation:libcurl-0:7.29.0-25.el7.s390",
"7Workstation:libcurl-0:7.29.0-25.el7.s390x",
"7Workstation:libcurl-0:7.29.0-25.el7.x86_64",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.aarch64",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.i686",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.ppc",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.ppc64",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.ppc64le",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.s390",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.s390x",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "curl: incorrect handling of IP addresses in cookie domain"
},
{
"acknowledgments": [
{
"names": [
"cURL project"
]
},
{
"names": [
"Symeon Paraschoudis"
],
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2014-3707",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2014-10-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1154941"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the way the libcurl library performed the duplication of connection handles. If an application set the CURLOPT_COPYPOSTFIELDS option for a handle, using the handle\u0027s duplicate could cause the application to crash or disclose a portion of its memory.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "curl: incorrect handle duplication after COPYPOSTFIELDS",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue does not affect the versions of curl as shipped with Red Hat Enterprise Linux 5.\n\nNote that there are no applications provided with Red Hat Enterprise Linux that use the vulnerable CURLOPT_COPYPOSTFIELDS option, except PHP which could only be affected if used in an extremely unlikely scenario or via the script\u0027s author.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Client-optional:curl-0:7.29.0-25.el7.aarch64",
"7Client-optional:curl-0:7.29.0-25.el7.ppc64",
"7Client-optional:curl-0:7.29.0-25.el7.ppc64le",
"7Client-optional:curl-0:7.29.0-25.el7.s390x",
"7Client-optional:curl-0:7.29.0-25.el7.src",
"7Client-optional:curl-0:7.29.0-25.el7.x86_64",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.aarch64",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.i686",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.ppc",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.ppc64",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.ppc64le",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.s390",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.s390x",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.x86_64",
"7Client-optional:libcurl-0:7.29.0-25.el7.aarch64",
"7Client-optional:libcurl-0:7.29.0-25.el7.i686",
"7Client-optional:libcurl-0:7.29.0-25.el7.ppc",
"7Client-optional:libcurl-0:7.29.0-25.el7.ppc64",
"7Client-optional:libcurl-0:7.29.0-25.el7.ppc64le",
"7Client-optional:libcurl-0:7.29.0-25.el7.s390",
"7Client-optional:libcurl-0:7.29.0-25.el7.s390x",
"7Client-optional:libcurl-0:7.29.0-25.el7.x86_64",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.aarch64",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.i686",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.ppc",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.ppc64",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.ppc64le",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.s390",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.s390x",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.x86_64",
"7Client:curl-0:7.29.0-25.el7.aarch64",
"7Client:curl-0:7.29.0-25.el7.ppc64",
"7Client:curl-0:7.29.0-25.el7.ppc64le",
"7Client:curl-0:7.29.0-25.el7.s390x",
"7Client:curl-0:7.29.0-25.el7.src",
"7Client:curl-0:7.29.0-25.el7.x86_64",
"7Client:curl-debuginfo-0:7.29.0-25.el7.aarch64",
"7Client:curl-debuginfo-0:7.29.0-25.el7.i686",
"7Client:curl-debuginfo-0:7.29.0-25.el7.ppc",
"7Client:curl-debuginfo-0:7.29.0-25.el7.ppc64",
"7Client:curl-debuginfo-0:7.29.0-25.el7.ppc64le",
"7Client:curl-debuginfo-0:7.29.0-25.el7.s390",
"7Client:curl-debuginfo-0:7.29.0-25.el7.s390x",
"7Client:curl-debuginfo-0:7.29.0-25.el7.x86_64",
"7Client:libcurl-0:7.29.0-25.el7.aarch64",
"7Client:libcurl-0:7.29.0-25.el7.i686",
"7Client:libcurl-0:7.29.0-25.el7.ppc",
"7Client:libcurl-0:7.29.0-25.el7.ppc64",
"7Client:libcurl-0:7.29.0-25.el7.ppc64le",
"7Client:libcurl-0:7.29.0-25.el7.s390",
"7Client:libcurl-0:7.29.0-25.el7.s390x",
"7Client:libcurl-0:7.29.0-25.el7.x86_64",
"7Client:libcurl-devel-0:7.29.0-25.el7.aarch64",
"7Client:libcurl-devel-0:7.29.0-25.el7.i686",
"7Client:libcurl-devel-0:7.29.0-25.el7.ppc",
"7Client:libcurl-devel-0:7.29.0-25.el7.ppc64",
"7Client:libcurl-devel-0:7.29.0-25.el7.ppc64le",
"7Client:libcurl-devel-0:7.29.0-25.el7.s390",
"7Client:libcurl-devel-0:7.29.0-25.el7.s390x",
"7Client:libcurl-devel-0:7.29.0-25.el7.x86_64",
"7ComputeNode-optional:curl-0:7.29.0-25.el7.aarch64",
"7ComputeNode-optional:curl-0:7.29.0-25.el7.ppc64",
"7ComputeNode-optional:curl-0:7.29.0-25.el7.ppc64le",
"7ComputeNode-optional:curl-0:7.29.0-25.el7.s390x",
"7ComputeNode-optional:curl-0:7.29.0-25.el7.src",
"7ComputeNode-optional:curl-0:7.29.0-25.el7.x86_64",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.aarch64",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.i686",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.ppc",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.ppc64",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.ppc64le",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.s390",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.s390x",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.x86_64",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.aarch64",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.i686",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.ppc",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.ppc64",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.ppc64le",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.s390",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.s390x",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.x86_64",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.aarch64",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.i686",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.ppc",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.ppc64",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.ppc64le",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.s390",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.s390x",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.x86_64",
"7ComputeNode:curl-0:7.29.0-25.el7.aarch64",
"7ComputeNode:curl-0:7.29.0-25.el7.ppc64",
"7ComputeNode:curl-0:7.29.0-25.el7.ppc64le",
"7ComputeNode:curl-0:7.29.0-25.el7.s390x",
"7ComputeNode:curl-0:7.29.0-25.el7.src",
"7ComputeNode:curl-0:7.29.0-25.el7.x86_64",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.aarch64",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.i686",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.ppc",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.ppc64",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.ppc64le",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.s390",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.s390x",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.x86_64",
"7ComputeNode:libcurl-0:7.29.0-25.el7.aarch64",
"7ComputeNode:libcurl-0:7.29.0-25.el7.i686",
"7ComputeNode:libcurl-0:7.29.0-25.el7.ppc",
"7ComputeNode:libcurl-0:7.29.0-25.el7.ppc64",
"7ComputeNode:libcurl-0:7.29.0-25.el7.ppc64le",
"7ComputeNode:libcurl-0:7.29.0-25.el7.s390",
"7ComputeNode:libcurl-0:7.29.0-25.el7.s390x",
"7ComputeNode:libcurl-0:7.29.0-25.el7.x86_64",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.aarch64",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.i686",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.ppc",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.ppc64",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.ppc64le",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.s390",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.s390x",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.x86_64",
"7Server:curl-0:7.29.0-25.el7.aarch64",
"7Server:curl-0:7.29.0-25.el7.ppc64",
"7Server:curl-0:7.29.0-25.el7.ppc64le",
"7Server:curl-0:7.29.0-25.el7.s390x",
"7Server:curl-0:7.29.0-25.el7.src",
"7Server:curl-0:7.29.0-25.el7.x86_64",
"7Server:curl-debuginfo-0:7.29.0-25.el7.aarch64",
"7Server:curl-debuginfo-0:7.29.0-25.el7.i686",
"7Server:curl-debuginfo-0:7.29.0-25.el7.ppc",
"7Server:curl-debuginfo-0:7.29.0-25.el7.ppc64",
"7Server:curl-debuginfo-0:7.29.0-25.el7.ppc64le",
"7Server:curl-debuginfo-0:7.29.0-25.el7.s390",
"7Server:curl-debuginfo-0:7.29.0-25.el7.s390x",
"7Server:curl-debuginfo-0:7.29.0-25.el7.x86_64",
"7Server:libcurl-0:7.29.0-25.el7.aarch64",
"7Server:libcurl-0:7.29.0-25.el7.i686",
"7Server:libcurl-0:7.29.0-25.el7.ppc",
"7Server:libcurl-0:7.29.0-25.el7.ppc64",
"7Server:libcurl-0:7.29.0-25.el7.ppc64le",
"7Server:libcurl-0:7.29.0-25.el7.s390",
"7Server:libcurl-0:7.29.0-25.el7.s390x",
"7Server:libcurl-0:7.29.0-25.el7.x86_64",
"7Server:libcurl-devel-0:7.29.0-25.el7.aarch64",
"7Server:libcurl-devel-0:7.29.0-25.el7.i686",
"7Server:libcurl-devel-0:7.29.0-25.el7.ppc",
"7Server:libcurl-devel-0:7.29.0-25.el7.ppc64",
"7Server:libcurl-devel-0:7.29.0-25.el7.ppc64le",
"7Server:libcurl-devel-0:7.29.0-25.el7.s390",
"7Server:libcurl-devel-0:7.29.0-25.el7.s390x",
"7Server:libcurl-devel-0:7.29.0-25.el7.x86_64",
"7Workstation:curl-0:7.29.0-25.el7.aarch64",
"7Workstation:curl-0:7.29.0-25.el7.ppc64",
"7Workstation:curl-0:7.29.0-25.el7.ppc64le",
"7Workstation:curl-0:7.29.0-25.el7.s390x",
"7Workstation:curl-0:7.29.0-25.el7.src",
"7Workstation:curl-0:7.29.0-25.el7.x86_64",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.aarch64",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.i686",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.ppc",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.ppc64",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.ppc64le",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.s390",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.s390x",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.x86_64",
"7Workstation:libcurl-0:7.29.0-25.el7.aarch64",
"7Workstation:libcurl-0:7.29.0-25.el7.i686",
"7Workstation:libcurl-0:7.29.0-25.el7.ppc",
"7Workstation:libcurl-0:7.29.0-25.el7.ppc64",
"7Workstation:libcurl-0:7.29.0-25.el7.ppc64le",
"7Workstation:libcurl-0:7.29.0-25.el7.s390",
"7Workstation:libcurl-0:7.29.0-25.el7.s390x",
"7Workstation:libcurl-0:7.29.0-25.el7.x86_64",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.aarch64",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.i686",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.ppc",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.ppc64",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.ppc64le",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.s390",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.s390x",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2014-3707"
},
{
"category": "external",
"summary": "RHBZ#1154941",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1154941"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2014-3707",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-3707"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-3707",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2014-3707"
},
{
"category": "external",
"summary": "http://curl.haxx.se/docs/adv_20141105.html",
"url": "http://curl.haxx.se/docs/adv_20141105.html"
}
],
"release_date": "2014-11-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2015-11-19T03:26:18+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Client-optional:curl-0:7.29.0-25.el7.aarch64",
"7Client-optional:curl-0:7.29.0-25.el7.ppc64",
"7Client-optional:curl-0:7.29.0-25.el7.ppc64le",
"7Client-optional:curl-0:7.29.0-25.el7.s390x",
"7Client-optional:curl-0:7.29.0-25.el7.src",
"7Client-optional:curl-0:7.29.0-25.el7.x86_64",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.aarch64",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.i686",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.ppc",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.ppc64",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.ppc64le",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.s390",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.s390x",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.x86_64",
"7Client-optional:libcurl-0:7.29.0-25.el7.aarch64",
"7Client-optional:libcurl-0:7.29.0-25.el7.i686",
"7Client-optional:libcurl-0:7.29.0-25.el7.ppc",
"7Client-optional:libcurl-0:7.29.0-25.el7.ppc64",
"7Client-optional:libcurl-0:7.29.0-25.el7.ppc64le",
"7Client-optional:libcurl-0:7.29.0-25.el7.s390",
"7Client-optional:libcurl-0:7.29.0-25.el7.s390x",
"7Client-optional:libcurl-0:7.29.0-25.el7.x86_64",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.aarch64",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.i686",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.ppc",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.ppc64",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.ppc64le",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.s390",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.s390x",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.x86_64",
"7Client:curl-0:7.29.0-25.el7.aarch64",
"7Client:curl-0:7.29.0-25.el7.ppc64",
"7Client:curl-0:7.29.0-25.el7.ppc64le",
"7Client:curl-0:7.29.0-25.el7.s390x",
"7Client:curl-0:7.29.0-25.el7.src",
"7Client:curl-0:7.29.0-25.el7.x86_64",
"7Client:curl-debuginfo-0:7.29.0-25.el7.aarch64",
"7Client:curl-debuginfo-0:7.29.0-25.el7.i686",
"7Client:curl-debuginfo-0:7.29.0-25.el7.ppc",
"7Client:curl-debuginfo-0:7.29.0-25.el7.ppc64",
"7Client:curl-debuginfo-0:7.29.0-25.el7.ppc64le",
"7Client:curl-debuginfo-0:7.29.0-25.el7.s390",
"7Client:curl-debuginfo-0:7.29.0-25.el7.s390x",
"7Client:curl-debuginfo-0:7.29.0-25.el7.x86_64",
"7Client:libcurl-0:7.29.0-25.el7.aarch64",
"7Client:libcurl-0:7.29.0-25.el7.i686",
"7Client:libcurl-0:7.29.0-25.el7.ppc",
"7Client:libcurl-0:7.29.0-25.el7.ppc64",
"7Client:libcurl-0:7.29.0-25.el7.ppc64le",
"7Client:libcurl-0:7.29.0-25.el7.s390",
"7Client:libcurl-0:7.29.0-25.el7.s390x",
"7Client:libcurl-0:7.29.0-25.el7.x86_64",
"7Client:libcurl-devel-0:7.29.0-25.el7.aarch64",
"7Client:libcurl-devel-0:7.29.0-25.el7.i686",
"7Client:libcurl-devel-0:7.29.0-25.el7.ppc",
"7Client:libcurl-devel-0:7.29.0-25.el7.ppc64",
"7Client:libcurl-devel-0:7.29.0-25.el7.ppc64le",
"7Client:libcurl-devel-0:7.29.0-25.el7.s390",
"7Client:libcurl-devel-0:7.29.0-25.el7.s390x",
"7Client:libcurl-devel-0:7.29.0-25.el7.x86_64",
"7ComputeNode-optional:curl-0:7.29.0-25.el7.aarch64",
"7ComputeNode-optional:curl-0:7.29.0-25.el7.ppc64",
"7ComputeNode-optional:curl-0:7.29.0-25.el7.ppc64le",
"7ComputeNode-optional:curl-0:7.29.0-25.el7.s390x",
"7ComputeNode-optional:curl-0:7.29.0-25.el7.src",
"7ComputeNode-optional:curl-0:7.29.0-25.el7.x86_64",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.aarch64",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.i686",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.ppc",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.ppc64",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.ppc64le",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.s390",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.s390x",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.x86_64",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.aarch64",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.i686",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.ppc",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.ppc64",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.ppc64le",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.s390",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.s390x",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.x86_64",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.aarch64",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.i686",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.ppc",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.ppc64",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.ppc64le",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.s390",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.s390x",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.x86_64",
"7ComputeNode:curl-0:7.29.0-25.el7.aarch64",
"7ComputeNode:curl-0:7.29.0-25.el7.ppc64",
"7ComputeNode:curl-0:7.29.0-25.el7.ppc64le",
"7ComputeNode:curl-0:7.29.0-25.el7.s390x",
"7ComputeNode:curl-0:7.29.0-25.el7.src",
"7ComputeNode:curl-0:7.29.0-25.el7.x86_64",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.aarch64",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.i686",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.ppc",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.ppc64",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.ppc64le",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.s390",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.s390x",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.x86_64",
"7ComputeNode:libcurl-0:7.29.0-25.el7.aarch64",
"7ComputeNode:libcurl-0:7.29.0-25.el7.i686",
"7ComputeNode:libcurl-0:7.29.0-25.el7.ppc",
"7ComputeNode:libcurl-0:7.29.0-25.el7.ppc64",
"7ComputeNode:libcurl-0:7.29.0-25.el7.ppc64le",
"7ComputeNode:libcurl-0:7.29.0-25.el7.s390",
"7ComputeNode:libcurl-0:7.29.0-25.el7.s390x",
"7ComputeNode:libcurl-0:7.29.0-25.el7.x86_64",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.aarch64",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.i686",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.ppc",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.ppc64",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.ppc64le",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.s390",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.s390x",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.x86_64",
"7Server:curl-0:7.29.0-25.el7.aarch64",
"7Server:curl-0:7.29.0-25.el7.ppc64",
"7Server:curl-0:7.29.0-25.el7.ppc64le",
"7Server:curl-0:7.29.0-25.el7.s390x",
"7Server:curl-0:7.29.0-25.el7.src",
"7Server:curl-0:7.29.0-25.el7.x86_64",
"7Server:curl-debuginfo-0:7.29.0-25.el7.aarch64",
"7Server:curl-debuginfo-0:7.29.0-25.el7.i686",
"7Server:curl-debuginfo-0:7.29.0-25.el7.ppc",
"7Server:curl-debuginfo-0:7.29.0-25.el7.ppc64",
"7Server:curl-debuginfo-0:7.29.0-25.el7.ppc64le",
"7Server:curl-debuginfo-0:7.29.0-25.el7.s390",
"7Server:curl-debuginfo-0:7.29.0-25.el7.s390x",
"7Server:curl-debuginfo-0:7.29.0-25.el7.x86_64",
"7Server:libcurl-0:7.29.0-25.el7.aarch64",
"7Server:libcurl-0:7.29.0-25.el7.i686",
"7Server:libcurl-0:7.29.0-25.el7.ppc",
"7Server:libcurl-0:7.29.0-25.el7.ppc64",
"7Server:libcurl-0:7.29.0-25.el7.ppc64le",
"7Server:libcurl-0:7.29.0-25.el7.s390",
"7Server:libcurl-0:7.29.0-25.el7.s390x",
"7Server:libcurl-0:7.29.0-25.el7.x86_64",
"7Server:libcurl-devel-0:7.29.0-25.el7.aarch64",
"7Server:libcurl-devel-0:7.29.0-25.el7.i686",
"7Server:libcurl-devel-0:7.29.0-25.el7.ppc",
"7Server:libcurl-devel-0:7.29.0-25.el7.ppc64",
"7Server:libcurl-devel-0:7.29.0-25.el7.ppc64le",
"7Server:libcurl-devel-0:7.29.0-25.el7.s390",
"7Server:libcurl-devel-0:7.29.0-25.el7.s390x",
"7Server:libcurl-devel-0:7.29.0-25.el7.x86_64",
"7Workstation:curl-0:7.29.0-25.el7.aarch64",
"7Workstation:curl-0:7.29.0-25.el7.ppc64",
"7Workstation:curl-0:7.29.0-25.el7.ppc64le",
"7Workstation:curl-0:7.29.0-25.el7.s390x",
"7Workstation:curl-0:7.29.0-25.el7.src",
"7Workstation:curl-0:7.29.0-25.el7.x86_64",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.aarch64",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.i686",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.ppc",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.ppc64",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.ppc64le",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.s390",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.s390x",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.x86_64",
"7Workstation:libcurl-0:7.29.0-25.el7.aarch64",
"7Workstation:libcurl-0:7.29.0-25.el7.i686",
"7Workstation:libcurl-0:7.29.0-25.el7.ppc",
"7Workstation:libcurl-0:7.29.0-25.el7.ppc64",
"7Workstation:libcurl-0:7.29.0-25.el7.ppc64le",
"7Workstation:libcurl-0:7.29.0-25.el7.s390",
"7Workstation:libcurl-0:7.29.0-25.el7.s390x",
"7Workstation:libcurl-0:7.29.0-25.el7.x86_64",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.aarch64",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.i686",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.ppc",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.ppc64",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.ppc64le",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.s390",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.s390x",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2015:2159"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:H/Au:N/C:P/I:N/A:P",
"version": "2.0"
},
"products": [
"7Client-optional:curl-0:7.29.0-25.el7.aarch64",
"7Client-optional:curl-0:7.29.0-25.el7.ppc64",
"7Client-optional:curl-0:7.29.0-25.el7.ppc64le",
"7Client-optional:curl-0:7.29.0-25.el7.s390x",
"7Client-optional:curl-0:7.29.0-25.el7.src",
"7Client-optional:curl-0:7.29.0-25.el7.x86_64",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.aarch64",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.i686",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.ppc",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.ppc64",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.ppc64le",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.s390",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.s390x",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.x86_64",
"7Client-optional:libcurl-0:7.29.0-25.el7.aarch64",
"7Client-optional:libcurl-0:7.29.0-25.el7.i686",
"7Client-optional:libcurl-0:7.29.0-25.el7.ppc",
"7Client-optional:libcurl-0:7.29.0-25.el7.ppc64",
"7Client-optional:libcurl-0:7.29.0-25.el7.ppc64le",
"7Client-optional:libcurl-0:7.29.0-25.el7.s390",
"7Client-optional:libcurl-0:7.29.0-25.el7.s390x",
"7Client-optional:libcurl-0:7.29.0-25.el7.x86_64",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.aarch64",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.i686",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.ppc",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.ppc64",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.ppc64le",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.s390",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.s390x",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.x86_64",
"7Client:curl-0:7.29.0-25.el7.aarch64",
"7Client:curl-0:7.29.0-25.el7.ppc64",
"7Client:curl-0:7.29.0-25.el7.ppc64le",
"7Client:curl-0:7.29.0-25.el7.s390x",
"7Client:curl-0:7.29.0-25.el7.src",
"7Client:curl-0:7.29.0-25.el7.x86_64",
"7Client:curl-debuginfo-0:7.29.0-25.el7.aarch64",
"7Client:curl-debuginfo-0:7.29.0-25.el7.i686",
"7Client:curl-debuginfo-0:7.29.0-25.el7.ppc",
"7Client:curl-debuginfo-0:7.29.0-25.el7.ppc64",
"7Client:curl-debuginfo-0:7.29.0-25.el7.ppc64le",
"7Client:curl-debuginfo-0:7.29.0-25.el7.s390",
"7Client:curl-debuginfo-0:7.29.0-25.el7.s390x",
"7Client:curl-debuginfo-0:7.29.0-25.el7.x86_64",
"7Client:libcurl-0:7.29.0-25.el7.aarch64",
"7Client:libcurl-0:7.29.0-25.el7.i686",
"7Client:libcurl-0:7.29.0-25.el7.ppc",
"7Client:libcurl-0:7.29.0-25.el7.ppc64",
"7Client:libcurl-0:7.29.0-25.el7.ppc64le",
"7Client:libcurl-0:7.29.0-25.el7.s390",
"7Client:libcurl-0:7.29.0-25.el7.s390x",
"7Client:libcurl-0:7.29.0-25.el7.x86_64",
"7Client:libcurl-devel-0:7.29.0-25.el7.aarch64",
"7Client:libcurl-devel-0:7.29.0-25.el7.i686",
"7Client:libcurl-devel-0:7.29.0-25.el7.ppc",
"7Client:libcurl-devel-0:7.29.0-25.el7.ppc64",
"7Client:libcurl-devel-0:7.29.0-25.el7.ppc64le",
"7Client:libcurl-devel-0:7.29.0-25.el7.s390",
"7Client:libcurl-devel-0:7.29.0-25.el7.s390x",
"7Client:libcurl-devel-0:7.29.0-25.el7.x86_64",
"7ComputeNode-optional:curl-0:7.29.0-25.el7.aarch64",
"7ComputeNode-optional:curl-0:7.29.0-25.el7.ppc64",
"7ComputeNode-optional:curl-0:7.29.0-25.el7.ppc64le",
"7ComputeNode-optional:curl-0:7.29.0-25.el7.s390x",
"7ComputeNode-optional:curl-0:7.29.0-25.el7.src",
"7ComputeNode-optional:curl-0:7.29.0-25.el7.x86_64",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.aarch64",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.i686",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.ppc",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.ppc64",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.ppc64le",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.s390",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.s390x",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.x86_64",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.aarch64",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.i686",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.ppc",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.ppc64",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.ppc64le",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.s390",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.s390x",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.x86_64",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.aarch64",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.i686",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.ppc",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.ppc64",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.ppc64le",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.s390",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.s390x",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.x86_64",
"7ComputeNode:curl-0:7.29.0-25.el7.aarch64",
"7ComputeNode:curl-0:7.29.0-25.el7.ppc64",
"7ComputeNode:curl-0:7.29.0-25.el7.ppc64le",
"7ComputeNode:curl-0:7.29.0-25.el7.s390x",
"7ComputeNode:curl-0:7.29.0-25.el7.src",
"7ComputeNode:curl-0:7.29.0-25.el7.x86_64",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.aarch64",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.i686",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.ppc",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.ppc64",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.ppc64le",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.s390",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.s390x",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.x86_64",
"7ComputeNode:libcurl-0:7.29.0-25.el7.aarch64",
"7ComputeNode:libcurl-0:7.29.0-25.el7.i686",
"7ComputeNode:libcurl-0:7.29.0-25.el7.ppc",
"7ComputeNode:libcurl-0:7.29.0-25.el7.ppc64",
"7ComputeNode:libcurl-0:7.29.0-25.el7.ppc64le",
"7ComputeNode:libcurl-0:7.29.0-25.el7.s390",
"7ComputeNode:libcurl-0:7.29.0-25.el7.s390x",
"7ComputeNode:libcurl-0:7.29.0-25.el7.x86_64",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.aarch64",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.i686",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.ppc",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.ppc64",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.ppc64le",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.s390",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.s390x",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.x86_64",
"7Server:curl-0:7.29.0-25.el7.aarch64",
"7Server:curl-0:7.29.0-25.el7.ppc64",
"7Server:curl-0:7.29.0-25.el7.ppc64le",
"7Server:curl-0:7.29.0-25.el7.s390x",
"7Server:curl-0:7.29.0-25.el7.src",
"7Server:curl-0:7.29.0-25.el7.x86_64",
"7Server:curl-debuginfo-0:7.29.0-25.el7.aarch64",
"7Server:curl-debuginfo-0:7.29.0-25.el7.i686",
"7Server:curl-debuginfo-0:7.29.0-25.el7.ppc",
"7Server:curl-debuginfo-0:7.29.0-25.el7.ppc64",
"7Server:curl-debuginfo-0:7.29.0-25.el7.ppc64le",
"7Server:curl-debuginfo-0:7.29.0-25.el7.s390",
"7Server:curl-debuginfo-0:7.29.0-25.el7.s390x",
"7Server:curl-debuginfo-0:7.29.0-25.el7.x86_64",
"7Server:libcurl-0:7.29.0-25.el7.aarch64",
"7Server:libcurl-0:7.29.0-25.el7.i686",
"7Server:libcurl-0:7.29.0-25.el7.ppc",
"7Server:libcurl-0:7.29.0-25.el7.ppc64",
"7Server:libcurl-0:7.29.0-25.el7.ppc64le",
"7Server:libcurl-0:7.29.0-25.el7.s390",
"7Server:libcurl-0:7.29.0-25.el7.s390x",
"7Server:libcurl-0:7.29.0-25.el7.x86_64",
"7Server:libcurl-devel-0:7.29.0-25.el7.aarch64",
"7Server:libcurl-devel-0:7.29.0-25.el7.i686",
"7Server:libcurl-devel-0:7.29.0-25.el7.ppc",
"7Server:libcurl-devel-0:7.29.0-25.el7.ppc64",
"7Server:libcurl-devel-0:7.29.0-25.el7.ppc64le",
"7Server:libcurl-devel-0:7.29.0-25.el7.s390",
"7Server:libcurl-devel-0:7.29.0-25.el7.s390x",
"7Server:libcurl-devel-0:7.29.0-25.el7.x86_64",
"7Workstation:curl-0:7.29.0-25.el7.aarch64",
"7Workstation:curl-0:7.29.0-25.el7.ppc64",
"7Workstation:curl-0:7.29.0-25.el7.ppc64le",
"7Workstation:curl-0:7.29.0-25.el7.s390x",
"7Workstation:curl-0:7.29.0-25.el7.src",
"7Workstation:curl-0:7.29.0-25.el7.x86_64",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.aarch64",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.i686",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.ppc",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.ppc64",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.ppc64le",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.s390",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.s390x",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.x86_64",
"7Workstation:libcurl-0:7.29.0-25.el7.aarch64",
"7Workstation:libcurl-0:7.29.0-25.el7.i686",
"7Workstation:libcurl-0:7.29.0-25.el7.ppc",
"7Workstation:libcurl-0:7.29.0-25.el7.ppc64",
"7Workstation:libcurl-0:7.29.0-25.el7.ppc64le",
"7Workstation:libcurl-0:7.29.0-25.el7.s390",
"7Workstation:libcurl-0:7.29.0-25.el7.s390x",
"7Workstation:libcurl-0:7.29.0-25.el7.x86_64",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.aarch64",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.i686",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.ppc",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.ppc64",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.ppc64le",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.s390",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.s390x",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "curl: incorrect handle duplication after COPYPOSTFIELDS"
},
{
"acknowledgments": [
{
"names": [
"cURL project"
]
},
{
"names": [
"Andrey Labunets"
],
"organization": "Facebook",
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2014-8150",
"cwe": {
"id": "CWE-113",
"name": "Improper Neutralization of CRLF Sequences in HTTP Headers (\u0027HTTP Request/Response Splitting\u0027)"
},
"discovery_date": "2015-01-05T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1178692"
}
],
"notes": [
{
"category": "description",
"text": "It was discovered that the libcurl library failed to properly handle URLs with embedded end-of-line characters. An attacker able to make an application using libcurl access a specially crafted URL via an HTTP proxy could use this flaw to inject additional headers to the request or construct additional requests.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "curl: URL request injection vulnerability in parseurlandfillconn()",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Enterprise Linux 5 is now in Production 3 Phase of the support and maintenance life cycle. This has been rated as having Moderate security impact and is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Enterprise Linux Life Cycle: https://access.redhat.com/support/policy/updates/errata/.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Client-optional:curl-0:7.29.0-25.el7.aarch64",
"7Client-optional:curl-0:7.29.0-25.el7.ppc64",
"7Client-optional:curl-0:7.29.0-25.el7.ppc64le",
"7Client-optional:curl-0:7.29.0-25.el7.s390x",
"7Client-optional:curl-0:7.29.0-25.el7.src",
"7Client-optional:curl-0:7.29.0-25.el7.x86_64",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.aarch64",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.i686",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.ppc",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.ppc64",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.ppc64le",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.s390",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.s390x",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.x86_64",
"7Client-optional:libcurl-0:7.29.0-25.el7.aarch64",
"7Client-optional:libcurl-0:7.29.0-25.el7.i686",
"7Client-optional:libcurl-0:7.29.0-25.el7.ppc",
"7Client-optional:libcurl-0:7.29.0-25.el7.ppc64",
"7Client-optional:libcurl-0:7.29.0-25.el7.ppc64le",
"7Client-optional:libcurl-0:7.29.0-25.el7.s390",
"7Client-optional:libcurl-0:7.29.0-25.el7.s390x",
"7Client-optional:libcurl-0:7.29.0-25.el7.x86_64",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.aarch64",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.i686",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.ppc",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.ppc64",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.ppc64le",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.s390",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.s390x",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.x86_64",
"7Client:curl-0:7.29.0-25.el7.aarch64",
"7Client:curl-0:7.29.0-25.el7.ppc64",
"7Client:curl-0:7.29.0-25.el7.ppc64le",
"7Client:curl-0:7.29.0-25.el7.s390x",
"7Client:curl-0:7.29.0-25.el7.src",
"7Client:curl-0:7.29.0-25.el7.x86_64",
"7Client:curl-debuginfo-0:7.29.0-25.el7.aarch64",
"7Client:curl-debuginfo-0:7.29.0-25.el7.i686",
"7Client:curl-debuginfo-0:7.29.0-25.el7.ppc",
"7Client:curl-debuginfo-0:7.29.0-25.el7.ppc64",
"7Client:curl-debuginfo-0:7.29.0-25.el7.ppc64le",
"7Client:curl-debuginfo-0:7.29.0-25.el7.s390",
"7Client:curl-debuginfo-0:7.29.0-25.el7.s390x",
"7Client:curl-debuginfo-0:7.29.0-25.el7.x86_64",
"7Client:libcurl-0:7.29.0-25.el7.aarch64",
"7Client:libcurl-0:7.29.0-25.el7.i686",
"7Client:libcurl-0:7.29.0-25.el7.ppc",
"7Client:libcurl-0:7.29.0-25.el7.ppc64",
"7Client:libcurl-0:7.29.0-25.el7.ppc64le",
"7Client:libcurl-0:7.29.0-25.el7.s390",
"7Client:libcurl-0:7.29.0-25.el7.s390x",
"7Client:libcurl-0:7.29.0-25.el7.x86_64",
"7Client:libcurl-devel-0:7.29.0-25.el7.aarch64",
"7Client:libcurl-devel-0:7.29.0-25.el7.i686",
"7Client:libcurl-devel-0:7.29.0-25.el7.ppc",
"7Client:libcurl-devel-0:7.29.0-25.el7.ppc64",
"7Client:libcurl-devel-0:7.29.0-25.el7.ppc64le",
"7Client:libcurl-devel-0:7.29.0-25.el7.s390",
"7Client:libcurl-devel-0:7.29.0-25.el7.s390x",
"7Client:libcurl-devel-0:7.29.0-25.el7.x86_64",
"7ComputeNode-optional:curl-0:7.29.0-25.el7.aarch64",
"7ComputeNode-optional:curl-0:7.29.0-25.el7.ppc64",
"7ComputeNode-optional:curl-0:7.29.0-25.el7.ppc64le",
"7ComputeNode-optional:curl-0:7.29.0-25.el7.s390x",
"7ComputeNode-optional:curl-0:7.29.0-25.el7.src",
"7ComputeNode-optional:curl-0:7.29.0-25.el7.x86_64",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.aarch64",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.i686",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.ppc",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.ppc64",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.ppc64le",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.s390",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.s390x",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.x86_64",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.aarch64",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.i686",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.ppc",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.ppc64",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.ppc64le",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.s390",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.s390x",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.x86_64",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.aarch64",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.i686",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.ppc",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.ppc64",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.ppc64le",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.s390",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.s390x",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.x86_64",
"7ComputeNode:curl-0:7.29.0-25.el7.aarch64",
"7ComputeNode:curl-0:7.29.0-25.el7.ppc64",
"7ComputeNode:curl-0:7.29.0-25.el7.ppc64le",
"7ComputeNode:curl-0:7.29.0-25.el7.s390x",
"7ComputeNode:curl-0:7.29.0-25.el7.src",
"7ComputeNode:curl-0:7.29.0-25.el7.x86_64",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.aarch64",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.i686",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.ppc",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.ppc64",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.ppc64le",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.s390",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.s390x",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.x86_64",
"7ComputeNode:libcurl-0:7.29.0-25.el7.aarch64",
"7ComputeNode:libcurl-0:7.29.0-25.el7.i686",
"7ComputeNode:libcurl-0:7.29.0-25.el7.ppc",
"7ComputeNode:libcurl-0:7.29.0-25.el7.ppc64",
"7ComputeNode:libcurl-0:7.29.0-25.el7.ppc64le",
"7ComputeNode:libcurl-0:7.29.0-25.el7.s390",
"7ComputeNode:libcurl-0:7.29.0-25.el7.s390x",
"7ComputeNode:libcurl-0:7.29.0-25.el7.x86_64",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.aarch64",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.i686",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.ppc",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.ppc64",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.ppc64le",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.s390",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.s390x",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.x86_64",
"7Server:curl-0:7.29.0-25.el7.aarch64",
"7Server:curl-0:7.29.0-25.el7.ppc64",
"7Server:curl-0:7.29.0-25.el7.ppc64le",
"7Server:curl-0:7.29.0-25.el7.s390x",
"7Server:curl-0:7.29.0-25.el7.src",
"7Server:curl-0:7.29.0-25.el7.x86_64",
"7Server:curl-debuginfo-0:7.29.0-25.el7.aarch64",
"7Server:curl-debuginfo-0:7.29.0-25.el7.i686",
"7Server:curl-debuginfo-0:7.29.0-25.el7.ppc",
"7Server:curl-debuginfo-0:7.29.0-25.el7.ppc64",
"7Server:curl-debuginfo-0:7.29.0-25.el7.ppc64le",
"7Server:curl-debuginfo-0:7.29.0-25.el7.s390",
"7Server:curl-debuginfo-0:7.29.0-25.el7.s390x",
"7Server:curl-debuginfo-0:7.29.0-25.el7.x86_64",
"7Server:libcurl-0:7.29.0-25.el7.aarch64",
"7Server:libcurl-0:7.29.0-25.el7.i686",
"7Server:libcurl-0:7.29.0-25.el7.ppc",
"7Server:libcurl-0:7.29.0-25.el7.ppc64",
"7Server:libcurl-0:7.29.0-25.el7.ppc64le",
"7Server:libcurl-0:7.29.0-25.el7.s390",
"7Server:libcurl-0:7.29.0-25.el7.s390x",
"7Server:libcurl-0:7.29.0-25.el7.x86_64",
"7Server:libcurl-devel-0:7.29.0-25.el7.aarch64",
"7Server:libcurl-devel-0:7.29.0-25.el7.i686",
"7Server:libcurl-devel-0:7.29.0-25.el7.ppc",
"7Server:libcurl-devel-0:7.29.0-25.el7.ppc64",
"7Server:libcurl-devel-0:7.29.0-25.el7.ppc64le",
"7Server:libcurl-devel-0:7.29.0-25.el7.s390",
"7Server:libcurl-devel-0:7.29.0-25.el7.s390x",
"7Server:libcurl-devel-0:7.29.0-25.el7.x86_64",
"7Workstation:curl-0:7.29.0-25.el7.aarch64",
"7Workstation:curl-0:7.29.0-25.el7.ppc64",
"7Workstation:curl-0:7.29.0-25.el7.ppc64le",
"7Workstation:curl-0:7.29.0-25.el7.s390x",
"7Workstation:curl-0:7.29.0-25.el7.src",
"7Workstation:curl-0:7.29.0-25.el7.x86_64",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.aarch64",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.i686",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.ppc",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.ppc64",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.ppc64le",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.s390",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.s390x",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.x86_64",
"7Workstation:libcurl-0:7.29.0-25.el7.aarch64",
"7Workstation:libcurl-0:7.29.0-25.el7.i686",
"7Workstation:libcurl-0:7.29.0-25.el7.ppc",
"7Workstation:libcurl-0:7.29.0-25.el7.ppc64",
"7Workstation:libcurl-0:7.29.0-25.el7.ppc64le",
"7Workstation:libcurl-0:7.29.0-25.el7.s390",
"7Workstation:libcurl-0:7.29.0-25.el7.s390x",
"7Workstation:libcurl-0:7.29.0-25.el7.x86_64",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.aarch64",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.i686",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.ppc",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.ppc64",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.ppc64le",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.s390",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.s390x",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2014-8150"
},
{
"category": "external",
"summary": "RHBZ#1178692",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1178692"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2014-8150",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-8150"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-8150",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2014-8150"
},
{
"category": "external",
"summary": "http://curl.haxx.se/docs/adv_20150108B.html",
"url": "http://curl.haxx.se/docs/adv_20150108B.html"
}
],
"release_date": "2015-01-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2015-11-19T03:26:18+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Client-optional:curl-0:7.29.0-25.el7.aarch64",
"7Client-optional:curl-0:7.29.0-25.el7.ppc64",
"7Client-optional:curl-0:7.29.0-25.el7.ppc64le",
"7Client-optional:curl-0:7.29.0-25.el7.s390x",
"7Client-optional:curl-0:7.29.0-25.el7.src",
"7Client-optional:curl-0:7.29.0-25.el7.x86_64",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.aarch64",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.i686",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.ppc",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.ppc64",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.ppc64le",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.s390",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.s390x",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.x86_64",
"7Client-optional:libcurl-0:7.29.0-25.el7.aarch64",
"7Client-optional:libcurl-0:7.29.0-25.el7.i686",
"7Client-optional:libcurl-0:7.29.0-25.el7.ppc",
"7Client-optional:libcurl-0:7.29.0-25.el7.ppc64",
"7Client-optional:libcurl-0:7.29.0-25.el7.ppc64le",
"7Client-optional:libcurl-0:7.29.0-25.el7.s390",
"7Client-optional:libcurl-0:7.29.0-25.el7.s390x",
"7Client-optional:libcurl-0:7.29.0-25.el7.x86_64",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.aarch64",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.i686",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.ppc",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.ppc64",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.ppc64le",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.s390",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.s390x",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.x86_64",
"7Client:curl-0:7.29.0-25.el7.aarch64",
"7Client:curl-0:7.29.0-25.el7.ppc64",
"7Client:curl-0:7.29.0-25.el7.ppc64le",
"7Client:curl-0:7.29.0-25.el7.s390x",
"7Client:curl-0:7.29.0-25.el7.src",
"7Client:curl-0:7.29.0-25.el7.x86_64",
"7Client:curl-debuginfo-0:7.29.0-25.el7.aarch64",
"7Client:curl-debuginfo-0:7.29.0-25.el7.i686",
"7Client:curl-debuginfo-0:7.29.0-25.el7.ppc",
"7Client:curl-debuginfo-0:7.29.0-25.el7.ppc64",
"7Client:curl-debuginfo-0:7.29.0-25.el7.ppc64le",
"7Client:curl-debuginfo-0:7.29.0-25.el7.s390",
"7Client:curl-debuginfo-0:7.29.0-25.el7.s390x",
"7Client:curl-debuginfo-0:7.29.0-25.el7.x86_64",
"7Client:libcurl-0:7.29.0-25.el7.aarch64",
"7Client:libcurl-0:7.29.0-25.el7.i686",
"7Client:libcurl-0:7.29.0-25.el7.ppc",
"7Client:libcurl-0:7.29.0-25.el7.ppc64",
"7Client:libcurl-0:7.29.0-25.el7.ppc64le",
"7Client:libcurl-0:7.29.0-25.el7.s390",
"7Client:libcurl-0:7.29.0-25.el7.s390x",
"7Client:libcurl-0:7.29.0-25.el7.x86_64",
"7Client:libcurl-devel-0:7.29.0-25.el7.aarch64",
"7Client:libcurl-devel-0:7.29.0-25.el7.i686",
"7Client:libcurl-devel-0:7.29.0-25.el7.ppc",
"7Client:libcurl-devel-0:7.29.0-25.el7.ppc64",
"7Client:libcurl-devel-0:7.29.0-25.el7.ppc64le",
"7Client:libcurl-devel-0:7.29.0-25.el7.s390",
"7Client:libcurl-devel-0:7.29.0-25.el7.s390x",
"7Client:libcurl-devel-0:7.29.0-25.el7.x86_64",
"7ComputeNode-optional:curl-0:7.29.0-25.el7.aarch64",
"7ComputeNode-optional:curl-0:7.29.0-25.el7.ppc64",
"7ComputeNode-optional:curl-0:7.29.0-25.el7.ppc64le",
"7ComputeNode-optional:curl-0:7.29.0-25.el7.s390x",
"7ComputeNode-optional:curl-0:7.29.0-25.el7.src",
"7ComputeNode-optional:curl-0:7.29.0-25.el7.x86_64",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.aarch64",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.i686",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.ppc",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.ppc64",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.ppc64le",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.s390",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.s390x",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.x86_64",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.aarch64",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.i686",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.ppc",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.ppc64",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.ppc64le",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.s390",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.s390x",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.x86_64",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.aarch64",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.i686",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.ppc",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.ppc64",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.ppc64le",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.s390",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.s390x",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.x86_64",
"7ComputeNode:curl-0:7.29.0-25.el7.aarch64",
"7ComputeNode:curl-0:7.29.0-25.el7.ppc64",
"7ComputeNode:curl-0:7.29.0-25.el7.ppc64le",
"7ComputeNode:curl-0:7.29.0-25.el7.s390x",
"7ComputeNode:curl-0:7.29.0-25.el7.src",
"7ComputeNode:curl-0:7.29.0-25.el7.x86_64",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.aarch64",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.i686",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.ppc",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.ppc64",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.ppc64le",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.s390",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.s390x",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.x86_64",
"7ComputeNode:libcurl-0:7.29.0-25.el7.aarch64",
"7ComputeNode:libcurl-0:7.29.0-25.el7.i686",
"7ComputeNode:libcurl-0:7.29.0-25.el7.ppc",
"7ComputeNode:libcurl-0:7.29.0-25.el7.ppc64",
"7ComputeNode:libcurl-0:7.29.0-25.el7.ppc64le",
"7ComputeNode:libcurl-0:7.29.0-25.el7.s390",
"7ComputeNode:libcurl-0:7.29.0-25.el7.s390x",
"7ComputeNode:libcurl-0:7.29.0-25.el7.x86_64",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.aarch64",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.i686",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.ppc",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.ppc64",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.ppc64le",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.s390",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.s390x",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.x86_64",
"7Server:curl-0:7.29.0-25.el7.aarch64",
"7Server:curl-0:7.29.0-25.el7.ppc64",
"7Server:curl-0:7.29.0-25.el7.ppc64le",
"7Server:curl-0:7.29.0-25.el7.s390x",
"7Server:curl-0:7.29.0-25.el7.src",
"7Server:curl-0:7.29.0-25.el7.x86_64",
"7Server:curl-debuginfo-0:7.29.0-25.el7.aarch64",
"7Server:curl-debuginfo-0:7.29.0-25.el7.i686",
"7Server:curl-debuginfo-0:7.29.0-25.el7.ppc",
"7Server:curl-debuginfo-0:7.29.0-25.el7.ppc64",
"7Server:curl-debuginfo-0:7.29.0-25.el7.ppc64le",
"7Server:curl-debuginfo-0:7.29.0-25.el7.s390",
"7Server:curl-debuginfo-0:7.29.0-25.el7.s390x",
"7Server:curl-debuginfo-0:7.29.0-25.el7.x86_64",
"7Server:libcurl-0:7.29.0-25.el7.aarch64",
"7Server:libcurl-0:7.29.0-25.el7.i686",
"7Server:libcurl-0:7.29.0-25.el7.ppc",
"7Server:libcurl-0:7.29.0-25.el7.ppc64",
"7Server:libcurl-0:7.29.0-25.el7.ppc64le",
"7Server:libcurl-0:7.29.0-25.el7.s390",
"7Server:libcurl-0:7.29.0-25.el7.s390x",
"7Server:libcurl-0:7.29.0-25.el7.x86_64",
"7Server:libcurl-devel-0:7.29.0-25.el7.aarch64",
"7Server:libcurl-devel-0:7.29.0-25.el7.i686",
"7Server:libcurl-devel-0:7.29.0-25.el7.ppc",
"7Server:libcurl-devel-0:7.29.0-25.el7.ppc64",
"7Server:libcurl-devel-0:7.29.0-25.el7.ppc64le",
"7Server:libcurl-devel-0:7.29.0-25.el7.s390",
"7Server:libcurl-devel-0:7.29.0-25.el7.s390x",
"7Server:libcurl-devel-0:7.29.0-25.el7.x86_64",
"7Workstation:curl-0:7.29.0-25.el7.aarch64",
"7Workstation:curl-0:7.29.0-25.el7.ppc64",
"7Workstation:curl-0:7.29.0-25.el7.ppc64le",
"7Workstation:curl-0:7.29.0-25.el7.s390x",
"7Workstation:curl-0:7.29.0-25.el7.src",
"7Workstation:curl-0:7.29.0-25.el7.x86_64",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.aarch64",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.i686",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.ppc",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.ppc64",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.ppc64le",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.s390",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.s390x",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.x86_64",
"7Workstation:libcurl-0:7.29.0-25.el7.aarch64",
"7Workstation:libcurl-0:7.29.0-25.el7.i686",
"7Workstation:libcurl-0:7.29.0-25.el7.ppc",
"7Workstation:libcurl-0:7.29.0-25.el7.ppc64",
"7Workstation:libcurl-0:7.29.0-25.el7.ppc64le",
"7Workstation:libcurl-0:7.29.0-25.el7.s390",
"7Workstation:libcurl-0:7.29.0-25.el7.s390x",
"7Workstation:libcurl-0:7.29.0-25.el7.x86_64",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.aarch64",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.i686",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.ppc",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.ppc64",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.ppc64le",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.s390",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.s390x",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2015:2159"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"products": [
"7Client-optional:curl-0:7.29.0-25.el7.aarch64",
"7Client-optional:curl-0:7.29.0-25.el7.ppc64",
"7Client-optional:curl-0:7.29.0-25.el7.ppc64le",
"7Client-optional:curl-0:7.29.0-25.el7.s390x",
"7Client-optional:curl-0:7.29.0-25.el7.src",
"7Client-optional:curl-0:7.29.0-25.el7.x86_64",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.aarch64",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.i686",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.ppc",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.ppc64",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.ppc64le",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.s390",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.s390x",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.x86_64",
"7Client-optional:libcurl-0:7.29.0-25.el7.aarch64",
"7Client-optional:libcurl-0:7.29.0-25.el7.i686",
"7Client-optional:libcurl-0:7.29.0-25.el7.ppc",
"7Client-optional:libcurl-0:7.29.0-25.el7.ppc64",
"7Client-optional:libcurl-0:7.29.0-25.el7.ppc64le",
"7Client-optional:libcurl-0:7.29.0-25.el7.s390",
"7Client-optional:libcurl-0:7.29.0-25.el7.s390x",
"7Client-optional:libcurl-0:7.29.0-25.el7.x86_64",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.aarch64",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.i686",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.ppc",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.ppc64",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.ppc64le",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.s390",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.s390x",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.x86_64",
"7Client:curl-0:7.29.0-25.el7.aarch64",
"7Client:curl-0:7.29.0-25.el7.ppc64",
"7Client:curl-0:7.29.0-25.el7.ppc64le",
"7Client:curl-0:7.29.0-25.el7.s390x",
"7Client:curl-0:7.29.0-25.el7.src",
"7Client:curl-0:7.29.0-25.el7.x86_64",
"7Client:curl-debuginfo-0:7.29.0-25.el7.aarch64",
"7Client:curl-debuginfo-0:7.29.0-25.el7.i686",
"7Client:curl-debuginfo-0:7.29.0-25.el7.ppc",
"7Client:curl-debuginfo-0:7.29.0-25.el7.ppc64",
"7Client:curl-debuginfo-0:7.29.0-25.el7.ppc64le",
"7Client:curl-debuginfo-0:7.29.0-25.el7.s390",
"7Client:curl-debuginfo-0:7.29.0-25.el7.s390x",
"7Client:curl-debuginfo-0:7.29.0-25.el7.x86_64",
"7Client:libcurl-0:7.29.0-25.el7.aarch64",
"7Client:libcurl-0:7.29.0-25.el7.i686",
"7Client:libcurl-0:7.29.0-25.el7.ppc",
"7Client:libcurl-0:7.29.0-25.el7.ppc64",
"7Client:libcurl-0:7.29.0-25.el7.ppc64le",
"7Client:libcurl-0:7.29.0-25.el7.s390",
"7Client:libcurl-0:7.29.0-25.el7.s390x",
"7Client:libcurl-0:7.29.0-25.el7.x86_64",
"7Client:libcurl-devel-0:7.29.0-25.el7.aarch64",
"7Client:libcurl-devel-0:7.29.0-25.el7.i686",
"7Client:libcurl-devel-0:7.29.0-25.el7.ppc",
"7Client:libcurl-devel-0:7.29.0-25.el7.ppc64",
"7Client:libcurl-devel-0:7.29.0-25.el7.ppc64le",
"7Client:libcurl-devel-0:7.29.0-25.el7.s390",
"7Client:libcurl-devel-0:7.29.0-25.el7.s390x",
"7Client:libcurl-devel-0:7.29.0-25.el7.x86_64",
"7ComputeNode-optional:curl-0:7.29.0-25.el7.aarch64",
"7ComputeNode-optional:curl-0:7.29.0-25.el7.ppc64",
"7ComputeNode-optional:curl-0:7.29.0-25.el7.ppc64le",
"7ComputeNode-optional:curl-0:7.29.0-25.el7.s390x",
"7ComputeNode-optional:curl-0:7.29.0-25.el7.src",
"7ComputeNode-optional:curl-0:7.29.0-25.el7.x86_64",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.aarch64",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.i686",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.ppc",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.ppc64",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.ppc64le",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.s390",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.s390x",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.x86_64",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.aarch64",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.i686",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.ppc",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.ppc64",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.ppc64le",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.s390",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.s390x",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.x86_64",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.aarch64",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.i686",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.ppc",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.ppc64",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.ppc64le",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.s390",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.s390x",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.x86_64",
"7ComputeNode:curl-0:7.29.0-25.el7.aarch64",
"7ComputeNode:curl-0:7.29.0-25.el7.ppc64",
"7ComputeNode:curl-0:7.29.0-25.el7.ppc64le",
"7ComputeNode:curl-0:7.29.0-25.el7.s390x",
"7ComputeNode:curl-0:7.29.0-25.el7.src",
"7ComputeNode:curl-0:7.29.0-25.el7.x86_64",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.aarch64",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.i686",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.ppc",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.ppc64",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.ppc64le",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.s390",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.s390x",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.x86_64",
"7ComputeNode:libcurl-0:7.29.0-25.el7.aarch64",
"7ComputeNode:libcurl-0:7.29.0-25.el7.i686",
"7ComputeNode:libcurl-0:7.29.0-25.el7.ppc",
"7ComputeNode:libcurl-0:7.29.0-25.el7.ppc64",
"7ComputeNode:libcurl-0:7.29.0-25.el7.ppc64le",
"7ComputeNode:libcurl-0:7.29.0-25.el7.s390",
"7ComputeNode:libcurl-0:7.29.0-25.el7.s390x",
"7ComputeNode:libcurl-0:7.29.0-25.el7.x86_64",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.aarch64",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.i686",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.ppc",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.ppc64",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.ppc64le",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.s390",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.s390x",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.x86_64",
"7Server:curl-0:7.29.0-25.el7.aarch64",
"7Server:curl-0:7.29.0-25.el7.ppc64",
"7Server:curl-0:7.29.0-25.el7.ppc64le",
"7Server:curl-0:7.29.0-25.el7.s390x",
"7Server:curl-0:7.29.0-25.el7.src",
"7Server:curl-0:7.29.0-25.el7.x86_64",
"7Server:curl-debuginfo-0:7.29.0-25.el7.aarch64",
"7Server:curl-debuginfo-0:7.29.0-25.el7.i686",
"7Server:curl-debuginfo-0:7.29.0-25.el7.ppc",
"7Server:curl-debuginfo-0:7.29.0-25.el7.ppc64",
"7Server:curl-debuginfo-0:7.29.0-25.el7.ppc64le",
"7Server:curl-debuginfo-0:7.29.0-25.el7.s390",
"7Server:curl-debuginfo-0:7.29.0-25.el7.s390x",
"7Server:curl-debuginfo-0:7.29.0-25.el7.x86_64",
"7Server:libcurl-0:7.29.0-25.el7.aarch64",
"7Server:libcurl-0:7.29.0-25.el7.i686",
"7Server:libcurl-0:7.29.0-25.el7.ppc",
"7Server:libcurl-0:7.29.0-25.el7.ppc64",
"7Server:libcurl-0:7.29.0-25.el7.ppc64le",
"7Server:libcurl-0:7.29.0-25.el7.s390",
"7Server:libcurl-0:7.29.0-25.el7.s390x",
"7Server:libcurl-0:7.29.0-25.el7.x86_64",
"7Server:libcurl-devel-0:7.29.0-25.el7.aarch64",
"7Server:libcurl-devel-0:7.29.0-25.el7.i686",
"7Server:libcurl-devel-0:7.29.0-25.el7.ppc",
"7Server:libcurl-devel-0:7.29.0-25.el7.ppc64",
"7Server:libcurl-devel-0:7.29.0-25.el7.ppc64le",
"7Server:libcurl-devel-0:7.29.0-25.el7.s390",
"7Server:libcurl-devel-0:7.29.0-25.el7.s390x",
"7Server:libcurl-devel-0:7.29.0-25.el7.x86_64",
"7Workstation:curl-0:7.29.0-25.el7.aarch64",
"7Workstation:curl-0:7.29.0-25.el7.ppc64",
"7Workstation:curl-0:7.29.0-25.el7.ppc64le",
"7Workstation:curl-0:7.29.0-25.el7.s390x",
"7Workstation:curl-0:7.29.0-25.el7.src",
"7Workstation:curl-0:7.29.0-25.el7.x86_64",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.aarch64",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.i686",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.ppc",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.ppc64",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.ppc64le",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.s390",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.s390x",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.x86_64",
"7Workstation:libcurl-0:7.29.0-25.el7.aarch64",
"7Workstation:libcurl-0:7.29.0-25.el7.i686",
"7Workstation:libcurl-0:7.29.0-25.el7.ppc",
"7Workstation:libcurl-0:7.29.0-25.el7.ppc64",
"7Workstation:libcurl-0:7.29.0-25.el7.ppc64le",
"7Workstation:libcurl-0:7.29.0-25.el7.s390",
"7Workstation:libcurl-0:7.29.0-25.el7.s390x",
"7Workstation:libcurl-0:7.29.0-25.el7.x86_64",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.aarch64",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.i686",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.ppc",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.ppc64",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.ppc64le",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.s390",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.s390x",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "curl: URL request injection vulnerability in parseurlandfillconn()"
},
{
"acknowledgments": [
{
"names": [
"Daniel Stenberg"
],
"organization": "curl upstream"
},
{
"names": [
"Paras Sethia"
],
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2015-3143",
"cwe": {
"id": "CWE-287",
"name": "Improper Authentication"
},
"discovery_date": "2015-04-16T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1213306"
}
],
"notes": [
{
"category": "description",
"text": "It was discovered that libcurl could incorrectly reuse NTLM-authenticated connections for subsequent unauthenticated requests to the same host. If an application using libcurl established an NTLM-authenticated connection to a server, and sent subsequent unauthenticated requests to the same server, the unauthenticated requests could be sent over the NTLM-authenticated connection, appearing as if they were sent by the NTLM authenticated user.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "curl: re-using authenticated connection when unauthenticated",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue affects the version of curl package as shipped with Red Hat Enterprise Linux 5. Red Hat Enterprise Linux 5 is now in Production 3 Phase of the support and maintenance life cycle. This issue is not planned to be addressed in a future update for Red Hat Enterprise Linux 5.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Client-optional:curl-0:7.29.0-25.el7.aarch64",
"7Client-optional:curl-0:7.29.0-25.el7.ppc64",
"7Client-optional:curl-0:7.29.0-25.el7.ppc64le",
"7Client-optional:curl-0:7.29.0-25.el7.s390x",
"7Client-optional:curl-0:7.29.0-25.el7.src",
"7Client-optional:curl-0:7.29.0-25.el7.x86_64",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.aarch64",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.i686",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.ppc",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.ppc64",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.ppc64le",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.s390",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.s390x",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.x86_64",
"7Client-optional:libcurl-0:7.29.0-25.el7.aarch64",
"7Client-optional:libcurl-0:7.29.0-25.el7.i686",
"7Client-optional:libcurl-0:7.29.0-25.el7.ppc",
"7Client-optional:libcurl-0:7.29.0-25.el7.ppc64",
"7Client-optional:libcurl-0:7.29.0-25.el7.ppc64le",
"7Client-optional:libcurl-0:7.29.0-25.el7.s390",
"7Client-optional:libcurl-0:7.29.0-25.el7.s390x",
"7Client-optional:libcurl-0:7.29.0-25.el7.x86_64",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.aarch64",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.i686",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.ppc",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.ppc64",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.ppc64le",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.s390",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.s390x",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.x86_64",
"7Client:curl-0:7.29.0-25.el7.aarch64",
"7Client:curl-0:7.29.0-25.el7.ppc64",
"7Client:curl-0:7.29.0-25.el7.ppc64le",
"7Client:curl-0:7.29.0-25.el7.s390x",
"7Client:curl-0:7.29.0-25.el7.src",
"7Client:curl-0:7.29.0-25.el7.x86_64",
"7Client:curl-debuginfo-0:7.29.0-25.el7.aarch64",
"7Client:curl-debuginfo-0:7.29.0-25.el7.i686",
"7Client:curl-debuginfo-0:7.29.0-25.el7.ppc",
"7Client:curl-debuginfo-0:7.29.0-25.el7.ppc64",
"7Client:curl-debuginfo-0:7.29.0-25.el7.ppc64le",
"7Client:curl-debuginfo-0:7.29.0-25.el7.s390",
"7Client:curl-debuginfo-0:7.29.0-25.el7.s390x",
"7Client:curl-debuginfo-0:7.29.0-25.el7.x86_64",
"7Client:libcurl-0:7.29.0-25.el7.aarch64",
"7Client:libcurl-0:7.29.0-25.el7.i686",
"7Client:libcurl-0:7.29.0-25.el7.ppc",
"7Client:libcurl-0:7.29.0-25.el7.ppc64",
"7Client:libcurl-0:7.29.0-25.el7.ppc64le",
"7Client:libcurl-0:7.29.0-25.el7.s390",
"7Client:libcurl-0:7.29.0-25.el7.s390x",
"7Client:libcurl-0:7.29.0-25.el7.x86_64",
"7Client:libcurl-devel-0:7.29.0-25.el7.aarch64",
"7Client:libcurl-devel-0:7.29.0-25.el7.i686",
"7Client:libcurl-devel-0:7.29.0-25.el7.ppc",
"7Client:libcurl-devel-0:7.29.0-25.el7.ppc64",
"7Client:libcurl-devel-0:7.29.0-25.el7.ppc64le",
"7Client:libcurl-devel-0:7.29.0-25.el7.s390",
"7Client:libcurl-devel-0:7.29.0-25.el7.s390x",
"7Client:libcurl-devel-0:7.29.0-25.el7.x86_64",
"7ComputeNode-optional:curl-0:7.29.0-25.el7.aarch64",
"7ComputeNode-optional:curl-0:7.29.0-25.el7.ppc64",
"7ComputeNode-optional:curl-0:7.29.0-25.el7.ppc64le",
"7ComputeNode-optional:curl-0:7.29.0-25.el7.s390x",
"7ComputeNode-optional:curl-0:7.29.0-25.el7.src",
"7ComputeNode-optional:curl-0:7.29.0-25.el7.x86_64",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.aarch64",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.i686",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.ppc",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.ppc64",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.ppc64le",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.s390",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.s390x",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.x86_64",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.aarch64",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.i686",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.ppc",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.ppc64",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.ppc64le",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.s390",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.s390x",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.x86_64",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.aarch64",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.i686",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.ppc",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.ppc64",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.ppc64le",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.s390",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.s390x",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.x86_64",
"7ComputeNode:curl-0:7.29.0-25.el7.aarch64",
"7ComputeNode:curl-0:7.29.0-25.el7.ppc64",
"7ComputeNode:curl-0:7.29.0-25.el7.ppc64le",
"7ComputeNode:curl-0:7.29.0-25.el7.s390x",
"7ComputeNode:curl-0:7.29.0-25.el7.src",
"7ComputeNode:curl-0:7.29.0-25.el7.x86_64",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.aarch64",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.i686",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.ppc",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.ppc64",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.ppc64le",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.s390",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.s390x",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.x86_64",
"7ComputeNode:libcurl-0:7.29.0-25.el7.aarch64",
"7ComputeNode:libcurl-0:7.29.0-25.el7.i686",
"7ComputeNode:libcurl-0:7.29.0-25.el7.ppc",
"7ComputeNode:libcurl-0:7.29.0-25.el7.ppc64",
"7ComputeNode:libcurl-0:7.29.0-25.el7.ppc64le",
"7ComputeNode:libcurl-0:7.29.0-25.el7.s390",
"7ComputeNode:libcurl-0:7.29.0-25.el7.s390x",
"7ComputeNode:libcurl-0:7.29.0-25.el7.x86_64",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.aarch64",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.i686",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.ppc",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.ppc64",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.ppc64le",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.s390",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.s390x",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.x86_64",
"7Server:curl-0:7.29.0-25.el7.aarch64",
"7Server:curl-0:7.29.0-25.el7.ppc64",
"7Server:curl-0:7.29.0-25.el7.ppc64le",
"7Server:curl-0:7.29.0-25.el7.s390x",
"7Server:curl-0:7.29.0-25.el7.src",
"7Server:curl-0:7.29.0-25.el7.x86_64",
"7Server:curl-debuginfo-0:7.29.0-25.el7.aarch64",
"7Server:curl-debuginfo-0:7.29.0-25.el7.i686",
"7Server:curl-debuginfo-0:7.29.0-25.el7.ppc",
"7Server:curl-debuginfo-0:7.29.0-25.el7.ppc64",
"7Server:curl-debuginfo-0:7.29.0-25.el7.ppc64le",
"7Server:curl-debuginfo-0:7.29.0-25.el7.s390",
"7Server:curl-debuginfo-0:7.29.0-25.el7.s390x",
"7Server:curl-debuginfo-0:7.29.0-25.el7.x86_64",
"7Server:libcurl-0:7.29.0-25.el7.aarch64",
"7Server:libcurl-0:7.29.0-25.el7.i686",
"7Server:libcurl-0:7.29.0-25.el7.ppc",
"7Server:libcurl-0:7.29.0-25.el7.ppc64",
"7Server:libcurl-0:7.29.0-25.el7.ppc64le",
"7Server:libcurl-0:7.29.0-25.el7.s390",
"7Server:libcurl-0:7.29.0-25.el7.s390x",
"7Server:libcurl-0:7.29.0-25.el7.x86_64",
"7Server:libcurl-devel-0:7.29.0-25.el7.aarch64",
"7Server:libcurl-devel-0:7.29.0-25.el7.i686",
"7Server:libcurl-devel-0:7.29.0-25.el7.ppc",
"7Server:libcurl-devel-0:7.29.0-25.el7.ppc64",
"7Server:libcurl-devel-0:7.29.0-25.el7.ppc64le",
"7Server:libcurl-devel-0:7.29.0-25.el7.s390",
"7Server:libcurl-devel-0:7.29.0-25.el7.s390x",
"7Server:libcurl-devel-0:7.29.0-25.el7.x86_64",
"7Workstation:curl-0:7.29.0-25.el7.aarch64",
"7Workstation:curl-0:7.29.0-25.el7.ppc64",
"7Workstation:curl-0:7.29.0-25.el7.ppc64le",
"7Workstation:curl-0:7.29.0-25.el7.s390x",
"7Workstation:curl-0:7.29.0-25.el7.src",
"7Workstation:curl-0:7.29.0-25.el7.x86_64",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.aarch64",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.i686",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.ppc",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.ppc64",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.ppc64le",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.s390",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.s390x",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.x86_64",
"7Workstation:libcurl-0:7.29.0-25.el7.aarch64",
"7Workstation:libcurl-0:7.29.0-25.el7.i686",
"7Workstation:libcurl-0:7.29.0-25.el7.ppc",
"7Workstation:libcurl-0:7.29.0-25.el7.ppc64",
"7Workstation:libcurl-0:7.29.0-25.el7.ppc64le",
"7Workstation:libcurl-0:7.29.0-25.el7.s390",
"7Workstation:libcurl-0:7.29.0-25.el7.s390x",
"7Workstation:libcurl-0:7.29.0-25.el7.x86_64",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.aarch64",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.i686",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.ppc",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.ppc64",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.ppc64le",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.s390",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.s390x",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2015-3143"
},
{
"category": "external",
"summary": "RHBZ#1213306",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1213306"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2015-3143",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-3143"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-3143",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2015-3143"
},
{
"category": "external",
"summary": "http://curl.haxx.se/docs/adv_20150422A.html",
"url": "http://curl.haxx.se/docs/adv_20150422A.html"
}
],
"release_date": "2015-04-22T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2015-11-19T03:26:18+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Client-optional:curl-0:7.29.0-25.el7.aarch64",
"7Client-optional:curl-0:7.29.0-25.el7.ppc64",
"7Client-optional:curl-0:7.29.0-25.el7.ppc64le",
"7Client-optional:curl-0:7.29.0-25.el7.s390x",
"7Client-optional:curl-0:7.29.0-25.el7.src",
"7Client-optional:curl-0:7.29.0-25.el7.x86_64",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.aarch64",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.i686",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.ppc",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.ppc64",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.ppc64le",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.s390",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.s390x",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.x86_64",
"7Client-optional:libcurl-0:7.29.0-25.el7.aarch64",
"7Client-optional:libcurl-0:7.29.0-25.el7.i686",
"7Client-optional:libcurl-0:7.29.0-25.el7.ppc",
"7Client-optional:libcurl-0:7.29.0-25.el7.ppc64",
"7Client-optional:libcurl-0:7.29.0-25.el7.ppc64le",
"7Client-optional:libcurl-0:7.29.0-25.el7.s390",
"7Client-optional:libcurl-0:7.29.0-25.el7.s390x",
"7Client-optional:libcurl-0:7.29.0-25.el7.x86_64",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.aarch64",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.i686",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.ppc",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.ppc64",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.ppc64le",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.s390",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.s390x",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.x86_64",
"7Client:curl-0:7.29.0-25.el7.aarch64",
"7Client:curl-0:7.29.0-25.el7.ppc64",
"7Client:curl-0:7.29.0-25.el7.ppc64le",
"7Client:curl-0:7.29.0-25.el7.s390x",
"7Client:curl-0:7.29.0-25.el7.src",
"7Client:curl-0:7.29.0-25.el7.x86_64",
"7Client:curl-debuginfo-0:7.29.0-25.el7.aarch64",
"7Client:curl-debuginfo-0:7.29.0-25.el7.i686",
"7Client:curl-debuginfo-0:7.29.0-25.el7.ppc",
"7Client:curl-debuginfo-0:7.29.0-25.el7.ppc64",
"7Client:curl-debuginfo-0:7.29.0-25.el7.ppc64le",
"7Client:curl-debuginfo-0:7.29.0-25.el7.s390",
"7Client:curl-debuginfo-0:7.29.0-25.el7.s390x",
"7Client:curl-debuginfo-0:7.29.0-25.el7.x86_64",
"7Client:libcurl-0:7.29.0-25.el7.aarch64",
"7Client:libcurl-0:7.29.0-25.el7.i686",
"7Client:libcurl-0:7.29.0-25.el7.ppc",
"7Client:libcurl-0:7.29.0-25.el7.ppc64",
"7Client:libcurl-0:7.29.0-25.el7.ppc64le",
"7Client:libcurl-0:7.29.0-25.el7.s390",
"7Client:libcurl-0:7.29.0-25.el7.s390x",
"7Client:libcurl-0:7.29.0-25.el7.x86_64",
"7Client:libcurl-devel-0:7.29.0-25.el7.aarch64",
"7Client:libcurl-devel-0:7.29.0-25.el7.i686",
"7Client:libcurl-devel-0:7.29.0-25.el7.ppc",
"7Client:libcurl-devel-0:7.29.0-25.el7.ppc64",
"7Client:libcurl-devel-0:7.29.0-25.el7.ppc64le",
"7Client:libcurl-devel-0:7.29.0-25.el7.s390",
"7Client:libcurl-devel-0:7.29.0-25.el7.s390x",
"7Client:libcurl-devel-0:7.29.0-25.el7.x86_64",
"7ComputeNode-optional:curl-0:7.29.0-25.el7.aarch64",
"7ComputeNode-optional:curl-0:7.29.0-25.el7.ppc64",
"7ComputeNode-optional:curl-0:7.29.0-25.el7.ppc64le",
"7ComputeNode-optional:curl-0:7.29.0-25.el7.s390x",
"7ComputeNode-optional:curl-0:7.29.0-25.el7.src",
"7ComputeNode-optional:curl-0:7.29.0-25.el7.x86_64",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.aarch64",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.i686",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.ppc",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.ppc64",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.ppc64le",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.s390",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.s390x",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.x86_64",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.aarch64",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.i686",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.ppc",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.ppc64",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.ppc64le",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.s390",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.s390x",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.x86_64",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.aarch64",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.i686",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.ppc",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.ppc64",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.ppc64le",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.s390",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.s390x",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.x86_64",
"7ComputeNode:curl-0:7.29.0-25.el7.aarch64",
"7ComputeNode:curl-0:7.29.0-25.el7.ppc64",
"7ComputeNode:curl-0:7.29.0-25.el7.ppc64le",
"7ComputeNode:curl-0:7.29.0-25.el7.s390x",
"7ComputeNode:curl-0:7.29.0-25.el7.src",
"7ComputeNode:curl-0:7.29.0-25.el7.x86_64",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.aarch64",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.i686",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.ppc",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.ppc64",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.ppc64le",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.s390",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.s390x",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.x86_64",
"7ComputeNode:libcurl-0:7.29.0-25.el7.aarch64",
"7ComputeNode:libcurl-0:7.29.0-25.el7.i686",
"7ComputeNode:libcurl-0:7.29.0-25.el7.ppc",
"7ComputeNode:libcurl-0:7.29.0-25.el7.ppc64",
"7ComputeNode:libcurl-0:7.29.0-25.el7.ppc64le",
"7ComputeNode:libcurl-0:7.29.0-25.el7.s390",
"7ComputeNode:libcurl-0:7.29.0-25.el7.s390x",
"7ComputeNode:libcurl-0:7.29.0-25.el7.x86_64",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.aarch64",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.i686",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.ppc",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.ppc64",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.ppc64le",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.s390",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.s390x",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.x86_64",
"7Server:curl-0:7.29.0-25.el7.aarch64",
"7Server:curl-0:7.29.0-25.el7.ppc64",
"7Server:curl-0:7.29.0-25.el7.ppc64le",
"7Server:curl-0:7.29.0-25.el7.s390x",
"7Server:curl-0:7.29.0-25.el7.src",
"7Server:curl-0:7.29.0-25.el7.x86_64",
"7Server:curl-debuginfo-0:7.29.0-25.el7.aarch64",
"7Server:curl-debuginfo-0:7.29.0-25.el7.i686",
"7Server:curl-debuginfo-0:7.29.0-25.el7.ppc",
"7Server:curl-debuginfo-0:7.29.0-25.el7.ppc64",
"7Server:curl-debuginfo-0:7.29.0-25.el7.ppc64le",
"7Server:curl-debuginfo-0:7.29.0-25.el7.s390",
"7Server:curl-debuginfo-0:7.29.0-25.el7.s390x",
"7Server:curl-debuginfo-0:7.29.0-25.el7.x86_64",
"7Server:libcurl-0:7.29.0-25.el7.aarch64",
"7Server:libcurl-0:7.29.0-25.el7.i686",
"7Server:libcurl-0:7.29.0-25.el7.ppc",
"7Server:libcurl-0:7.29.0-25.el7.ppc64",
"7Server:libcurl-0:7.29.0-25.el7.ppc64le",
"7Server:libcurl-0:7.29.0-25.el7.s390",
"7Server:libcurl-0:7.29.0-25.el7.s390x",
"7Server:libcurl-0:7.29.0-25.el7.x86_64",
"7Server:libcurl-devel-0:7.29.0-25.el7.aarch64",
"7Server:libcurl-devel-0:7.29.0-25.el7.i686",
"7Server:libcurl-devel-0:7.29.0-25.el7.ppc",
"7Server:libcurl-devel-0:7.29.0-25.el7.ppc64",
"7Server:libcurl-devel-0:7.29.0-25.el7.ppc64le",
"7Server:libcurl-devel-0:7.29.0-25.el7.s390",
"7Server:libcurl-devel-0:7.29.0-25.el7.s390x",
"7Server:libcurl-devel-0:7.29.0-25.el7.x86_64",
"7Workstation:curl-0:7.29.0-25.el7.aarch64",
"7Workstation:curl-0:7.29.0-25.el7.ppc64",
"7Workstation:curl-0:7.29.0-25.el7.ppc64le",
"7Workstation:curl-0:7.29.0-25.el7.s390x",
"7Workstation:curl-0:7.29.0-25.el7.src",
"7Workstation:curl-0:7.29.0-25.el7.x86_64",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.aarch64",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.i686",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.ppc",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.ppc64",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.ppc64le",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.s390",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.s390x",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.x86_64",
"7Workstation:libcurl-0:7.29.0-25.el7.aarch64",
"7Workstation:libcurl-0:7.29.0-25.el7.i686",
"7Workstation:libcurl-0:7.29.0-25.el7.ppc",
"7Workstation:libcurl-0:7.29.0-25.el7.ppc64",
"7Workstation:libcurl-0:7.29.0-25.el7.ppc64le",
"7Workstation:libcurl-0:7.29.0-25.el7.s390",
"7Workstation:libcurl-0:7.29.0-25.el7.s390x",
"7Workstation:libcurl-0:7.29.0-25.el7.x86_64",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.aarch64",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.i686",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.ppc",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.ppc64",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.ppc64le",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.s390",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.s390x",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2015:2159"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
"products": [
"7Client-optional:curl-0:7.29.0-25.el7.aarch64",
"7Client-optional:curl-0:7.29.0-25.el7.ppc64",
"7Client-optional:curl-0:7.29.0-25.el7.ppc64le",
"7Client-optional:curl-0:7.29.0-25.el7.s390x",
"7Client-optional:curl-0:7.29.0-25.el7.src",
"7Client-optional:curl-0:7.29.0-25.el7.x86_64",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.aarch64",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.i686",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.ppc",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.ppc64",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.ppc64le",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.s390",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.s390x",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.x86_64",
"7Client-optional:libcurl-0:7.29.0-25.el7.aarch64",
"7Client-optional:libcurl-0:7.29.0-25.el7.i686",
"7Client-optional:libcurl-0:7.29.0-25.el7.ppc",
"7Client-optional:libcurl-0:7.29.0-25.el7.ppc64",
"7Client-optional:libcurl-0:7.29.0-25.el7.ppc64le",
"7Client-optional:libcurl-0:7.29.0-25.el7.s390",
"7Client-optional:libcurl-0:7.29.0-25.el7.s390x",
"7Client-optional:libcurl-0:7.29.0-25.el7.x86_64",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.aarch64",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.i686",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.ppc",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.ppc64",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.ppc64le",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.s390",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.s390x",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.x86_64",
"7Client:curl-0:7.29.0-25.el7.aarch64",
"7Client:curl-0:7.29.0-25.el7.ppc64",
"7Client:curl-0:7.29.0-25.el7.ppc64le",
"7Client:curl-0:7.29.0-25.el7.s390x",
"7Client:curl-0:7.29.0-25.el7.src",
"7Client:curl-0:7.29.0-25.el7.x86_64",
"7Client:curl-debuginfo-0:7.29.0-25.el7.aarch64",
"7Client:curl-debuginfo-0:7.29.0-25.el7.i686",
"7Client:curl-debuginfo-0:7.29.0-25.el7.ppc",
"7Client:curl-debuginfo-0:7.29.0-25.el7.ppc64",
"7Client:curl-debuginfo-0:7.29.0-25.el7.ppc64le",
"7Client:curl-debuginfo-0:7.29.0-25.el7.s390",
"7Client:curl-debuginfo-0:7.29.0-25.el7.s390x",
"7Client:curl-debuginfo-0:7.29.0-25.el7.x86_64",
"7Client:libcurl-0:7.29.0-25.el7.aarch64",
"7Client:libcurl-0:7.29.0-25.el7.i686",
"7Client:libcurl-0:7.29.0-25.el7.ppc",
"7Client:libcurl-0:7.29.0-25.el7.ppc64",
"7Client:libcurl-0:7.29.0-25.el7.ppc64le",
"7Client:libcurl-0:7.29.0-25.el7.s390",
"7Client:libcurl-0:7.29.0-25.el7.s390x",
"7Client:libcurl-0:7.29.0-25.el7.x86_64",
"7Client:libcurl-devel-0:7.29.0-25.el7.aarch64",
"7Client:libcurl-devel-0:7.29.0-25.el7.i686",
"7Client:libcurl-devel-0:7.29.0-25.el7.ppc",
"7Client:libcurl-devel-0:7.29.0-25.el7.ppc64",
"7Client:libcurl-devel-0:7.29.0-25.el7.ppc64le",
"7Client:libcurl-devel-0:7.29.0-25.el7.s390",
"7Client:libcurl-devel-0:7.29.0-25.el7.s390x",
"7Client:libcurl-devel-0:7.29.0-25.el7.x86_64",
"7ComputeNode-optional:curl-0:7.29.0-25.el7.aarch64",
"7ComputeNode-optional:curl-0:7.29.0-25.el7.ppc64",
"7ComputeNode-optional:curl-0:7.29.0-25.el7.ppc64le",
"7ComputeNode-optional:curl-0:7.29.0-25.el7.s390x",
"7ComputeNode-optional:curl-0:7.29.0-25.el7.src",
"7ComputeNode-optional:curl-0:7.29.0-25.el7.x86_64",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.aarch64",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.i686",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.ppc",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.ppc64",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.ppc64le",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.s390",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.s390x",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.x86_64",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.aarch64",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.i686",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.ppc",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.ppc64",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.ppc64le",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.s390",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.s390x",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.x86_64",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.aarch64",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.i686",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.ppc",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.ppc64",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.ppc64le",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.s390",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.s390x",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.x86_64",
"7ComputeNode:curl-0:7.29.0-25.el7.aarch64",
"7ComputeNode:curl-0:7.29.0-25.el7.ppc64",
"7ComputeNode:curl-0:7.29.0-25.el7.ppc64le",
"7ComputeNode:curl-0:7.29.0-25.el7.s390x",
"7ComputeNode:curl-0:7.29.0-25.el7.src",
"7ComputeNode:curl-0:7.29.0-25.el7.x86_64",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.aarch64",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.i686",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.ppc",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.ppc64",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.ppc64le",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.s390",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.s390x",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.x86_64",
"7ComputeNode:libcurl-0:7.29.0-25.el7.aarch64",
"7ComputeNode:libcurl-0:7.29.0-25.el7.i686",
"7ComputeNode:libcurl-0:7.29.0-25.el7.ppc",
"7ComputeNode:libcurl-0:7.29.0-25.el7.ppc64",
"7ComputeNode:libcurl-0:7.29.0-25.el7.ppc64le",
"7ComputeNode:libcurl-0:7.29.0-25.el7.s390",
"7ComputeNode:libcurl-0:7.29.0-25.el7.s390x",
"7ComputeNode:libcurl-0:7.29.0-25.el7.x86_64",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.aarch64",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.i686",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.ppc",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.ppc64",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.ppc64le",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.s390",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.s390x",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.x86_64",
"7Server:curl-0:7.29.0-25.el7.aarch64",
"7Server:curl-0:7.29.0-25.el7.ppc64",
"7Server:curl-0:7.29.0-25.el7.ppc64le",
"7Server:curl-0:7.29.0-25.el7.s390x",
"7Server:curl-0:7.29.0-25.el7.src",
"7Server:curl-0:7.29.0-25.el7.x86_64",
"7Server:curl-debuginfo-0:7.29.0-25.el7.aarch64",
"7Server:curl-debuginfo-0:7.29.0-25.el7.i686",
"7Server:curl-debuginfo-0:7.29.0-25.el7.ppc",
"7Server:curl-debuginfo-0:7.29.0-25.el7.ppc64",
"7Server:curl-debuginfo-0:7.29.0-25.el7.ppc64le",
"7Server:curl-debuginfo-0:7.29.0-25.el7.s390",
"7Server:curl-debuginfo-0:7.29.0-25.el7.s390x",
"7Server:curl-debuginfo-0:7.29.0-25.el7.x86_64",
"7Server:libcurl-0:7.29.0-25.el7.aarch64",
"7Server:libcurl-0:7.29.0-25.el7.i686",
"7Server:libcurl-0:7.29.0-25.el7.ppc",
"7Server:libcurl-0:7.29.0-25.el7.ppc64",
"7Server:libcurl-0:7.29.0-25.el7.ppc64le",
"7Server:libcurl-0:7.29.0-25.el7.s390",
"7Server:libcurl-0:7.29.0-25.el7.s390x",
"7Server:libcurl-0:7.29.0-25.el7.x86_64",
"7Server:libcurl-devel-0:7.29.0-25.el7.aarch64",
"7Server:libcurl-devel-0:7.29.0-25.el7.i686",
"7Server:libcurl-devel-0:7.29.0-25.el7.ppc",
"7Server:libcurl-devel-0:7.29.0-25.el7.ppc64",
"7Server:libcurl-devel-0:7.29.0-25.el7.ppc64le",
"7Server:libcurl-devel-0:7.29.0-25.el7.s390",
"7Server:libcurl-devel-0:7.29.0-25.el7.s390x",
"7Server:libcurl-devel-0:7.29.0-25.el7.x86_64",
"7Workstation:curl-0:7.29.0-25.el7.aarch64",
"7Workstation:curl-0:7.29.0-25.el7.ppc64",
"7Workstation:curl-0:7.29.0-25.el7.ppc64le",
"7Workstation:curl-0:7.29.0-25.el7.s390x",
"7Workstation:curl-0:7.29.0-25.el7.src",
"7Workstation:curl-0:7.29.0-25.el7.x86_64",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.aarch64",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.i686",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.ppc",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.ppc64",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.ppc64le",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.s390",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.s390x",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.x86_64",
"7Workstation:libcurl-0:7.29.0-25.el7.aarch64",
"7Workstation:libcurl-0:7.29.0-25.el7.i686",
"7Workstation:libcurl-0:7.29.0-25.el7.ppc",
"7Workstation:libcurl-0:7.29.0-25.el7.ppc64",
"7Workstation:libcurl-0:7.29.0-25.el7.ppc64le",
"7Workstation:libcurl-0:7.29.0-25.el7.s390",
"7Workstation:libcurl-0:7.29.0-25.el7.s390x",
"7Workstation:libcurl-0:7.29.0-25.el7.x86_64",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.aarch64",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.i686",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.ppc",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.ppc64",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.ppc64le",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.s390",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.s390x",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "curl: re-using authenticated connection when unauthenticated"
},
{
"acknowledgments": [
{
"names": [
"Daniel Stenberg"
],
"organization": "curl upstream"
},
{
"names": [
"Isaac Boukris"
],
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2015-3148",
"cwe": {
"id": "CWE-287",
"name": "Improper Authentication"
},
"discovery_date": "2015-04-16T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1213351"
}
],
"notes": [
{
"category": "description",
"text": "It was discovered that libcurl could incorrectly reuse Negotiate authenticated HTTP connections for subsequent requests. If an application using libcurl established a Negotiate authenticated HTTP connection to a server and sent subsequent requests with different credentials, the connection could be re-used with the initial set of credentials instead of using the new ones.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "curl: Negotiate not treated as connection-oriented",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue affects the version of curl package as shipped with Red Hat Enterprise Linux 5. Red Hat Enterprise Linux 5 is now in Production 3 Phase of the support and maintenance life cycle. This issue is not planned to be addressed in a future update for Red Hat Enterprise Linux 5.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Client-optional:curl-0:7.29.0-25.el7.aarch64",
"7Client-optional:curl-0:7.29.0-25.el7.ppc64",
"7Client-optional:curl-0:7.29.0-25.el7.ppc64le",
"7Client-optional:curl-0:7.29.0-25.el7.s390x",
"7Client-optional:curl-0:7.29.0-25.el7.src",
"7Client-optional:curl-0:7.29.0-25.el7.x86_64",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.aarch64",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.i686",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.ppc",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.ppc64",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.ppc64le",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.s390",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.s390x",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.x86_64",
"7Client-optional:libcurl-0:7.29.0-25.el7.aarch64",
"7Client-optional:libcurl-0:7.29.0-25.el7.i686",
"7Client-optional:libcurl-0:7.29.0-25.el7.ppc",
"7Client-optional:libcurl-0:7.29.0-25.el7.ppc64",
"7Client-optional:libcurl-0:7.29.0-25.el7.ppc64le",
"7Client-optional:libcurl-0:7.29.0-25.el7.s390",
"7Client-optional:libcurl-0:7.29.0-25.el7.s390x",
"7Client-optional:libcurl-0:7.29.0-25.el7.x86_64",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.aarch64",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.i686",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.ppc",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.ppc64",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.ppc64le",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.s390",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.s390x",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.x86_64",
"7Client:curl-0:7.29.0-25.el7.aarch64",
"7Client:curl-0:7.29.0-25.el7.ppc64",
"7Client:curl-0:7.29.0-25.el7.ppc64le",
"7Client:curl-0:7.29.0-25.el7.s390x",
"7Client:curl-0:7.29.0-25.el7.src",
"7Client:curl-0:7.29.0-25.el7.x86_64",
"7Client:curl-debuginfo-0:7.29.0-25.el7.aarch64",
"7Client:curl-debuginfo-0:7.29.0-25.el7.i686",
"7Client:curl-debuginfo-0:7.29.0-25.el7.ppc",
"7Client:curl-debuginfo-0:7.29.0-25.el7.ppc64",
"7Client:curl-debuginfo-0:7.29.0-25.el7.ppc64le",
"7Client:curl-debuginfo-0:7.29.0-25.el7.s390",
"7Client:curl-debuginfo-0:7.29.0-25.el7.s390x",
"7Client:curl-debuginfo-0:7.29.0-25.el7.x86_64",
"7Client:libcurl-0:7.29.0-25.el7.aarch64",
"7Client:libcurl-0:7.29.0-25.el7.i686",
"7Client:libcurl-0:7.29.0-25.el7.ppc",
"7Client:libcurl-0:7.29.0-25.el7.ppc64",
"7Client:libcurl-0:7.29.0-25.el7.ppc64le",
"7Client:libcurl-0:7.29.0-25.el7.s390",
"7Client:libcurl-0:7.29.0-25.el7.s390x",
"7Client:libcurl-0:7.29.0-25.el7.x86_64",
"7Client:libcurl-devel-0:7.29.0-25.el7.aarch64",
"7Client:libcurl-devel-0:7.29.0-25.el7.i686",
"7Client:libcurl-devel-0:7.29.0-25.el7.ppc",
"7Client:libcurl-devel-0:7.29.0-25.el7.ppc64",
"7Client:libcurl-devel-0:7.29.0-25.el7.ppc64le",
"7Client:libcurl-devel-0:7.29.0-25.el7.s390",
"7Client:libcurl-devel-0:7.29.0-25.el7.s390x",
"7Client:libcurl-devel-0:7.29.0-25.el7.x86_64",
"7ComputeNode-optional:curl-0:7.29.0-25.el7.aarch64",
"7ComputeNode-optional:curl-0:7.29.0-25.el7.ppc64",
"7ComputeNode-optional:curl-0:7.29.0-25.el7.ppc64le",
"7ComputeNode-optional:curl-0:7.29.0-25.el7.s390x",
"7ComputeNode-optional:curl-0:7.29.0-25.el7.src",
"7ComputeNode-optional:curl-0:7.29.0-25.el7.x86_64",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.aarch64",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.i686",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.ppc",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.ppc64",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.ppc64le",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.s390",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.s390x",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.x86_64",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.aarch64",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.i686",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.ppc",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.ppc64",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.ppc64le",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.s390",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.s390x",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.x86_64",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.aarch64",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.i686",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.ppc",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.ppc64",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.ppc64le",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.s390",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.s390x",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.x86_64",
"7ComputeNode:curl-0:7.29.0-25.el7.aarch64",
"7ComputeNode:curl-0:7.29.0-25.el7.ppc64",
"7ComputeNode:curl-0:7.29.0-25.el7.ppc64le",
"7ComputeNode:curl-0:7.29.0-25.el7.s390x",
"7ComputeNode:curl-0:7.29.0-25.el7.src",
"7ComputeNode:curl-0:7.29.0-25.el7.x86_64",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.aarch64",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.i686",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.ppc",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.ppc64",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.ppc64le",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.s390",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.s390x",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.x86_64",
"7ComputeNode:libcurl-0:7.29.0-25.el7.aarch64",
"7ComputeNode:libcurl-0:7.29.0-25.el7.i686",
"7ComputeNode:libcurl-0:7.29.0-25.el7.ppc",
"7ComputeNode:libcurl-0:7.29.0-25.el7.ppc64",
"7ComputeNode:libcurl-0:7.29.0-25.el7.ppc64le",
"7ComputeNode:libcurl-0:7.29.0-25.el7.s390",
"7ComputeNode:libcurl-0:7.29.0-25.el7.s390x",
"7ComputeNode:libcurl-0:7.29.0-25.el7.x86_64",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.aarch64",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.i686",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.ppc",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.ppc64",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.ppc64le",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.s390",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.s390x",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.x86_64",
"7Server:curl-0:7.29.0-25.el7.aarch64",
"7Server:curl-0:7.29.0-25.el7.ppc64",
"7Server:curl-0:7.29.0-25.el7.ppc64le",
"7Server:curl-0:7.29.0-25.el7.s390x",
"7Server:curl-0:7.29.0-25.el7.src",
"7Server:curl-0:7.29.0-25.el7.x86_64",
"7Server:curl-debuginfo-0:7.29.0-25.el7.aarch64",
"7Server:curl-debuginfo-0:7.29.0-25.el7.i686",
"7Server:curl-debuginfo-0:7.29.0-25.el7.ppc",
"7Server:curl-debuginfo-0:7.29.0-25.el7.ppc64",
"7Server:curl-debuginfo-0:7.29.0-25.el7.ppc64le",
"7Server:curl-debuginfo-0:7.29.0-25.el7.s390",
"7Server:curl-debuginfo-0:7.29.0-25.el7.s390x",
"7Server:curl-debuginfo-0:7.29.0-25.el7.x86_64",
"7Server:libcurl-0:7.29.0-25.el7.aarch64",
"7Server:libcurl-0:7.29.0-25.el7.i686",
"7Server:libcurl-0:7.29.0-25.el7.ppc",
"7Server:libcurl-0:7.29.0-25.el7.ppc64",
"7Server:libcurl-0:7.29.0-25.el7.ppc64le",
"7Server:libcurl-0:7.29.0-25.el7.s390",
"7Server:libcurl-0:7.29.0-25.el7.s390x",
"7Server:libcurl-0:7.29.0-25.el7.x86_64",
"7Server:libcurl-devel-0:7.29.0-25.el7.aarch64",
"7Server:libcurl-devel-0:7.29.0-25.el7.i686",
"7Server:libcurl-devel-0:7.29.0-25.el7.ppc",
"7Server:libcurl-devel-0:7.29.0-25.el7.ppc64",
"7Server:libcurl-devel-0:7.29.0-25.el7.ppc64le",
"7Server:libcurl-devel-0:7.29.0-25.el7.s390",
"7Server:libcurl-devel-0:7.29.0-25.el7.s390x",
"7Server:libcurl-devel-0:7.29.0-25.el7.x86_64",
"7Workstation:curl-0:7.29.0-25.el7.aarch64",
"7Workstation:curl-0:7.29.0-25.el7.ppc64",
"7Workstation:curl-0:7.29.0-25.el7.ppc64le",
"7Workstation:curl-0:7.29.0-25.el7.s390x",
"7Workstation:curl-0:7.29.0-25.el7.src",
"7Workstation:curl-0:7.29.0-25.el7.x86_64",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.aarch64",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.i686",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.ppc",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.ppc64",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.ppc64le",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.s390",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.s390x",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.x86_64",
"7Workstation:libcurl-0:7.29.0-25.el7.aarch64",
"7Workstation:libcurl-0:7.29.0-25.el7.i686",
"7Workstation:libcurl-0:7.29.0-25.el7.ppc",
"7Workstation:libcurl-0:7.29.0-25.el7.ppc64",
"7Workstation:libcurl-0:7.29.0-25.el7.ppc64le",
"7Workstation:libcurl-0:7.29.0-25.el7.s390",
"7Workstation:libcurl-0:7.29.0-25.el7.s390x",
"7Workstation:libcurl-0:7.29.0-25.el7.x86_64",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.aarch64",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.i686",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.ppc",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.ppc64",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.ppc64le",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.s390",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.s390x",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2015-3148"
},
{
"category": "external",
"summary": "RHBZ#1213351",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1213351"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2015-3148",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-3148"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-3148",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2015-3148"
},
{
"category": "external",
"summary": "http://curl.haxx.se/docs/adv_20150422B.html",
"url": "http://curl.haxx.se/docs/adv_20150422B.html"
}
],
"release_date": "2015-04-22T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2015-11-19T03:26:18+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Client-optional:curl-0:7.29.0-25.el7.aarch64",
"7Client-optional:curl-0:7.29.0-25.el7.ppc64",
"7Client-optional:curl-0:7.29.0-25.el7.ppc64le",
"7Client-optional:curl-0:7.29.0-25.el7.s390x",
"7Client-optional:curl-0:7.29.0-25.el7.src",
"7Client-optional:curl-0:7.29.0-25.el7.x86_64",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.aarch64",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.i686",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.ppc",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.ppc64",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.ppc64le",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.s390",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.s390x",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.x86_64",
"7Client-optional:libcurl-0:7.29.0-25.el7.aarch64",
"7Client-optional:libcurl-0:7.29.0-25.el7.i686",
"7Client-optional:libcurl-0:7.29.0-25.el7.ppc",
"7Client-optional:libcurl-0:7.29.0-25.el7.ppc64",
"7Client-optional:libcurl-0:7.29.0-25.el7.ppc64le",
"7Client-optional:libcurl-0:7.29.0-25.el7.s390",
"7Client-optional:libcurl-0:7.29.0-25.el7.s390x",
"7Client-optional:libcurl-0:7.29.0-25.el7.x86_64",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.aarch64",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.i686",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.ppc",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.ppc64",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.ppc64le",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.s390",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.s390x",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.x86_64",
"7Client:curl-0:7.29.0-25.el7.aarch64",
"7Client:curl-0:7.29.0-25.el7.ppc64",
"7Client:curl-0:7.29.0-25.el7.ppc64le",
"7Client:curl-0:7.29.0-25.el7.s390x",
"7Client:curl-0:7.29.0-25.el7.src",
"7Client:curl-0:7.29.0-25.el7.x86_64",
"7Client:curl-debuginfo-0:7.29.0-25.el7.aarch64",
"7Client:curl-debuginfo-0:7.29.0-25.el7.i686",
"7Client:curl-debuginfo-0:7.29.0-25.el7.ppc",
"7Client:curl-debuginfo-0:7.29.0-25.el7.ppc64",
"7Client:curl-debuginfo-0:7.29.0-25.el7.ppc64le",
"7Client:curl-debuginfo-0:7.29.0-25.el7.s390",
"7Client:curl-debuginfo-0:7.29.0-25.el7.s390x",
"7Client:curl-debuginfo-0:7.29.0-25.el7.x86_64",
"7Client:libcurl-0:7.29.0-25.el7.aarch64",
"7Client:libcurl-0:7.29.0-25.el7.i686",
"7Client:libcurl-0:7.29.0-25.el7.ppc",
"7Client:libcurl-0:7.29.0-25.el7.ppc64",
"7Client:libcurl-0:7.29.0-25.el7.ppc64le",
"7Client:libcurl-0:7.29.0-25.el7.s390",
"7Client:libcurl-0:7.29.0-25.el7.s390x",
"7Client:libcurl-0:7.29.0-25.el7.x86_64",
"7Client:libcurl-devel-0:7.29.0-25.el7.aarch64",
"7Client:libcurl-devel-0:7.29.0-25.el7.i686",
"7Client:libcurl-devel-0:7.29.0-25.el7.ppc",
"7Client:libcurl-devel-0:7.29.0-25.el7.ppc64",
"7Client:libcurl-devel-0:7.29.0-25.el7.ppc64le",
"7Client:libcurl-devel-0:7.29.0-25.el7.s390",
"7Client:libcurl-devel-0:7.29.0-25.el7.s390x",
"7Client:libcurl-devel-0:7.29.0-25.el7.x86_64",
"7ComputeNode-optional:curl-0:7.29.0-25.el7.aarch64",
"7ComputeNode-optional:curl-0:7.29.0-25.el7.ppc64",
"7ComputeNode-optional:curl-0:7.29.0-25.el7.ppc64le",
"7ComputeNode-optional:curl-0:7.29.0-25.el7.s390x",
"7ComputeNode-optional:curl-0:7.29.0-25.el7.src",
"7ComputeNode-optional:curl-0:7.29.0-25.el7.x86_64",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.aarch64",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.i686",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.ppc",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.ppc64",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.ppc64le",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.s390",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.s390x",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.x86_64",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.aarch64",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.i686",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.ppc",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.ppc64",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.ppc64le",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.s390",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.s390x",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.x86_64",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.aarch64",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.i686",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.ppc",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.ppc64",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.ppc64le",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.s390",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.s390x",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.x86_64",
"7ComputeNode:curl-0:7.29.0-25.el7.aarch64",
"7ComputeNode:curl-0:7.29.0-25.el7.ppc64",
"7ComputeNode:curl-0:7.29.0-25.el7.ppc64le",
"7ComputeNode:curl-0:7.29.0-25.el7.s390x",
"7ComputeNode:curl-0:7.29.0-25.el7.src",
"7ComputeNode:curl-0:7.29.0-25.el7.x86_64",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.aarch64",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.i686",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.ppc",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.ppc64",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.ppc64le",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.s390",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.s390x",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.x86_64",
"7ComputeNode:libcurl-0:7.29.0-25.el7.aarch64",
"7ComputeNode:libcurl-0:7.29.0-25.el7.i686",
"7ComputeNode:libcurl-0:7.29.0-25.el7.ppc",
"7ComputeNode:libcurl-0:7.29.0-25.el7.ppc64",
"7ComputeNode:libcurl-0:7.29.0-25.el7.ppc64le",
"7ComputeNode:libcurl-0:7.29.0-25.el7.s390",
"7ComputeNode:libcurl-0:7.29.0-25.el7.s390x",
"7ComputeNode:libcurl-0:7.29.0-25.el7.x86_64",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.aarch64",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.i686",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.ppc",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.ppc64",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.ppc64le",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.s390",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.s390x",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.x86_64",
"7Server:curl-0:7.29.0-25.el7.aarch64",
"7Server:curl-0:7.29.0-25.el7.ppc64",
"7Server:curl-0:7.29.0-25.el7.ppc64le",
"7Server:curl-0:7.29.0-25.el7.s390x",
"7Server:curl-0:7.29.0-25.el7.src",
"7Server:curl-0:7.29.0-25.el7.x86_64",
"7Server:curl-debuginfo-0:7.29.0-25.el7.aarch64",
"7Server:curl-debuginfo-0:7.29.0-25.el7.i686",
"7Server:curl-debuginfo-0:7.29.0-25.el7.ppc",
"7Server:curl-debuginfo-0:7.29.0-25.el7.ppc64",
"7Server:curl-debuginfo-0:7.29.0-25.el7.ppc64le",
"7Server:curl-debuginfo-0:7.29.0-25.el7.s390",
"7Server:curl-debuginfo-0:7.29.0-25.el7.s390x",
"7Server:curl-debuginfo-0:7.29.0-25.el7.x86_64",
"7Server:libcurl-0:7.29.0-25.el7.aarch64",
"7Server:libcurl-0:7.29.0-25.el7.i686",
"7Server:libcurl-0:7.29.0-25.el7.ppc",
"7Server:libcurl-0:7.29.0-25.el7.ppc64",
"7Server:libcurl-0:7.29.0-25.el7.ppc64le",
"7Server:libcurl-0:7.29.0-25.el7.s390",
"7Server:libcurl-0:7.29.0-25.el7.s390x",
"7Server:libcurl-0:7.29.0-25.el7.x86_64",
"7Server:libcurl-devel-0:7.29.0-25.el7.aarch64",
"7Server:libcurl-devel-0:7.29.0-25.el7.i686",
"7Server:libcurl-devel-0:7.29.0-25.el7.ppc",
"7Server:libcurl-devel-0:7.29.0-25.el7.ppc64",
"7Server:libcurl-devel-0:7.29.0-25.el7.ppc64le",
"7Server:libcurl-devel-0:7.29.0-25.el7.s390",
"7Server:libcurl-devel-0:7.29.0-25.el7.s390x",
"7Server:libcurl-devel-0:7.29.0-25.el7.x86_64",
"7Workstation:curl-0:7.29.0-25.el7.aarch64",
"7Workstation:curl-0:7.29.0-25.el7.ppc64",
"7Workstation:curl-0:7.29.0-25.el7.ppc64le",
"7Workstation:curl-0:7.29.0-25.el7.s390x",
"7Workstation:curl-0:7.29.0-25.el7.src",
"7Workstation:curl-0:7.29.0-25.el7.x86_64",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.aarch64",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.i686",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.ppc",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.ppc64",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.ppc64le",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.s390",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.s390x",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.x86_64",
"7Workstation:libcurl-0:7.29.0-25.el7.aarch64",
"7Workstation:libcurl-0:7.29.0-25.el7.i686",
"7Workstation:libcurl-0:7.29.0-25.el7.ppc",
"7Workstation:libcurl-0:7.29.0-25.el7.ppc64",
"7Workstation:libcurl-0:7.29.0-25.el7.ppc64le",
"7Workstation:libcurl-0:7.29.0-25.el7.s390",
"7Workstation:libcurl-0:7.29.0-25.el7.s390x",
"7Workstation:libcurl-0:7.29.0-25.el7.x86_64",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.aarch64",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.i686",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.ppc",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.ppc64",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.ppc64le",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.s390",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.s390x",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2015:2159"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
"products": [
"7Client-optional:curl-0:7.29.0-25.el7.aarch64",
"7Client-optional:curl-0:7.29.0-25.el7.ppc64",
"7Client-optional:curl-0:7.29.0-25.el7.ppc64le",
"7Client-optional:curl-0:7.29.0-25.el7.s390x",
"7Client-optional:curl-0:7.29.0-25.el7.src",
"7Client-optional:curl-0:7.29.0-25.el7.x86_64",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.aarch64",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.i686",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.ppc",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.ppc64",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.ppc64le",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.s390",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.s390x",
"7Client-optional:curl-debuginfo-0:7.29.0-25.el7.x86_64",
"7Client-optional:libcurl-0:7.29.0-25.el7.aarch64",
"7Client-optional:libcurl-0:7.29.0-25.el7.i686",
"7Client-optional:libcurl-0:7.29.0-25.el7.ppc",
"7Client-optional:libcurl-0:7.29.0-25.el7.ppc64",
"7Client-optional:libcurl-0:7.29.0-25.el7.ppc64le",
"7Client-optional:libcurl-0:7.29.0-25.el7.s390",
"7Client-optional:libcurl-0:7.29.0-25.el7.s390x",
"7Client-optional:libcurl-0:7.29.0-25.el7.x86_64",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.aarch64",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.i686",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.ppc",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.ppc64",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.ppc64le",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.s390",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.s390x",
"7Client-optional:libcurl-devel-0:7.29.0-25.el7.x86_64",
"7Client:curl-0:7.29.0-25.el7.aarch64",
"7Client:curl-0:7.29.0-25.el7.ppc64",
"7Client:curl-0:7.29.0-25.el7.ppc64le",
"7Client:curl-0:7.29.0-25.el7.s390x",
"7Client:curl-0:7.29.0-25.el7.src",
"7Client:curl-0:7.29.0-25.el7.x86_64",
"7Client:curl-debuginfo-0:7.29.0-25.el7.aarch64",
"7Client:curl-debuginfo-0:7.29.0-25.el7.i686",
"7Client:curl-debuginfo-0:7.29.0-25.el7.ppc",
"7Client:curl-debuginfo-0:7.29.0-25.el7.ppc64",
"7Client:curl-debuginfo-0:7.29.0-25.el7.ppc64le",
"7Client:curl-debuginfo-0:7.29.0-25.el7.s390",
"7Client:curl-debuginfo-0:7.29.0-25.el7.s390x",
"7Client:curl-debuginfo-0:7.29.0-25.el7.x86_64",
"7Client:libcurl-0:7.29.0-25.el7.aarch64",
"7Client:libcurl-0:7.29.0-25.el7.i686",
"7Client:libcurl-0:7.29.0-25.el7.ppc",
"7Client:libcurl-0:7.29.0-25.el7.ppc64",
"7Client:libcurl-0:7.29.0-25.el7.ppc64le",
"7Client:libcurl-0:7.29.0-25.el7.s390",
"7Client:libcurl-0:7.29.0-25.el7.s390x",
"7Client:libcurl-0:7.29.0-25.el7.x86_64",
"7Client:libcurl-devel-0:7.29.0-25.el7.aarch64",
"7Client:libcurl-devel-0:7.29.0-25.el7.i686",
"7Client:libcurl-devel-0:7.29.0-25.el7.ppc",
"7Client:libcurl-devel-0:7.29.0-25.el7.ppc64",
"7Client:libcurl-devel-0:7.29.0-25.el7.ppc64le",
"7Client:libcurl-devel-0:7.29.0-25.el7.s390",
"7Client:libcurl-devel-0:7.29.0-25.el7.s390x",
"7Client:libcurl-devel-0:7.29.0-25.el7.x86_64",
"7ComputeNode-optional:curl-0:7.29.0-25.el7.aarch64",
"7ComputeNode-optional:curl-0:7.29.0-25.el7.ppc64",
"7ComputeNode-optional:curl-0:7.29.0-25.el7.ppc64le",
"7ComputeNode-optional:curl-0:7.29.0-25.el7.s390x",
"7ComputeNode-optional:curl-0:7.29.0-25.el7.src",
"7ComputeNode-optional:curl-0:7.29.0-25.el7.x86_64",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.aarch64",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.i686",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.ppc",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.ppc64",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.ppc64le",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.s390",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.s390x",
"7ComputeNode-optional:curl-debuginfo-0:7.29.0-25.el7.x86_64",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.aarch64",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.i686",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.ppc",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.ppc64",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.ppc64le",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.s390",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.s390x",
"7ComputeNode-optional:libcurl-0:7.29.0-25.el7.x86_64",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.aarch64",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.i686",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.ppc",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.ppc64",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.ppc64le",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.s390",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.s390x",
"7ComputeNode-optional:libcurl-devel-0:7.29.0-25.el7.x86_64",
"7ComputeNode:curl-0:7.29.0-25.el7.aarch64",
"7ComputeNode:curl-0:7.29.0-25.el7.ppc64",
"7ComputeNode:curl-0:7.29.0-25.el7.ppc64le",
"7ComputeNode:curl-0:7.29.0-25.el7.s390x",
"7ComputeNode:curl-0:7.29.0-25.el7.src",
"7ComputeNode:curl-0:7.29.0-25.el7.x86_64",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.aarch64",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.i686",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.ppc",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.ppc64",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.ppc64le",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.s390",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.s390x",
"7ComputeNode:curl-debuginfo-0:7.29.0-25.el7.x86_64",
"7ComputeNode:libcurl-0:7.29.0-25.el7.aarch64",
"7ComputeNode:libcurl-0:7.29.0-25.el7.i686",
"7ComputeNode:libcurl-0:7.29.0-25.el7.ppc",
"7ComputeNode:libcurl-0:7.29.0-25.el7.ppc64",
"7ComputeNode:libcurl-0:7.29.0-25.el7.ppc64le",
"7ComputeNode:libcurl-0:7.29.0-25.el7.s390",
"7ComputeNode:libcurl-0:7.29.0-25.el7.s390x",
"7ComputeNode:libcurl-0:7.29.0-25.el7.x86_64",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.aarch64",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.i686",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.ppc",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.ppc64",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.ppc64le",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.s390",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.s390x",
"7ComputeNode:libcurl-devel-0:7.29.0-25.el7.x86_64",
"7Server:curl-0:7.29.0-25.el7.aarch64",
"7Server:curl-0:7.29.0-25.el7.ppc64",
"7Server:curl-0:7.29.0-25.el7.ppc64le",
"7Server:curl-0:7.29.0-25.el7.s390x",
"7Server:curl-0:7.29.0-25.el7.src",
"7Server:curl-0:7.29.0-25.el7.x86_64",
"7Server:curl-debuginfo-0:7.29.0-25.el7.aarch64",
"7Server:curl-debuginfo-0:7.29.0-25.el7.i686",
"7Server:curl-debuginfo-0:7.29.0-25.el7.ppc",
"7Server:curl-debuginfo-0:7.29.0-25.el7.ppc64",
"7Server:curl-debuginfo-0:7.29.0-25.el7.ppc64le",
"7Server:curl-debuginfo-0:7.29.0-25.el7.s390",
"7Server:curl-debuginfo-0:7.29.0-25.el7.s390x",
"7Server:curl-debuginfo-0:7.29.0-25.el7.x86_64",
"7Server:libcurl-0:7.29.0-25.el7.aarch64",
"7Server:libcurl-0:7.29.0-25.el7.i686",
"7Server:libcurl-0:7.29.0-25.el7.ppc",
"7Server:libcurl-0:7.29.0-25.el7.ppc64",
"7Server:libcurl-0:7.29.0-25.el7.ppc64le",
"7Server:libcurl-0:7.29.0-25.el7.s390",
"7Server:libcurl-0:7.29.0-25.el7.s390x",
"7Server:libcurl-0:7.29.0-25.el7.x86_64",
"7Server:libcurl-devel-0:7.29.0-25.el7.aarch64",
"7Server:libcurl-devel-0:7.29.0-25.el7.i686",
"7Server:libcurl-devel-0:7.29.0-25.el7.ppc",
"7Server:libcurl-devel-0:7.29.0-25.el7.ppc64",
"7Server:libcurl-devel-0:7.29.0-25.el7.ppc64le",
"7Server:libcurl-devel-0:7.29.0-25.el7.s390",
"7Server:libcurl-devel-0:7.29.0-25.el7.s390x",
"7Server:libcurl-devel-0:7.29.0-25.el7.x86_64",
"7Workstation:curl-0:7.29.0-25.el7.aarch64",
"7Workstation:curl-0:7.29.0-25.el7.ppc64",
"7Workstation:curl-0:7.29.0-25.el7.ppc64le",
"7Workstation:curl-0:7.29.0-25.el7.s390x",
"7Workstation:curl-0:7.29.0-25.el7.src",
"7Workstation:curl-0:7.29.0-25.el7.x86_64",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.aarch64",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.i686",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.ppc",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.ppc64",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.ppc64le",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.s390",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.s390x",
"7Workstation:curl-debuginfo-0:7.29.0-25.el7.x86_64",
"7Workstation:libcurl-0:7.29.0-25.el7.aarch64",
"7Workstation:libcurl-0:7.29.0-25.el7.i686",
"7Workstation:libcurl-0:7.29.0-25.el7.ppc",
"7Workstation:libcurl-0:7.29.0-25.el7.ppc64",
"7Workstation:libcurl-0:7.29.0-25.el7.ppc64le",
"7Workstation:libcurl-0:7.29.0-25.el7.s390",
"7Workstation:libcurl-0:7.29.0-25.el7.s390x",
"7Workstation:libcurl-0:7.29.0-25.el7.x86_64",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.aarch64",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.i686",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.ppc",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.ppc64",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.ppc64le",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.s390",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.s390x",
"7Workstation:libcurl-devel-0:7.29.0-25.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "curl: Negotiate not treated as connection-oriented"
}
]
}
rhsa-2015_1254
Vulnerability from csaf_redhat
Published
2015-07-20 13:50
Modified
2024-11-22 08:47
Summary
Red Hat Security Advisory: curl security, bug fix, and enhancement update
Notes
Topic
Updated curl packages that fix multiple security issues, several bugs, and
add two enhancements are now available for Red Hat Enterprise Linux 6.
Red Hat Product Security has rated this update as having Moderate security
impact. Common Vulnerability Scoring System (CVSS) base scores, which give
detailed severity ratings, are available for each vulnerability from the
CVE links in the References section.
Details
The curl packages provide the libcurl library and the curl utility for
downloading files from servers using various protocols, including HTTP,
FTP, and LDAP.
It was found that the libcurl library did not correctly handle partial
literal IP addresses when parsing received HTTP cookies. An attacker able
to trick a user into connecting to a malicious server could use this flaw
to set the user's cookie to a crafted domain, making other cookie-related
issues easier to exploit. (CVE-2014-3613)
A flaw was found in the way the libcurl library performed the duplication
of connection handles. If an application set the CURLOPT_COPYPOSTFIELDS
option for a handle, using the handle's duplicate could cause the
application to crash or disclose a portion of its memory. (CVE-2014-3707)
It was discovered that the libcurl library failed to properly handle URLs
with embedded end-of-line characters. An attacker able to make an
application using libcurl to access a specially crafted URL via an HTTP
proxy could use this flaw to inject additional headers to the request or
construct additional requests. (CVE-2014-8150)
It was discovered that libcurl implemented aspects of the NTLM and
Negotatiate authentication incorrectly. If an application uses libcurl
and the affected mechanisms in a specifc way, certain requests to a
previously NTLM-authenticated server could appears as sent by the wrong
authenticated user. Additionally, the initial set of credentials for HTTP
Negotiate-authenticated requests could be reused in subsequent requests,
although a different set of credentials was specified. (CVE-2015-3143,
CVE-2015-3148)
Red Hat would like to thank the cURL project for reporting these issues.
Bug fixes:
* An out-of-protocol fallback to SSL version 3.0 (SSLv3.0) was available
with libcurl. Attackers could abuse the fallback to force downgrade of the
SSL version. The fallback has been removed from libcurl. Users requiring
this functionality can explicitly enable SSLv3.0 through the libcurl API.
(BZ#1154059)
* A single upload transfer through the FILE protocol opened the destination
file twice. If the inotify kernel subsystem monitored the file, two events
were produced unnecessarily. The file is now opened only once per upload.
(BZ#883002)
* Utilities using libcurl for SCP/SFTP transfers could terminate
unexpectedly when the system was running in FIPS mode. (BZ#1008178)
* Using the "--retry" option with the curl utility could cause curl to
terminate unexpectedly with a segmentation fault. Now, adding "--retry" no
longer causes curl to crash. (BZ#1009455)
* The "curl --trace-time" command did not use the correct local time when
printing timestamps. Now, "curl --trace-time" works as expected.
(BZ#1120196)
* The valgrind utility could report dynamically allocated memory leaks on
curl exit. Now, curl performs a global shutdown of the NetScape Portable
Runtime (NSPR) library on exit, and valgrind no longer reports the memory
leaks. (BZ#1146528)
* Previously, libcurl returned an incorrect value of the
CURLINFO_HEADER_SIZE field when a proxy server appended its own headers to
the HTTP response. Now, the returned value is valid. (BZ#1161163)
Enhancements:
* The "--tlsv1.0", "--tlsv1.1", and "--tlsv1.2" options are available for
specifying the minor version of the TLS protocol to be negotiated by NSS.
The "--tlsv1" option now negotiates the highest version of the TLS protocol
supported by both the client and the server. (BZ#1012136)
* It is now possible to explicitly enable or disable the ECC and the new
AES cipher suites to be used for TLS. (BZ#1058767, BZ#1156422)
All curl users are advised to upgrade to these updated packages, which
contain backported patches to correct these issues and add these
enhancements.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated curl packages that fix multiple security issues, several bugs, and\nadd two enhancements are now available for Red Hat Enterprise Linux 6.\n\nRed Hat Product Security has rated this update as having Moderate security\nimpact. Common Vulnerability Scoring System (CVSS) base scores, which give\ndetailed severity ratings, are available for each vulnerability from the\nCVE links in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The curl packages provide the libcurl library and the curl utility for\ndownloading files from servers using various protocols, including HTTP,\nFTP, and LDAP.\n\nIt was found that the libcurl library did not correctly handle partial\nliteral IP addresses when parsing received HTTP cookies. An attacker able\nto trick a user into connecting to a malicious server could use this flaw\nto set the user\u0027s cookie to a crafted domain, making other cookie-related\nissues easier to exploit. (CVE-2014-3613)\n\nA flaw was found in the way the libcurl library performed the duplication\nof connection handles. If an application set the CURLOPT_COPYPOSTFIELDS\noption for a handle, using the handle\u0027s duplicate could cause the\napplication to crash or disclose a portion of its memory. (CVE-2014-3707)\n\nIt was discovered that the libcurl library failed to properly handle URLs\nwith embedded end-of-line characters. An attacker able to make an\napplication using libcurl to access a specially crafted URL via an HTTP\nproxy could use this flaw to inject additional headers to the request or\nconstruct additional requests. (CVE-2014-8150)\n\nIt was discovered that libcurl implemented aspects of the NTLM and\nNegotatiate authentication incorrectly. If an application uses libcurl\nand the affected mechanisms in a specifc way, certain requests to a\npreviously NTLM-authenticated server could appears as sent by the wrong\nauthenticated user. Additionally, the initial set of credentials for HTTP\nNegotiate-authenticated requests could be reused in subsequent requests,\nalthough a different set of credentials was specified. (CVE-2015-3143,\nCVE-2015-3148)\n\nRed Hat would like to thank the cURL project for reporting these issues.\n\nBug fixes:\n\n* An out-of-protocol fallback to SSL version 3.0 (SSLv3.0) was available\nwith libcurl. Attackers could abuse the fallback to force downgrade of the\nSSL version. The fallback has been removed from libcurl. Users requiring\nthis functionality can explicitly enable SSLv3.0 through the libcurl API.\n(BZ#1154059)\n\n* A single upload transfer through the FILE protocol opened the destination\nfile twice. If the inotify kernel subsystem monitored the file, two events\nwere produced unnecessarily. The file is now opened only once per upload.\n(BZ#883002)\n\n* Utilities using libcurl for SCP/SFTP transfers could terminate\nunexpectedly when the system was running in FIPS mode. (BZ#1008178)\n\n* Using the \"--retry\" option with the curl utility could cause curl to\nterminate unexpectedly with a segmentation fault. Now, adding \"--retry\" no\nlonger causes curl to crash. (BZ#1009455)\n\n* The \"curl --trace-time\" command did not use the correct local time when\nprinting timestamps. Now, \"curl --trace-time\" works as expected.\n(BZ#1120196)\n\n* The valgrind utility could report dynamically allocated memory leaks on\ncurl exit. Now, curl performs a global shutdown of the NetScape Portable\nRuntime (NSPR) library on exit, and valgrind no longer reports the memory\nleaks. (BZ#1146528)\n\n* Previously, libcurl returned an incorrect value of the\nCURLINFO_HEADER_SIZE field when a proxy server appended its own headers to\nthe HTTP response. Now, the returned value is valid. (BZ#1161163)\n\nEnhancements:\n\n* The \"--tlsv1.0\", \"--tlsv1.1\", and \"--tlsv1.2\" options are available for\nspecifying the minor version of the TLS protocol to be negotiated by NSS.\nThe \"--tlsv1\" option now negotiates the highest version of the TLS protocol\nsupported by both the client and the server. (BZ#1012136)\n\n* It is now possible to explicitly enable or disable the ECC and the new\nAES cipher suites to be used for TLS. (BZ#1058767, BZ#1156422)\n\nAll curl users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues and add these\nenhancements.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2015:1254",
"url": "https://access.redhat.com/errata/RHSA-2015:1254"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "835898",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=835898"
},
{
"category": "external",
"summary": "883002",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=883002"
},
{
"category": "external",
"summary": "997185",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=997185"
},
{
"category": "external",
"summary": "1008178",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1008178"
},
{
"category": "external",
"summary": "1011083",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1011083"
},
{
"category": "external",
"summary": "1011101",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1011101"
},
{
"category": "external",
"summary": "1058767",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1058767"
},
{
"category": "external",
"summary": "1104160",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1104160"
},
{
"category": "external",
"summary": "1136154",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1136154"
},
{
"category": "external",
"summary": "1154059",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1154059"
},
{
"category": "external",
"summary": "1154747",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1154747"
},
{
"category": "external",
"summary": "1154941",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1154941"
},
{
"category": "external",
"summary": "1156422",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1156422"
},
{
"category": "external",
"summary": "1161163",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1161163"
},
{
"category": "external",
"summary": "1168137",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1168137"
},
{
"category": "external",
"summary": "1178692",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1178692"
},
{
"category": "external",
"summary": "1213306",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1213306"
},
{
"category": "external",
"summary": "1213351",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1213351"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2015/rhsa-2015_1254.json"
}
],
"title": "Red Hat Security Advisory: curl security, bug fix, and enhancement update",
"tracking": {
"current_release_date": "2024-11-22T08:47:34+00:00",
"generator": {
"date": "2024-11-22T08:47:34+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.1"
}
},
"id": "RHSA-2015:1254",
"initial_release_date": "2015-07-20T13:50:03+00:00",
"revision_history": [
{
"date": "2015-07-20T13:50:03+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2015-07-20T13:50:03+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-22T08:47:34+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Desktop (v. 6)",
"product": {
"name": "Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:6::client"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product": {
"name": "Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:6::client"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux HPC Node (v. 6)",
"product": {
"name": "Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:6::computenode"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product": {
"name": "Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:6::computenode"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Server (v. 6)",
"product": {
"name": "Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:6::server"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Workstation (v. 6)",
"product": {
"name": "Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:6::workstation"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "libcurl-devel-0:7.19.7-46.el6.i686",
"product": {
"name": "libcurl-devel-0:7.19.7-46.el6.i686",
"product_id": "libcurl-devel-0:7.19.7-46.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libcurl-devel@7.19.7-46.el6?arch=i686"
}
}
},
{
"category": "product_version",
"name": "libcurl-0:7.19.7-46.el6.i686",
"product": {
"name": "libcurl-0:7.19.7-46.el6.i686",
"product_id": "libcurl-0:7.19.7-46.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libcurl@7.19.7-46.el6?arch=i686"
}
}
},
{
"category": "product_version",
"name": "curl-debuginfo-0:7.19.7-46.el6.i686",
"product": {
"name": "curl-debuginfo-0:7.19.7-46.el6.i686",
"product_id": "curl-debuginfo-0:7.19.7-46.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/curl-debuginfo@7.19.7-46.el6?arch=i686"
}
}
},
{
"category": "product_version",
"name": "curl-0:7.19.7-46.el6.i686",
"product": {
"name": "curl-0:7.19.7-46.el6.i686",
"product_id": "curl-0:7.19.7-46.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/curl@7.19.7-46.el6?arch=i686"
}
}
}
],
"category": "architecture",
"name": "i686"
},
{
"branches": [
{
"category": "product_version",
"name": "curl-debuginfo-0:7.19.7-46.el6.x86_64",
"product": {
"name": "curl-debuginfo-0:7.19.7-46.el6.x86_64",
"product_id": "curl-debuginfo-0:7.19.7-46.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/curl-debuginfo@7.19.7-46.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "curl-0:7.19.7-46.el6.x86_64",
"product": {
"name": "curl-0:7.19.7-46.el6.x86_64",
"product_id": "curl-0:7.19.7-46.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/curl@7.19.7-46.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "libcurl-0:7.19.7-46.el6.x86_64",
"product": {
"name": "libcurl-0:7.19.7-46.el6.x86_64",
"product_id": "libcurl-0:7.19.7-46.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libcurl@7.19.7-46.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "libcurl-devel-0:7.19.7-46.el6.x86_64",
"product": {
"name": "libcurl-devel-0:7.19.7-46.el6.x86_64",
"product_id": "libcurl-devel-0:7.19.7-46.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libcurl-devel@7.19.7-46.el6?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "curl-0:7.19.7-46.el6.src",
"product": {
"name": "curl-0:7.19.7-46.el6.src",
"product_id": "curl-0:7.19.7-46.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/curl@7.19.7-46.el6?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "curl-debuginfo-0:7.19.7-46.el6.s390",
"product": {
"name": "curl-debuginfo-0:7.19.7-46.el6.s390",
"product_id": "curl-debuginfo-0:7.19.7-46.el6.s390",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/curl-debuginfo@7.19.7-46.el6?arch=s390"
}
}
},
{
"category": "product_version",
"name": "libcurl-0:7.19.7-46.el6.s390",
"product": {
"name": "libcurl-0:7.19.7-46.el6.s390",
"product_id": "libcurl-0:7.19.7-46.el6.s390",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libcurl@7.19.7-46.el6?arch=s390"
}
}
},
{
"category": "product_version",
"name": "libcurl-devel-0:7.19.7-46.el6.s390",
"product": {
"name": "libcurl-devel-0:7.19.7-46.el6.s390",
"product_id": "libcurl-devel-0:7.19.7-46.el6.s390",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libcurl-devel@7.19.7-46.el6?arch=s390"
}
}
}
],
"category": "architecture",
"name": "s390"
},
{
"branches": [
{
"category": "product_version",
"name": "libcurl-devel-0:7.19.7-46.el6.s390x",
"product": {
"name": "libcurl-devel-0:7.19.7-46.el6.s390x",
"product_id": "libcurl-devel-0:7.19.7-46.el6.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libcurl-devel@7.19.7-46.el6?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "curl-debuginfo-0:7.19.7-46.el6.s390x",
"product": {
"name": "curl-debuginfo-0:7.19.7-46.el6.s390x",
"product_id": "curl-debuginfo-0:7.19.7-46.el6.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/curl-debuginfo@7.19.7-46.el6?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "curl-0:7.19.7-46.el6.s390x",
"product": {
"name": "curl-0:7.19.7-46.el6.s390x",
"product_id": "curl-0:7.19.7-46.el6.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/curl@7.19.7-46.el6?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "libcurl-0:7.19.7-46.el6.s390x",
"product": {
"name": "libcurl-0:7.19.7-46.el6.s390x",
"product_id": "libcurl-0:7.19.7-46.el6.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libcurl@7.19.7-46.el6?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "curl-debuginfo-0:7.19.7-46.el6.ppc",
"product": {
"name": "curl-debuginfo-0:7.19.7-46.el6.ppc",
"product_id": "curl-debuginfo-0:7.19.7-46.el6.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/curl-debuginfo@7.19.7-46.el6?arch=ppc"
}
}
},
{
"category": "product_version",
"name": "libcurl-devel-0:7.19.7-46.el6.ppc",
"product": {
"name": "libcurl-devel-0:7.19.7-46.el6.ppc",
"product_id": "libcurl-devel-0:7.19.7-46.el6.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libcurl-devel@7.19.7-46.el6?arch=ppc"
}
}
},
{
"category": "product_version",
"name": "libcurl-0:7.19.7-46.el6.ppc",
"product": {
"name": "libcurl-0:7.19.7-46.el6.ppc",
"product_id": "libcurl-0:7.19.7-46.el6.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libcurl@7.19.7-46.el6?arch=ppc"
}
}
}
],
"category": "architecture",
"name": "ppc"
},
{
"branches": [
{
"category": "product_version",
"name": "curl-debuginfo-0:7.19.7-46.el6.ppc64",
"product": {
"name": "curl-debuginfo-0:7.19.7-46.el6.ppc64",
"product_id": "curl-debuginfo-0:7.19.7-46.el6.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/curl-debuginfo@7.19.7-46.el6?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "curl-0:7.19.7-46.el6.ppc64",
"product": {
"name": "curl-0:7.19.7-46.el6.ppc64",
"product_id": "curl-0:7.19.7-46.el6.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/curl@7.19.7-46.el6?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "libcurl-devel-0:7.19.7-46.el6.ppc64",
"product": {
"name": "libcurl-devel-0:7.19.7-46.el6.ppc64",
"product_id": "libcurl-devel-0:7.19.7-46.el6.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libcurl-devel@7.19.7-46.el6?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "libcurl-0:7.19.7-46.el6.ppc64",
"product": {
"name": "libcurl-0:7.19.7-46.el6.ppc64",
"product_id": "libcurl-0:7.19.7-46.el6.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libcurl@7.19.7-46.el6?arch=ppc64"
}
}
}
],
"category": "architecture",
"name": "ppc64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-0:7.19.7-46.el6.i686 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional:curl-0:7.19.7-46.el6.i686"
},
"product_reference": "curl-0:7.19.7-46.el6.i686",
"relates_to_product_reference": "6Client-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-0:7.19.7-46.el6.ppc64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional:curl-0:7.19.7-46.el6.ppc64"
},
"product_reference": "curl-0:7.19.7-46.el6.ppc64",
"relates_to_product_reference": "6Client-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-0:7.19.7-46.el6.s390x as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional:curl-0:7.19.7-46.el6.s390x"
},
"product_reference": "curl-0:7.19.7-46.el6.s390x",
"relates_to_product_reference": "6Client-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-0:7.19.7-46.el6.src as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional:curl-0:7.19.7-46.el6.src"
},
"product_reference": "curl-0:7.19.7-46.el6.src",
"relates_to_product_reference": "6Client-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-0:7.19.7-46.el6.x86_64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional:curl-0:7.19.7-46.el6.x86_64"
},
"product_reference": "curl-0:7.19.7-46.el6.x86_64",
"relates_to_product_reference": "6Client-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-debuginfo-0:7.19.7-46.el6.i686 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional:curl-debuginfo-0:7.19.7-46.el6.i686"
},
"product_reference": "curl-debuginfo-0:7.19.7-46.el6.i686",
"relates_to_product_reference": "6Client-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-debuginfo-0:7.19.7-46.el6.ppc as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional:curl-debuginfo-0:7.19.7-46.el6.ppc"
},
"product_reference": "curl-debuginfo-0:7.19.7-46.el6.ppc",
"relates_to_product_reference": "6Client-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-debuginfo-0:7.19.7-46.el6.ppc64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional:curl-debuginfo-0:7.19.7-46.el6.ppc64"
},
"product_reference": "curl-debuginfo-0:7.19.7-46.el6.ppc64",
"relates_to_product_reference": "6Client-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-debuginfo-0:7.19.7-46.el6.s390 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional:curl-debuginfo-0:7.19.7-46.el6.s390"
},
"product_reference": "curl-debuginfo-0:7.19.7-46.el6.s390",
"relates_to_product_reference": "6Client-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-debuginfo-0:7.19.7-46.el6.s390x as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional:curl-debuginfo-0:7.19.7-46.el6.s390x"
},
"product_reference": "curl-debuginfo-0:7.19.7-46.el6.s390x",
"relates_to_product_reference": "6Client-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-debuginfo-0:7.19.7-46.el6.x86_64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional:curl-debuginfo-0:7.19.7-46.el6.x86_64"
},
"product_reference": "curl-debuginfo-0:7.19.7-46.el6.x86_64",
"relates_to_product_reference": "6Client-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-0:7.19.7-46.el6.i686 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional:libcurl-0:7.19.7-46.el6.i686"
},
"product_reference": "libcurl-0:7.19.7-46.el6.i686",
"relates_to_product_reference": "6Client-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-0:7.19.7-46.el6.ppc as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional:libcurl-0:7.19.7-46.el6.ppc"
},
"product_reference": "libcurl-0:7.19.7-46.el6.ppc",
"relates_to_product_reference": "6Client-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-0:7.19.7-46.el6.ppc64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional:libcurl-0:7.19.7-46.el6.ppc64"
},
"product_reference": "libcurl-0:7.19.7-46.el6.ppc64",
"relates_to_product_reference": "6Client-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-0:7.19.7-46.el6.s390 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional:libcurl-0:7.19.7-46.el6.s390"
},
"product_reference": "libcurl-0:7.19.7-46.el6.s390",
"relates_to_product_reference": "6Client-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-0:7.19.7-46.el6.s390x as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional:libcurl-0:7.19.7-46.el6.s390x"
},
"product_reference": "libcurl-0:7.19.7-46.el6.s390x",
"relates_to_product_reference": "6Client-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-0:7.19.7-46.el6.x86_64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional:libcurl-0:7.19.7-46.el6.x86_64"
},
"product_reference": "libcurl-0:7.19.7-46.el6.x86_64",
"relates_to_product_reference": "6Client-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-devel-0:7.19.7-46.el6.i686 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional:libcurl-devel-0:7.19.7-46.el6.i686"
},
"product_reference": "libcurl-devel-0:7.19.7-46.el6.i686",
"relates_to_product_reference": "6Client-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-devel-0:7.19.7-46.el6.ppc as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional:libcurl-devel-0:7.19.7-46.el6.ppc"
},
"product_reference": "libcurl-devel-0:7.19.7-46.el6.ppc",
"relates_to_product_reference": "6Client-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-devel-0:7.19.7-46.el6.ppc64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional:libcurl-devel-0:7.19.7-46.el6.ppc64"
},
"product_reference": "libcurl-devel-0:7.19.7-46.el6.ppc64",
"relates_to_product_reference": "6Client-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-devel-0:7.19.7-46.el6.s390 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional:libcurl-devel-0:7.19.7-46.el6.s390"
},
"product_reference": "libcurl-devel-0:7.19.7-46.el6.s390",
"relates_to_product_reference": "6Client-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-devel-0:7.19.7-46.el6.s390x as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional:libcurl-devel-0:7.19.7-46.el6.s390x"
},
"product_reference": "libcurl-devel-0:7.19.7-46.el6.s390x",
"relates_to_product_reference": "6Client-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-devel-0:7.19.7-46.el6.x86_64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional:libcurl-devel-0:7.19.7-46.el6.x86_64"
},
"product_reference": "libcurl-devel-0:7.19.7-46.el6.x86_64",
"relates_to_product_reference": "6Client-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-0:7.19.7-46.el6.i686 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client:curl-0:7.19.7-46.el6.i686"
},
"product_reference": "curl-0:7.19.7-46.el6.i686",
"relates_to_product_reference": "6Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-0:7.19.7-46.el6.ppc64 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client:curl-0:7.19.7-46.el6.ppc64"
},
"product_reference": "curl-0:7.19.7-46.el6.ppc64",
"relates_to_product_reference": "6Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-0:7.19.7-46.el6.s390x as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client:curl-0:7.19.7-46.el6.s390x"
},
"product_reference": "curl-0:7.19.7-46.el6.s390x",
"relates_to_product_reference": "6Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-0:7.19.7-46.el6.src as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client:curl-0:7.19.7-46.el6.src"
},
"product_reference": "curl-0:7.19.7-46.el6.src",
"relates_to_product_reference": "6Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-0:7.19.7-46.el6.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client:curl-0:7.19.7-46.el6.x86_64"
},
"product_reference": "curl-0:7.19.7-46.el6.x86_64",
"relates_to_product_reference": "6Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-debuginfo-0:7.19.7-46.el6.i686 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client:curl-debuginfo-0:7.19.7-46.el6.i686"
},
"product_reference": "curl-debuginfo-0:7.19.7-46.el6.i686",
"relates_to_product_reference": "6Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-debuginfo-0:7.19.7-46.el6.ppc as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client:curl-debuginfo-0:7.19.7-46.el6.ppc"
},
"product_reference": "curl-debuginfo-0:7.19.7-46.el6.ppc",
"relates_to_product_reference": "6Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-debuginfo-0:7.19.7-46.el6.ppc64 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client:curl-debuginfo-0:7.19.7-46.el6.ppc64"
},
"product_reference": "curl-debuginfo-0:7.19.7-46.el6.ppc64",
"relates_to_product_reference": "6Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-debuginfo-0:7.19.7-46.el6.s390 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client:curl-debuginfo-0:7.19.7-46.el6.s390"
},
"product_reference": "curl-debuginfo-0:7.19.7-46.el6.s390",
"relates_to_product_reference": "6Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-debuginfo-0:7.19.7-46.el6.s390x as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client:curl-debuginfo-0:7.19.7-46.el6.s390x"
},
"product_reference": "curl-debuginfo-0:7.19.7-46.el6.s390x",
"relates_to_product_reference": "6Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-debuginfo-0:7.19.7-46.el6.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client:curl-debuginfo-0:7.19.7-46.el6.x86_64"
},
"product_reference": "curl-debuginfo-0:7.19.7-46.el6.x86_64",
"relates_to_product_reference": "6Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-0:7.19.7-46.el6.i686 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client:libcurl-0:7.19.7-46.el6.i686"
},
"product_reference": "libcurl-0:7.19.7-46.el6.i686",
"relates_to_product_reference": "6Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-0:7.19.7-46.el6.ppc as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client:libcurl-0:7.19.7-46.el6.ppc"
},
"product_reference": "libcurl-0:7.19.7-46.el6.ppc",
"relates_to_product_reference": "6Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-0:7.19.7-46.el6.ppc64 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client:libcurl-0:7.19.7-46.el6.ppc64"
},
"product_reference": "libcurl-0:7.19.7-46.el6.ppc64",
"relates_to_product_reference": "6Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-0:7.19.7-46.el6.s390 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client:libcurl-0:7.19.7-46.el6.s390"
},
"product_reference": "libcurl-0:7.19.7-46.el6.s390",
"relates_to_product_reference": "6Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-0:7.19.7-46.el6.s390x as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client:libcurl-0:7.19.7-46.el6.s390x"
},
"product_reference": "libcurl-0:7.19.7-46.el6.s390x",
"relates_to_product_reference": "6Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-0:7.19.7-46.el6.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client:libcurl-0:7.19.7-46.el6.x86_64"
},
"product_reference": "libcurl-0:7.19.7-46.el6.x86_64",
"relates_to_product_reference": "6Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-devel-0:7.19.7-46.el6.i686 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client:libcurl-devel-0:7.19.7-46.el6.i686"
},
"product_reference": "libcurl-devel-0:7.19.7-46.el6.i686",
"relates_to_product_reference": "6Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-devel-0:7.19.7-46.el6.ppc as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client:libcurl-devel-0:7.19.7-46.el6.ppc"
},
"product_reference": "libcurl-devel-0:7.19.7-46.el6.ppc",
"relates_to_product_reference": "6Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-devel-0:7.19.7-46.el6.ppc64 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client:libcurl-devel-0:7.19.7-46.el6.ppc64"
},
"product_reference": "libcurl-devel-0:7.19.7-46.el6.ppc64",
"relates_to_product_reference": "6Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-devel-0:7.19.7-46.el6.s390 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client:libcurl-devel-0:7.19.7-46.el6.s390"
},
"product_reference": "libcurl-devel-0:7.19.7-46.el6.s390",
"relates_to_product_reference": "6Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-devel-0:7.19.7-46.el6.s390x as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client:libcurl-devel-0:7.19.7-46.el6.s390x"
},
"product_reference": "libcurl-devel-0:7.19.7-46.el6.s390x",
"relates_to_product_reference": "6Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-devel-0:7.19.7-46.el6.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client:libcurl-devel-0:7.19.7-46.el6.x86_64"
},
"product_reference": "libcurl-devel-0:7.19.7-46.el6.x86_64",
"relates_to_product_reference": "6Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-0:7.19.7-46.el6.i686 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional:curl-0:7.19.7-46.el6.i686"
},
"product_reference": "curl-0:7.19.7-46.el6.i686",
"relates_to_product_reference": "6ComputeNode-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-0:7.19.7-46.el6.ppc64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional:curl-0:7.19.7-46.el6.ppc64"
},
"product_reference": "curl-0:7.19.7-46.el6.ppc64",
"relates_to_product_reference": "6ComputeNode-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-0:7.19.7-46.el6.s390x as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional:curl-0:7.19.7-46.el6.s390x"
},
"product_reference": "curl-0:7.19.7-46.el6.s390x",
"relates_to_product_reference": "6ComputeNode-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-0:7.19.7-46.el6.src as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional:curl-0:7.19.7-46.el6.src"
},
"product_reference": "curl-0:7.19.7-46.el6.src",
"relates_to_product_reference": "6ComputeNode-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-0:7.19.7-46.el6.x86_64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional:curl-0:7.19.7-46.el6.x86_64"
},
"product_reference": "curl-0:7.19.7-46.el6.x86_64",
"relates_to_product_reference": "6ComputeNode-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-debuginfo-0:7.19.7-46.el6.i686 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.i686"
},
"product_reference": "curl-debuginfo-0:7.19.7-46.el6.i686",
"relates_to_product_reference": "6ComputeNode-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-debuginfo-0:7.19.7-46.el6.ppc as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.ppc"
},
"product_reference": "curl-debuginfo-0:7.19.7-46.el6.ppc",
"relates_to_product_reference": "6ComputeNode-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-debuginfo-0:7.19.7-46.el6.ppc64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.ppc64"
},
"product_reference": "curl-debuginfo-0:7.19.7-46.el6.ppc64",
"relates_to_product_reference": "6ComputeNode-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-debuginfo-0:7.19.7-46.el6.s390 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.s390"
},
"product_reference": "curl-debuginfo-0:7.19.7-46.el6.s390",
"relates_to_product_reference": "6ComputeNode-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-debuginfo-0:7.19.7-46.el6.s390x as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.s390x"
},
"product_reference": "curl-debuginfo-0:7.19.7-46.el6.s390x",
"relates_to_product_reference": "6ComputeNode-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-debuginfo-0:7.19.7-46.el6.x86_64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.x86_64"
},
"product_reference": "curl-debuginfo-0:7.19.7-46.el6.x86_64",
"relates_to_product_reference": "6ComputeNode-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-0:7.19.7-46.el6.i686 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional:libcurl-0:7.19.7-46.el6.i686"
},
"product_reference": "libcurl-0:7.19.7-46.el6.i686",
"relates_to_product_reference": "6ComputeNode-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-0:7.19.7-46.el6.ppc as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional:libcurl-0:7.19.7-46.el6.ppc"
},
"product_reference": "libcurl-0:7.19.7-46.el6.ppc",
"relates_to_product_reference": "6ComputeNode-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-0:7.19.7-46.el6.ppc64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional:libcurl-0:7.19.7-46.el6.ppc64"
},
"product_reference": "libcurl-0:7.19.7-46.el6.ppc64",
"relates_to_product_reference": "6ComputeNode-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-0:7.19.7-46.el6.s390 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional:libcurl-0:7.19.7-46.el6.s390"
},
"product_reference": "libcurl-0:7.19.7-46.el6.s390",
"relates_to_product_reference": "6ComputeNode-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-0:7.19.7-46.el6.s390x as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional:libcurl-0:7.19.7-46.el6.s390x"
},
"product_reference": "libcurl-0:7.19.7-46.el6.s390x",
"relates_to_product_reference": "6ComputeNode-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-0:7.19.7-46.el6.x86_64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional:libcurl-0:7.19.7-46.el6.x86_64"
},
"product_reference": "libcurl-0:7.19.7-46.el6.x86_64",
"relates_to_product_reference": "6ComputeNode-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-devel-0:7.19.7-46.el6.i686 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.i686"
},
"product_reference": "libcurl-devel-0:7.19.7-46.el6.i686",
"relates_to_product_reference": "6ComputeNode-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-devel-0:7.19.7-46.el6.ppc as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.ppc"
},
"product_reference": "libcurl-devel-0:7.19.7-46.el6.ppc",
"relates_to_product_reference": "6ComputeNode-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-devel-0:7.19.7-46.el6.ppc64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.ppc64"
},
"product_reference": "libcurl-devel-0:7.19.7-46.el6.ppc64",
"relates_to_product_reference": "6ComputeNode-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-devel-0:7.19.7-46.el6.s390 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.s390"
},
"product_reference": "libcurl-devel-0:7.19.7-46.el6.s390",
"relates_to_product_reference": "6ComputeNode-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-devel-0:7.19.7-46.el6.s390x as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.s390x"
},
"product_reference": "libcurl-devel-0:7.19.7-46.el6.s390x",
"relates_to_product_reference": "6ComputeNode-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-devel-0:7.19.7-46.el6.x86_64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.x86_64"
},
"product_reference": "libcurl-devel-0:7.19.7-46.el6.x86_64",
"relates_to_product_reference": "6ComputeNode-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-0:7.19.7-46.el6.i686 as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode:curl-0:7.19.7-46.el6.i686"
},
"product_reference": "curl-0:7.19.7-46.el6.i686",
"relates_to_product_reference": "6ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-0:7.19.7-46.el6.ppc64 as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode:curl-0:7.19.7-46.el6.ppc64"
},
"product_reference": "curl-0:7.19.7-46.el6.ppc64",
"relates_to_product_reference": "6ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-0:7.19.7-46.el6.s390x as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode:curl-0:7.19.7-46.el6.s390x"
},
"product_reference": "curl-0:7.19.7-46.el6.s390x",
"relates_to_product_reference": "6ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-0:7.19.7-46.el6.src as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode:curl-0:7.19.7-46.el6.src"
},
"product_reference": "curl-0:7.19.7-46.el6.src",
"relates_to_product_reference": "6ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-0:7.19.7-46.el6.x86_64 as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode:curl-0:7.19.7-46.el6.x86_64"
},
"product_reference": "curl-0:7.19.7-46.el6.x86_64",
"relates_to_product_reference": "6ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-debuginfo-0:7.19.7-46.el6.i686 as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.i686"
},
"product_reference": "curl-debuginfo-0:7.19.7-46.el6.i686",
"relates_to_product_reference": "6ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-debuginfo-0:7.19.7-46.el6.ppc as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.ppc"
},
"product_reference": "curl-debuginfo-0:7.19.7-46.el6.ppc",
"relates_to_product_reference": "6ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-debuginfo-0:7.19.7-46.el6.ppc64 as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.ppc64"
},
"product_reference": "curl-debuginfo-0:7.19.7-46.el6.ppc64",
"relates_to_product_reference": "6ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-debuginfo-0:7.19.7-46.el6.s390 as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.s390"
},
"product_reference": "curl-debuginfo-0:7.19.7-46.el6.s390",
"relates_to_product_reference": "6ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-debuginfo-0:7.19.7-46.el6.s390x as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.s390x"
},
"product_reference": "curl-debuginfo-0:7.19.7-46.el6.s390x",
"relates_to_product_reference": "6ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-debuginfo-0:7.19.7-46.el6.x86_64 as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.x86_64"
},
"product_reference": "curl-debuginfo-0:7.19.7-46.el6.x86_64",
"relates_to_product_reference": "6ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-0:7.19.7-46.el6.i686 as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode:libcurl-0:7.19.7-46.el6.i686"
},
"product_reference": "libcurl-0:7.19.7-46.el6.i686",
"relates_to_product_reference": "6ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-0:7.19.7-46.el6.ppc as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode:libcurl-0:7.19.7-46.el6.ppc"
},
"product_reference": "libcurl-0:7.19.7-46.el6.ppc",
"relates_to_product_reference": "6ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-0:7.19.7-46.el6.ppc64 as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode:libcurl-0:7.19.7-46.el6.ppc64"
},
"product_reference": "libcurl-0:7.19.7-46.el6.ppc64",
"relates_to_product_reference": "6ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-0:7.19.7-46.el6.s390 as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode:libcurl-0:7.19.7-46.el6.s390"
},
"product_reference": "libcurl-0:7.19.7-46.el6.s390",
"relates_to_product_reference": "6ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-0:7.19.7-46.el6.s390x as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode:libcurl-0:7.19.7-46.el6.s390x"
},
"product_reference": "libcurl-0:7.19.7-46.el6.s390x",
"relates_to_product_reference": "6ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-0:7.19.7-46.el6.x86_64 as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode:libcurl-0:7.19.7-46.el6.x86_64"
},
"product_reference": "libcurl-0:7.19.7-46.el6.x86_64",
"relates_to_product_reference": "6ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-devel-0:7.19.7-46.el6.i686 as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode:libcurl-devel-0:7.19.7-46.el6.i686"
},
"product_reference": "libcurl-devel-0:7.19.7-46.el6.i686",
"relates_to_product_reference": "6ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-devel-0:7.19.7-46.el6.ppc as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode:libcurl-devel-0:7.19.7-46.el6.ppc"
},
"product_reference": "libcurl-devel-0:7.19.7-46.el6.ppc",
"relates_to_product_reference": "6ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-devel-0:7.19.7-46.el6.ppc64 as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode:libcurl-devel-0:7.19.7-46.el6.ppc64"
},
"product_reference": "libcurl-devel-0:7.19.7-46.el6.ppc64",
"relates_to_product_reference": "6ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-devel-0:7.19.7-46.el6.s390 as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode:libcurl-devel-0:7.19.7-46.el6.s390"
},
"product_reference": "libcurl-devel-0:7.19.7-46.el6.s390",
"relates_to_product_reference": "6ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-devel-0:7.19.7-46.el6.s390x as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode:libcurl-devel-0:7.19.7-46.el6.s390x"
},
"product_reference": "libcurl-devel-0:7.19.7-46.el6.s390x",
"relates_to_product_reference": "6ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-devel-0:7.19.7-46.el6.x86_64 as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode:libcurl-devel-0:7.19.7-46.el6.x86_64"
},
"product_reference": "libcurl-devel-0:7.19.7-46.el6.x86_64",
"relates_to_product_reference": "6ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-0:7.19.7-46.el6.i686 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server:curl-0:7.19.7-46.el6.i686"
},
"product_reference": "curl-0:7.19.7-46.el6.i686",
"relates_to_product_reference": "6Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-0:7.19.7-46.el6.ppc64 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server:curl-0:7.19.7-46.el6.ppc64"
},
"product_reference": "curl-0:7.19.7-46.el6.ppc64",
"relates_to_product_reference": "6Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-0:7.19.7-46.el6.s390x as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server:curl-0:7.19.7-46.el6.s390x"
},
"product_reference": "curl-0:7.19.7-46.el6.s390x",
"relates_to_product_reference": "6Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-0:7.19.7-46.el6.src as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server:curl-0:7.19.7-46.el6.src"
},
"product_reference": "curl-0:7.19.7-46.el6.src",
"relates_to_product_reference": "6Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-0:7.19.7-46.el6.x86_64 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server:curl-0:7.19.7-46.el6.x86_64"
},
"product_reference": "curl-0:7.19.7-46.el6.x86_64",
"relates_to_product_reference": "6Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-debuginfo-0:7.19.7-46.el6.i686 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server:curl-debuginfo-0:7.19.7-46.el6.i686"
},
"product_reference": "curl-debuginfo-0:7.19.7-46.el6.i686",
"relates_to_product_reference": "6Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-debuginfo-0:7.19.7-46.el6.ppc as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server:curl-debuginfo-0:7.19.7-46.el6.ppc"
},
"product_reference": "curl-debuginfo-0:7.19.7-46.el6.ppc",
"relates_to_product_reference": "6Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-debuginfo-0:7.19.7-46.el6.ppc64 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server:curl-debuginfo-0:7.19.7-46.el6.ppc64"
},
"product_reference": "curl-debuginfo-0:7.19.7-46.el6.ppc64",
"relates_to_product_reference": "6Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-debuginfo-0:7.19.7-46.el6.s390 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server:curl-debuginfo-0:7.19.7-46.el6.s390"
},
"product_reference": "curl-debuginfo-0:7.19.7-46.el6.s390",
"relates_to_product_reference": "6Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-debuginfo-0:7.19.7-46.el6.s390x as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server:curl-debuginfo-0:7.19.7-46.el6.s390x"
},
"product_reference": "curl-debuginfo-0:7.19.7-46.el6.s390x",
"relates_to_product_reference": "6Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-debuginfo-0:7.19.7-46.el6.x86_64 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server:curl-debuginfo-0:7.19.7-46.el6.x86_64"
},
"product_reference": "curl-debuginfo-0:7.19.7-46.el6.x86_64",
"relates_to_product_reference": "6Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-0:7.19.7-46.el6.i686 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server:libcurl-0:7.19.7-46.el6.i686"
},
"product_reference": "libcurl-0:7.19.7-46.el6.i686",
"relates_to_product_reference": "6Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-0:7.19.7-46.el6.ppc as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server:libcurl-0:7.19.7-46.el6.ppc"
},
"product_reference": "libcurl-0:7.19.7-46.el6.ppc",
"relates_to_product_reference": "6Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-0:7.19.7-46.el6.ppc64 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server:libcurl-0:7.19.7-46.el6.ppc64"
},
"product_reference": "libcurl-0:7.19.7-46.el6.ppc64",
"relates_to_product_reference": "6Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-0:7.19.7-46.el6.s390 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server:libcurl-0:7.19.7-46.el6.s390"
},
"product_reference": "libcurl-0:7.19.7-46.el6.s390",
"relates_to_product_reference": "6Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-0:7.19.7-46.el6.s390x as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server:libcurl-0:7.19.7-46.el6.s390x"
},
"product_reference": "libcurl-0:7.19.7-46.el6.s390x",
"relates_to_product_reference": "6Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-0:7.19.7-46.el6.x86_64 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server:libcurl-0:7.19.7-46.el6.x86_64"
},
"product_reference": "libcurl-0:7.19.7-46.el6.x86_64",
"relates_to_product_reference": "6Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-devel-0:7.19.7-46.el6.i686 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server:libcurl-devel-0:7.19.7-46.el6.i686"
},
"product_reference": "libcurl-devel-0:7.19.7-46.el6.i686",
"relates_to_product_reference": "6Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-devel-0:7.19.7-46.el6.ppc as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server:libcurl-devel-0:7.19.7-46.el6.ppc"
},
"product_reference": "libcurl-devel-0:7.19.7-46.el6.ppc",
"relates_to_product_reference": "6Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-devel-0:7.19.7-46.el6.ppc64 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server:libcurl-devel-0:7.19.7-46.el6.ppc64"
},
"product_reference": "libcurl-devel-0:7.19.7-46.el6.ppc64",
"relates_to_product_reference": "6Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-devel-0:7.19.7-46.el6.s390 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server:libcurl-devel-0:7.19.7-46.el6.s390"
},
"product_reference": "libcurl-devel-0:7.19.7-46.el6.s390",
"relates_to_product_reference": "6Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-devel-0:7.19.7-46.el6.s390x as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server:libcurl-devel-0:7.19.7-46.el6.s390x"
},
"product_reference": "libcurl-devel-0:7.19.7-46.el6.s390x",
"relates_to_product_reference": "6Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-devel-0:7.19.7-46.el6.x86_64 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server:libcurl-devel-0:7.19.7-46.el6.x86_64"
},
"product_reference": "libcurl-devel-0:7.19.7-46.el6.x86_64",
"relates_to_product_reference": "6Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-0:7.19.7-46.el6.i686 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation:curl-0:7.19.7-46.el6.i686"
},
"product_reference": "curl-0:7.19.7-46.el6.i686",
"relates_to_product_reference": "6Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-0:7.19.7-46.el6.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation:curl-0:7.19.7-46.el6.ppc64"
},
"product_reference": "curl-0:7.19.7-46.el6.ppc64",
"relates_to_product_reference": "6Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-0:7.19.7-46.el6.s390x as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation:curl-0:7.19.7-46.el6.s390x"
},
"product_reference": "curl-0:7.19.7-46.el6.s390x",
"relates_to_product_reference": "6Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-0:7.19.7-46.el6.src as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation:curl-0:7.19.7-46.el6.src"
},
"product_reference": "curl-0:7.19.7-46.el6.src",
"relates_to_product_reference": "6Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-0:7.19.7-46.el6.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation:curl-0:7.19.7-46.el6.x86_64"
},
"product_reference": "curl-0:7.19.7-46.el6.x86_64",
"relates_to_product_reference": "6Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-debuginfo-0:7.19.7-46.el6.i686 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation:curl-debuginfo-0:7.19.7-46.el6.i686"
},
"product_reference": "curl-debuginfo-0:7.19.7-46.el6.i686",
"relates_to_product_reference": "6Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-debuginfo-0:7.19.7-46.el6.ppc as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation:curl-debuginfo-0:7.19.7-46.el6.ppc"
},
"product_reference": "curl-debuginfo-0:7.19.7-46.el6.ppc",
"relates_to_product_reference": "6Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-debuginfo-0:7.19.7-46.el6.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation:curl-debuginfo-0:7.19.7-46.el6.ppc64"
},
"product_reference": "curl-debuginfo-0:7.19.7-46.el6.ppc64",
"relates_to_product_reference": "6Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-debuginfo-0:7.19.7-46.el6.s390 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation:curl-debuginfo-0:7.19.7-46.el6.s390"
},
"product_reference": "curl-debuginfo-0:7.19.7-46.el6.s390",
"relates_to_product_reference": "6Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-debuginfo-0:7.19.7-46.el6.s390x as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation:curl-debuginfo-0:7.19.7-46.el6.s390x"
},
"product_reference": "curl-debuginfo-0:7.19.7-46.el6.s390x",
"relates_to_product_reference": "6Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "curl-debuginfo-0:7.19.7-46.el6.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation:curl-debuginfo-0:7.19.7-46.el6.x86_64"
},
"product_reference": "curl-debuginfo-0:7.19.7-46.el6.x86_64",
"relates_to_product_reference": "6Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-0:7.19.7-46.el6.i686 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation:libcurl-0:7.19.7-46.el6.i686"
},
"product_reference": "libcurl-0:7.19.7-46.el6.i686",
"relates_to_product_reference": "6Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-0:7.19.7-46.el6.ppc as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation:libcurl-0:7.19.7-46.el6.ppc"
},
"product_reference": "libcurl-0:7.19.7-46.el6.ppc",
"relates_to_product_reference": "6Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-0:7.19.7-46.el6.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation:libcurl-0:7.19.7-46.el6.ppc64"
},
"product_reference": "libcurl-0:7.19.7-46.el6.ppc64",
"relates_to_product_reference": "6Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-0:7.19.7-46.el6.s390 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation:libcurl-0:7.19.7-46.el6.s390"
},
"product_reference": "libcurl-0:7.19.7-46.el6.s390",
"relates_to_product_reference": "6Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-0:7.19.7-46.el6.s390x as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation:libcurl-0:7.19.7-46.el6.s390x"
},
"product_reference": "libcurl-0:7.19.7-46.el6.s390x",
"relates_to_product_reference": "6Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-0:7.19.7-46.el6.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation:libcurl-0:7.19.7-46.el6.x86_64"
},
"product_reference": "libcurl-0:7.19.7-46.el6.x86_64",
"relates_to_product_reference": "6Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-devel-0:7.19.7-46.el6.i686 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation:libcurl-devel-0:7.19.7-46.el6.i686"
},
"product_reference": "libcurl-devel-0:7.19.7-46.el6.i686",
"relates_to_product_reference": "6Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-devel-0:7.19.7-46.el6.ppc as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation:libcurl-devel-0:7.19.7-46.el6.ppc"
},
"product_reference": "libcurl-devel-0:7.19.7-46.el6.ppc",
"relates_to_product_reference": "6Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-devel-0:7.19.7-46.el6.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation:libcurl-devel-0:7.19.7-46.el6.ppc64"
},
"product_reference": "libcurl-devel-0:7.19.7-46.el6.ppc64",
"relates_to_product_reference": "6Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-devel-0:7.19.7-46.el6.s390 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation:libcurl-devel-0:7.19.7-46.el6.s390"
},
"product_reference": "libcurl-devel-0:7.19.7-46.el6.s390",
"relates_to_product_reference": "6Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-devel-0:7.19.7-46.el6.s390x as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation:libcurl-devel-0:7.19.7-46.el6.s390x"
},
"product_reference": "libcurl-devel-0:7.19.7-46.el6.s390x",
"relates_to_product_reference": "6Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcurl-devel-0:7.19.7-46.el6.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation:libcurl-devel-0:7.19.7-46.el6.x86_64"
},
"product_reference": "libcurl-devel-0:7.19.7-46.el6.x86_64",
"relates_to_product_reference": "6Workstation"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"cURL project"
]
},
{
"names": [
"Tim Ruehsen"
],
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2014-3613",
"cwe": {
"id": "CWE-284",
"name": "Improper Access Control"
},
"discovery_date": "2014-09-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1136154"
}
],
"notes": [
{
"category": "description",
"text": "It was found that the libcurl library did not correctly handle partial literal IP addresses when parsing received HTTP cookies. An attacker able to trick a user into connecting to a malicious server could use this flaw to set the user\u0027s cookie to a crafted domain, making other cookie-related issues easier to exploit.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "curl: incorrect handling of IP addresses in cookie domain",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue affects the versions of curl as shipped with Red Hat Enterprise Linux 5 and is not planned to be corrected in future updates.\n\nInktank Ceph Enterprise 1.1 and 1.2 receives only qualified Important and Critical impact security fixes. This issue has been rated as having Moderate security impact and is not currently planned to be addressed in future updates. For additional information, refer to the Inktank Ceph Enterprise Support Matrix:\nhttp://www.inktank.com/enterprise/support/",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-optional:curl-0:7.19.7-46.el6.i686",
"6Client-optional:curl-0:7.19.7-46.el6.ppc64",
"6Client-optional:curl-0:7.19.7-46.el6.s390x",
"6Client-optional:curl-0:7.19.7-46.el6.src",
"6Client-optional:curl-0:7.19.7-46.el6.x86_64",
"6Client-optional:curl-debuginfo-0:7.19.7-46.el6.i686",
"6Client-optional:curl-debuginfo-0:7.19.7-46.el6.ppc",
"6Client-optional:curl-debuginfo-0:7.19.7-46.el6.ppc64",
"6Client-optional:curl-debuginfo-0:7.19.7-46.el6.s390",
"6Client-optional:curl-debuginfo-0:7.19.7-46.el6.s390x",
"6Client-optional:curl-debuginfo-0:7.19.7-46.el6.x86_64",
"6Client-optional:libcurl-0:7.19.7-46.el6.i686",
"6Client-optional:libcurl-0:7.19.7-46.el6.ppc",
"6Client-optional:libcurl-0:7.19.7-46.el6.ppc64",
"6Client-optional:libcurl-0:7.19.7-46.el6.s390",
"6Client-optional:libcurl-0:7.19.7-46.el6.s390x",
"6Client-optional:libcurl-0:7.19.7-46.el6.x86_64",
"6Client-optional:libcurl-devel-0:7.19.7-46.el6.i686",
"6Client-optional:libcurl-devel-0:7.19.7-46.el6.ppc",
"6Client-optional:libcurl-devel-0:7.19.7-46.el6.ppc64",
"6Client-optional:libcurl-devel-0:7.19.7-46.el6.s390",
"6Client-optional:libcurl-devel-0:7.19.7-46.el6.s390x",
"6Client-optional:libcurl-devel-0:7.19.7-46.el6.x86_64",
"6Client:curl-0:7.19.7-46.el6.i686",
"6Client:curl-0:7.19.7-46.el6.ppc64",
"6Client:curl-0:7.19.7-46.el6.s390x",
"6Client:curl-0:7.19.7-46.el6.src",
"6Client:curl-0:7.19.7-46.el6.x86_64",
"6Client:curl-debuginfo-0:7.19.7-46.el6.i686",
"6Client:curl-debuginfo-0:7.19.7-46.el6.ppc",
"6Client:curl-debuginfo-0:7.19.7-46.el6.ppc64",
"6Client:curl-debuginfo-0:7.19.7-46.el6.s390",
"6Client:curl-debuginfo-0:7.19.7-46.el6.s390x",
"6Client:curl-debuginfo-0:7.19.7-46.el6.x86_64",
"6Client:libcurl-0:7.19.7-46.el6.i686",
"6Client:libcurl-0:7.19.7-46.el6.ppc",
"6Client:libcurl-0:7.19.7-46.el6.ppc64",
"6Client:libcurl-0:7.19.7-46.el6.s390",
"6Client:libcurl-0:7.19.7-46.el6.s390x",
"6Client:libcurl-0:7.19.7-46.el6.x86_64",
"6Client:libcurl-devel-0:7.19.7-46.el6.i686",
"6Client:libcurl-devel-0:7.19.7-46.el6.ppc",
"6Client:libcurl-devel-0:7.19.7-46.el6.ppc64",
"6Client:libcurl-devel-0:7.19.7-46.el6.s390",
"6Client:libcurl-devel-0:7.19.7-46.el6.s390x",
"6Client:libcurl-devel-0:7.19.7-46.el6.x86_64",
"6ComputeNode-optional:curl-0:7.19.7-46.el6.i686",
"6ComputeNode-optional:curl-0:7.19.7-46.el6.ppc64",
"6ComputeNode-optional:curl-0:7.19.7-46.el6.s390x",
"6ComputeNode-optional:curl-0:7.19.7-46.el6.src",
"6ComputeNode-optional:curl-0:7.19.7-46.el6.x86_64",
"6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.i686",
"6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.ppc",
"6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.ppc64",
"6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.s390",
"6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.s390x",
"6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.x86_64",
"6ComputeNode-optional:libcurl-0:7.19.7-46.el6.i686",
"6ComputeNode-optional:libcurl-0:7.19.7-46.el6.ppc",
"6ComputeNode-optional:libcurl-0:7.19.7-46.el6.ppc64",
"6ComputeNode-optional:libcurl-0:7.19.7-46.el6.s390",
"6ComputeNode-optional:libcurl-0:7.19.7-46.el6.s390x",
"6ComputeNode-optional:libcurl-0:7.19.7-46.el6.x86_64",
"6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.i686",
"6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.ppc",
"6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.ppc64",
"6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.s390",
"6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.s390x",
"6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.x86_64",
"6ComputeNode:curl-0:7.19.7-46.el6.i686",
"6ComputeNode:curl-0:7.19.7-46.el6.ppc64",
"6ComputeNode:curl-0:7.19.7-46.el6.s390x",
"6ComputeNode:curl-0:7.19.7-46.el6.src",
"6ComputeNode:curl-0:7.19.7-46.el6.x86_64",
"6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.i686",
"6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.ppc",
"6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.ppc64",
"6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.s390",
"6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.s390x",
"6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.x86_64",
"6ComputeNode:libcurl-0:7.19.7-46.el6.i686",
"6ComputeNode:libcurl-0:7.19.7-46.el6.ppc",
"6ComputeNode:libcurl-0:7.19.7-46.el6.ppc64",
"6ComputeNode:libcurl-0:7.19.7-46.el6.s390",
"6ComputeNode:libcurl-0:7.19.7-46.el6.s390x",
"6ComputeNode:libcurl-0:7.19.7-46.el6.x86_64",
"6ComputeNode:libcurl-devel-0:7.19.7-46.el6.i686",
"6ComputeNode:libcurl-devel-0:7.19.7-46.el6.ppc",
"6ComputeNode:libcurl-devel-0:7.19.7-46.el6.ppc64",
"6ComputeNode:libcurl-devel-0:7.19.7-46.el6.s390",
"6ComputeNode:libcurl-devel-0:7.19.7-46.el6.s390x",
"6ComputeNode:libcurl-devel-0:7.19.7-46.el6.x86_64",
"6Server:curl-0:7.19.7-46.el6.i686",
"6Server:curl-0:7.19.7-46.el6.ppc64",
"6Server:curl-0:7.19.7-46.el6.s390x",
"6Server:curl-0:7.19.7-46.el6.src",
"6Server:curl-0:7.19.7-46.el6.x86_64",
"6Server:curl-debuginfo-0:7.19.7-46.el6.i686",
"6Server:curl-debuginfo-0:7.19.7-46.el6.ppc",
"6Server:curl-debuginfo-0:7.19.7-46.el6.ppc64",
"6Server:curl-debuginfo-0:7.19.7-46.el6.s390",
"6Server:curl-debuginfo-0:7.19.7-46.el6.s390x",
"6Server:curl-debuginfo-0:7.19.7-46.el6.x86_64",
"6Server:libcurl-0:7.19.7-46.el6.i686",
"6Server:libcurl-0:7.19.7-46.el6.ppc",
"6Server:libcurl-0:7.19.7-46.el6.ppc64",
"6Server:libcurl-0:7.19.7-46.el6.s390",
"6Server:libcurl-0:7.19.7-46.el6.s390x",
"6Server:libcurl-0:7.19.7-46.el6.x86_64",
"6Server:libcurl-devel-0:7.19.7-46.el6.i686",
"6Server:libcurl-devel-0:7.19.7-46.el6.ppc",
"6Server:libcurl-devel-0:7.19.7-46.el6.ppc64",
"6Server:libcurl-devel-0:7.19.7-46.el6.s390",
"6Server:libcurl-devel-0:7.19.7-46.el6.s390x",
"6Server:libcurl-devel-0:7.19.7-46.el6.x86_64",
"6Workstation:curl-0:7.19.7-46.el6.i686",
"6Workstation:curl-0:7.19.7-46.el6.ppc64",
"6Workstation:curl-0:7.19.7-46.el6.s390x",
"6Workstation:curl-0:7.19.7-46.el6.src",
"6Workstation:curl-0:7.19.7-46.el6.x86_64",
"6Workstation:curl-debuginfo-0:7.19.7-46.el6.i686",
"6Workstation:curl-debuginfo-0:7.19.7-46.el6.ppc",
"6Workstation:curl-debuginfo-0:7.19.7-46.el6.ppc64",
"6Workstation:curl-debuginfo-0:7.19.7-46.el6.s390",
"6Workstation:curl-debuginfo-0:7.19.7-46.el6.s390x",
"6Workstation:curl-debuginfo-0:7.19.7-46.el6.x86_64",
"6Workstation:libcurl-0:7.19.7-46.el6.i686",
"6Workstation:libcurl-0:7.19.7-46.el6.ppc",
"6Workstation:libcurl-0:7.19.7-46.el6.ppc64",
"6Workstation:libcurl-0:7.19.7-46.el6.s390",
"6Workstation:libcurl-0:7.19.7-46.el6.s390x",
"6Workstation:libcurl-0:7.19.7-46.el6.x86_64",
"6Workstation:libcurl-devel-0:7.19.7-46.el6.i686",
"6Workstation:libcurl-devel-0:7.19.7-46.el6.ppc",
"6Workstation:libcurl-devel-0:7.19.7-46.el6.ppc64",
"6Workstation:libcurl-devel-0:7.19.7-46.el6.s390",
"6Workstation:libcurl-devel-0:7.19.7-46.el6.s390x",
"6Workstation:libcurl-devel-0:7.19.7-46.el6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2014-3613"
},
{
"category": "external",
"summary": "RHBZ#1136154",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1136154"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2014-3613",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-3613"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-3613",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2014-3613"
},
{
"category": "external",
"summary": "http://curl.haxx.se/docs/adv_20140910A.html",
"url": "http://curl.haxx.se/docs/adv_20140910A.html"
}
],
"release_date": "2014-09-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2015-07-20T13:50:03+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Client-optional:curl-0:7.19.7-46.el6.i686",
"6Client-optional:curl-0:7.19.7-46.el6.ppc64",
"6Client-optional:curl-0:7.19.7-46.el6.s390x",
"6Client-optional:curl-0:7.19.7-46.el6.src",
"6Client-optional:curl-0:7.19.7-46.el6.x86_64",
"6Client-optional:curl-debuginfo-0:7.19.7-46.el6.i686",
"6Client-optional:curl-debuginfo-0:7.19.7-46.el6.ppc",
"6Client-optional:curl-debuginfo-0:7.19.7-46.el6.ppc64",
"6Client-optional:curl-debuginfo-0:7.19.7-46.el6.s390",
"6Client-optional:curl-debuginfo-0:7.19.7-46.el6.s390x",
"6Client-optional:curl-debuginfo-0:7.19.7-46.el6.x86_64",
"6Client-optional:libcurl-0:7.19.7-46.el6.i686",
"6Client-optional:libcurl-0:7.19.7-46.el6.ppc",
"6Client-optional:libcurl-0:7.19.7-46.el6.ppc64",
"6Client-optional:libcurl-0:7.19.7-46.el6.s390",
"6Client-optional:libcurl-0:7.19.7-46.el6.s390x",
"6Client-optional:libcurl-0:7.19.7-46.el6.x86_64",
"6Client-optional:libcurl-devel-0:7.19.7-46.el6.i686",
"6Client-optional:libcurl-devel-0:7.19.7-46.el6.ppc",
"6Client-optional:libcurl-devel-0:7.19.7-46.el6.ppc64",
"6Client-optional:libcurl-devel-0:7.19.7-46.el6.s390",
"6Client-optional:libcurl-devel-0:7.19.7-46.el6.s390x",
"6Client-optional:libcurl-devel-0:7.19.7-46.el6.x86_64",
"6Client:curl-0:7.19.7-46.el6.i686",
"6Client:curl-0:7.19.7-46.el6.ppc64",
"6Client:curl-0:7.19.7-46.el6.s390x",
"6Client:curl-0:7.19.7-46.el6.src",
"6Client:curl-0:7.19.7-46.el6.x86_64",
"6Client:curl-debuginfo-0:7.19.7-46.el6.i686",
"6Client:curl-debuginfo-0:7.19.7-46.el6.ppc",
"6Client:curl-debuginfo-0:7.19.7-46.el6.ppc64",
"6Client:curl-debuginfo-0:7.19.7-46.el6.s390",
"6Client:curl-debuginfo-0:7.19.7-46.el6.s390x",
"6Client:curl-debuginfo-0:7.19.7-46.el6.x86_64",
"6Client:libcurl-0:7.19.7-46.el6.i686",
"6Client:libcurl-0:7.19.7-46.el6.ppc",
"6Client:libcurl-0:7.19.7-46.el6.ppc64",
"6Client:libcurl-0:7.19.7-46.el6.s390",
"6Client:libcurl-0:7.19.7-46.el6.s390x",
"6Client:libcurl-0:7.19.7-46.el6.x86_64",
"6Client:libcurl-devel-0:7.19.7-46.el6.i686",
"6Client:libcurl-devel-0:7.19.7-46.el6.ppc",
"6Client:libcurl-devel-0:7.19.7-46.el6.ppc64",
"6Client:libcurl-devel-0:7.19.7-46.el6.s390",
"6Client:libcurl-devel-0:7.19.7-46.el6.s390x",
"6Client:libcurl-devel-0:7.19.7-46.el6.x86_64",
"6ComputeNode-optional:curl-0:7.19.7-46.el6.i686",
"6ComputeNode-optional:curl-0:7.19.7-46.el6.ppc64",
"6ComputeNode-optional:curl-0:7.19.7-46.el6.s390x",
"6ComputeNode-optional:curl-0:7.19.7-46.el6.src",
"6ComputeNode-optional:curl-0:7.19.7-46.el6.x86_64",
"6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.i686",
"6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.ppc",
"6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.ppc64",
"6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.s390",
"6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.s390x",
"6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.x86_64",
"6ComputeNode-optional:libcurl-0:7.19.7-46.el6.i686",
"6ComputeNode-optional:libcurl-0:7.19.7-46.el6.ppc",
"6ComputeNode-optional:libcurl-0:7.19.7-46.el6.ppc64",
"6ComputeNode-optional:libcurl-0:7.19.7-46.el6.s390",
"6ComputeNode-optional:libcurl-0:7.19.7-46.el6.s390x",
"6ComputeNode-optional:libcurl-0:7.19.7-46.el6.x86_64",
"6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.i686",
"6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.ppc",
"6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.ppc64",
"6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.s390",
"6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.s390x",
"6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.x86_64",
"6ComputeNode:curl-0:7.19.7-46.el6.i686",
"6ComputeNode:curl-0:7.19.7-46.el6.ppc64",
"6ComputeNode:curl-0:7.19.7-46.el6.s390x",
"6ComputeNode:curl-0:7.19.7-46.el6.src",
"6ComputeNode:curl-0:7.19.7-46.el6.x86_64",
"6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.i686",
"6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.ppc",
"6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.ppc64",
"6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.s390",
"6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.s390x",
"6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.x86_64",
"6ComputeNode:libcurl-0:7.19.7-46.el6.i686",
"6ComputeNode:libcurl-0:7.19.7-46.el6.ppc",
"6ComputeNode:libcurl-0:7.19.7-46.el6.ppc64",
"6ComputeNode:libcurl-0:7.19.7-46.el6.s390",
"6ComputeNode:libcurl-0:7.19.7-46.el6.s390x",
"6ComputeNode:libcurl-0:7.19.7-46.el6.x86_64",
"6ComputeNode:libcurl-devel-0:7.19.7-46.el6.i686",
"6ComputeNode:libcurl-devel-0:7.19.7-46.el6.ppc",
"6ComputeNode:libcurl-devel-0:7.19.7-46.el6.ppc64",
"6ComputeNode:libcurl-devel-0:7.19.7-46.el6.s390",
"6ComputeNode:libcurl-devel-0:7.19.7-46.el6.s390x",
"6ComputeNode:libcurl-devel-0:7.19.7-46.el6.x86_64",
"6Server:curl-0:7.19.7-46.el6.i686",
"6Server:curl-0:7.19.7-46.el6.ppc64",
"6Server:curl-0:7.19.7-46.el6.s390x",
"6Server:curl-0:7.19.7-46.el6.src",
"6Server:curl-0:7.19.7-46.el6.x86_64",
"6Server:curl-debuginfo-0:7.19.7-46.el6.i686",
"6Server:curl-debuginfo-0:7.19.7-46.el6.ppc",
"6Server:curl-debuginfo-0:7.19.7-46.el6.ppc64",
"6Server:curl-debuginfo-0:7.19.7-46.el6.s390",
"6Server:curl-debuginfo-0:7.19.7-46.el6.s390x",
"6Server:curl-debuginfo-0:7.19.7-46.el6.x86_64",
"6Server:libcurl-0:7.19.7-46.el6.i686",
"6Server:libcurl-0:7.19.7-46.el6.ppc",
"6Server:libcurl-0:7.19.7-46.el6.ppc64",
"6Server:libcurl-0:7.19.7-46.el6.s390",
"6Server:libcurl-0:7.19.7-46.el6.s390x",
"6Server:libcurl-0:7.19.7-46.el6.x86_64",
"6Server:libcurl-devel-0:7.19.7-46.el6.i686",
"6Server:libcurl-devel-0:7.19.7-46.el6.ppc",
"6Server:libcurl-devel-0:7.19.7-46.el6.ppc64",
"6Server:libcurl-devel-0:7.19.7-46.el6.s390",
"6Server:libcurl-devel-0:7.19.7-46.el6.s390x",
"6Server:libcurl-devel-0:7.19.7-46.el6.x86_64",
"6Workstation:curl-0:7.19.7-46.el6.i686",
"6Workstation:curl-0:7.19.7-46.el6.ppc64",
"6Workstation:curl-0:7.19.7-46.el6.s390x",
"6Workstation:curl-0:7.19.7-46.el6.src",
"6Workstation:curl-0:7.19.7-46.el6.x86_64",
"6Workstation:curl-debuginfo-0:7.19.7-46.el6.i686",
"6Workstation:curl-debuginfo-0:7.19.7-46.el6.ppc",
"6Workstation:curl-debuginfo-0:7.19.7-46.el6.ppc64",
"6Workstation:curl-debuginfo-0:7.19.7-46.el6.s390",
"6Workstation:curl-debuginfo-0:7.19.7-46.el6.s390x",
"6Workstation:curl-debuginfo-0:7.19.7-46.el6.x86_64",
"6Workstation:libcurl-0:7.19.7-46.el6.i686",
"6Workstation:libcurl-0:7.19.7-46.el6.ppc",
"6Workstation:libcurl-0:7.19.7-46.el6.ppc64",
"6Workstation:libcurl-0:7.19.7-46.el6.s390",
"6Workstation:libcurl-0:7.19.7-46.el6.s390x",
"6Workstation:libcurl-0:7.19.7-46.el6.x86_64",
"6Workstation:libcurl-devel-0:7.19.7-46.el6.i686",
"6Workstation:libcurl-devel-0:7.19.7-46.el6.ppc",
"6Workstation:libcurl-devel-0:7.19.7-46.el6.ppc64",
"6Workstation:libcurl-devel-0:7.19.7-46.el6.s390",
"6Workstation:libcurl-devel-0:7.19.7-46.el6.s390x",
"6Workstation:libcurl-devel-0:7.19.7-46.el6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2015:1254"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"products": [
"6Client-optional:curl-0:7.19.7-46.el6.i686",
"6Client-optional:curl-0:7.19.7-46.el6.ppc64",
"6Client-optional:curl-0:7.19.7-46.el6.s390x",
"6Client-optional:curl-0:7.19.7-46.el6.src",
"6Client-optional:curl-0:7.19.7-46.el6.x86_64",
"6Client-optional:curl-debuginfo-0:7.19.7-46.el6.i686",
"6Client-optional:curl-debuginfo-0:7.19.7-46.el6.ppc",
"6Client-optional:curl-debuginfo-0:7.19.7-46.el6.ppc64",
"6Client-optional:curl-debuginfo-0:7.19.7-46.el6.s390",
"6Client-optional:curl-debuginfo-0:7.19.7-46.el6.s390x",
"6Client-optional:curl-debuginfo-0:7.19.7-46.el6.x86_64",
"6Client-optional:libcurl-0:7.19.7-46.el6.i686",
"6Client-optional:libcurl-0:7.19.7-46.el6.ppc",
"6Client-optional:libcurl-0:7.19.7-46.el6.ppc64",
"6Client-optional:libcurl-0:7.19.7-46.el6.s390",
"6Client-optional:libcurl-0:7.19.7-46.el6.s390x",
"6Client-optional:libcurl-0:7.19.7-46.el6.x86_64",
"6Client-optional:libcurl-devel-0:7.19.7-46.el6.i686",
"6Client-optional:libcurl-devel-0:7.19.7-46.el6.ppc",
"6Client-optional:libcurl-devel-0:7.19.7-46.el6.ppc64",
"6Client-optional:libcurl-devel-0:7.19.7-46.el6.s390",
"6Client-optional:libcurl-devel-0:7.19.7-46.el6.s390x",
"6Client-optional:libcurl-devel-0:7.19.7-46.el6.x86_64",
"6Client:curl-0:7.19.7-46.el6.i686",
"6Client:curl-0:7.19.7-46.el6.ppc64",
"6Client:curl-0:7.19.7-46.el6.s390x",
"6Client:curl-0:7.19.7-46.el6.src",
"6Client:curl-0:7.19.7-46.el6.x86_64",
"6Client:curl-debuginfo-0:7.19.7-46.el6.i686",
"6Client:curl-debuginfo-0:7.19.7-46.el6.ppc",
"6Client:curl-debuginfo-0:7.19.7-46.el6.ppc64",
"6Client:curl-debuginfo-0:7.19.7-46.el6.s390",
"6Client:curl-debuginfo-0:7.19.7-46.el6.s390x",
"6Client:curl-debuginfo-0:7.19.7-46.el6.x86_64",
"6Client:libcurl-0:7.19.7-46.el6.i686",
"6Client:libcurl-0:7.19.7-46.el6.ppc",
"6Client:libcurl-0:7.19.7-46.el6.ppc64",
"6Client:libcurl-0:7.19.7-46.el6.s390",
"6Client:libcurl-0:7.19.7-46.el6.s390x",
"6Client:libcurl-0:7.19.7-46.el6.x86_64",
"6Client:libcurl-devel-0:7.19.7-46.el6.i686",
"6Client:libcurl-devel-0:7.19.7-46.el6.ppc",
"6Client:libcurl-devel-0:7.19.7-46.el6.ppc64",
"6Client:libcurl-devel-0:7.19.7-46.el6.s390",
"6Client:libcurl-devel-0:7.19.7-46.el6.s390x",
"6Client:libcurl-devel-0:7.19.7-46.el6.x86_64",
"6ComputeNode-optional:curl-0:7.19.7-46.el6.i686",
"6ComputeNode-optional:curl-0:7.19.7-46.el6.ppc64",
"6ComputeNode-optional:curl-0:7.19.7-46.el6.s390x",
"6ComputeNode-optional:curl-0:7.19.7-46.el6.src",
"6ComputeNode-optional:curl-0:7.19.7-46.el6.x86_64",
"6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.i686",
"6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.ppc",
"6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.ppc64",
"6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.s390",
"6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.s390x",
"6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.x86_64",
"6ComputeNode-optional:libcurl-0:7.19.7-46.el6.i686",
"6ComputeNode-optional:libcurl-0:7.19.7-46.el6.ppc",
"6ComputeNode-optional:libcurl-0:7.19.7-46.el6.ppc64",
"6ComputeNode-optional:libcurl-0:7.19.7-46.el6.s390",
"6ComputeNode-optional:libcurl-0:7.19.7-46.el6.s390x",
"6ComputeNode-optional:libcurl-0:7.19.7-46.el6.x86_64",
"6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.i686",
"6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.ppc",
"6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.ppc64",
"6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.s390",
"6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.s390x",
"6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.x86_64",
"6ComputeNode:curl-0:7.19.7-46.el6.i686",
"6ComputeNode:curl-0:7.19.7-46.el6.ppc64",
"6ComputeNode:curl-0:7.19.7-46.el6.s390x",
"6ComputeNode:curl-0:7.19.7-46.el6.src",
"6ComputeNode:curl-0:7.19.7-46.el6.x86_64",
"6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.i686",
"6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.ppc",
"6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.ppc64",
"6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.s390",
"6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.s390x",
"6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.x86_64",
"6ComputeNode:libcurl-0:7.19.7-46.el6.i686",
"6ComputeNode:libcurl-0:7.19.7-46.el6.ppc",
"6ComputeNode:libcurl-0:7.19.7-46.el6.ppc64",
"6ComputeNode:libcurl-0:7.19.7-46.el6.s390",
"6ComputeNode:libcurl-0:7.19.7-46.el6.s390x",
"6ComputeNode:libcurl-0:7.19.7-46.el6.x86_64",
"6ComputeNode:libcurl-devel-0:7.19.7-46.el6.i686",
"6ComputeNode:libcurl-devel-0:7.19.7-46.el6.ppc",
"6ComputeNode:libcurl-devel-0:7.19.7-46.el6.ppc64",
"6ComputeNode:libcurl-devel-0:7.19.7-46.el6.s390",
"6ComputeNode:libcurl-devel-0:7.19.7-46.el6.s390x",
"6ComputeNode:libcurl-devel-0:7.19.7-46.el6.x86_64",
"6Server:curl-0:7.19.7-46.el6.i686",
"6Server:curl-0:7.19.7-46.el6.ppc64",
"6Server:curl-0:7.19.7-46.el6.s390x",
"6Server:curl-0:7.19.7-46.el6.src",
"6Server:curl-0:7.19.7-46.el6.x86_64",
"6Server:curl-debuginfo-0:7.19.7-46.el6.i686",
"6Server:curl-debuginfo-0:7.19.7-46.el6.ppc",
"6Server:curl-debuginfo-0:7.19.7-46.el6.ppc64",
"6Server:curl-debuginfo-0:7.19.7-46.el6.s390",
"6Server:curl-debuginfo-0:7.19.7-46.el6.s390x",
"6Server:curl-debuginfo-0:7.19.7-46.el6.x86_64",
"6Server:libcurl-0:7.19.7-46.el6.i686",
"6Server:libcurl-0:7.19.7-46.el6.ppc",
"6Server:libcurl-0:7.19.7-46.el6.ppc64",
"6Server:libcurl-0:7.19.7-46.el6.s390",
"6Server:libcurl-0:7.19.7-46.el6.s390x",
"6Server:libcurl-0:7.19.7-46.el6.x86_64",
"6Server:libcurl-devel-0:7.19.7-46.el6.i686",
"6Server:libcurl-devel-0:7.19.7-46.el6.ppc",
"6Server:libcurl-devel-0:7.19.7-46.el6.ppc64",
"6Server:libcurl-devel-0:7.19.7-46.el6.s390",
"6Server:libcurl-devel-0:7.19.7-46.el6.s390x",
"6Server:libcurl-devel-0:7.19.7-46.el6.x86_64",
"6Workstation:curl-0:7.19.7-46.el6.i686",
"6Workstation:curl-0:7.19.7-46.el6.ppc64",
"6Workstation:curl-0:7.19.7-46.el6.s390x",
"6Workstation:curl-0:7.19.7-46.el6.src",
"6Workstation:curl-0:7.19.7-46.el6.x86_64",
"6Workstation:curl-debuginfo-0:7.19.7-46.el6.i686",
"6Workstation:curl-debuginfo-0:7.19.7-46.el6.ppc",
"6Workstation:curl-debuginfo-0:7.19.7-46.el6.ppc64",
"6Workstation:curl-debuginfo-0:7.19.7-46.el6.s390",
"6Workstation:curl-debuginfo-0:7.19.7-46.el6.s390x",
"6Workstation:curl-debuginfo-0:7.19.7-46.el6.x86_64",
"6Workstation:libcurl-0:7.19.7-46.el6.i686",
"6Workstation:libcurl-0:7.19.7-46.el6.ppc",
"6Workstation:libcurl-0:7.19.7-46.el6.ppc64",
"6Workstation:libcurl-0:7.19.7-46.el6.s390",
"6Workstation:libcurl-0:7.19.7-46.el6.s390x",
"6Workstation:libcurl-0:7.19.7-46.el6.x86_64",
"6Workstation:libcurl-devel-0:7.19.7-46.el6.i686",
"6Workstation:libcurl-devel-0:7.19.7-46.el6.ppc",
"6Workstation:libcurl-devel-0:7.19.7-46.el6.ppc64",
"6Workstation:libcurl-devel-0:7.19.7-46.el6.s390",
"6Workstation:libcurl-devel-0:7.19.7-46.el6.s390x",
"6Workstation:libcurl-devel-0:7.19.7-46.el6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "curl: incorrect handling of IP addresses in cookie domain"
},
{
"acknowledgments": [
{
"names": [
"cURL project"
]
},
{
"names": [
"Symeon Paraschoudis"
],
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2014-3707",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2014-10-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1154941"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the way the libcurl library performed the duplication of connection handles. If an application set the CURLOPT_COPYPOSTFIELDS option for a handle, using the handle\u0027s duplicate could cause the application to crash or disclose a portion of its memory.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "curl: incorrect handle duplication after COPYPOSTFIELDS",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue does not affect the versions of curl as shipped with Red Hat Enterprise Linux 5.\n\nNote that there are no applications provided with Red Hat Enterprise Linux that use the vulnerable CURLOPT_COPYPOSTFIELDS option, except PHP which could only be affected if used in an extremely unlikely scenario or via the script\u0027s author.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-optional:curl-0:7.19.7-46.el6.i686",
"6Client-optional:curl-0:7.19.7-46.el6.ppc64",
"6Client-optional:curl-0:7.19.7-46.el6.s390x",
"6Client-optional:curl-0:7.19.7-46.el6.src",
"6Client-optional:curl-0:7.19.7-46.el6.x86_64",
"6Client-optional:curl-debuginfo-0:7.19.7-46.el6.i686",
"6Client-optional:curl-debuginfo-0:7.19.7-46.el6.ppc",
"6Client-optional:curl-debuginfo-0:7.19.7-46.el6.ppc64",
"6Client-optional:curl-debuginfo-0:7.19.7-46.el6.s390",
"6Client-optional:curl-debuginfo-0:7.19.7-46.el6.s390x",
"6Client-optional:curl-debuginfo-0:7.19.7-46.el6.x86_64",
"6Client-optional:libcurl-0:7.19.7-46.el6.i686",
"6Client-optional:libcurl-0:7.19.7-46.el6.ppc",
"6Client-optional:libcurl-0:7.19.7-46.el6.ppc64",
"6Client-optional:libcurl-0:7.19.7-46.el6.s390",
"6Client-optional:libcurl-0:7.19.7-46.el6.s390x",
"6Client-optional:libcurl-0:7.19.7-46.el6.x86_64",
"6Client-optional:libcurl-devel-0:7.19.7-46.el6.i686",
"6Client-optional:libcurl-devel-0:7.19.7-46.el6.ppc",
"6Client-optional:libcurl-devel-0:7.19.7-46.el6.ppc64",
"6Client-optional:libcurl-devel-0:7.19.7-46.el6.s390",
"6Client-optional:libcurl-devel-0:7.19.7-46.el6.s390x",
"6Client-optional:libcurl-devel-0:7.19.7-46.el6.x86_64",
"6Client:curl-0:7.19.7-46.el6.i686",
"6Client:curl-0:7.19.7-46.el6.ppc64",
"6Client:curl-0:7.19.7-46.el6.s390x",
"6Client:curl-0:7.19.7-46.el6.src",
"6Client:curl-0:7.19.7-46.el6.x86_64",
"6Client:curl-debuginfo-0:7.19.7-46.el6.i686",
"6Client:curl-debuginfo-0:7.19.7-46.el6.ppc",
"6Client:curl-debuginfo-0:7.19.7-46.el6.ppc64",
"6Client:curl-debuginfo-0:7.19.7-46.el6.s390",
"6Client:curl-debuginfo-0:7.19.7-46.el6.s390x",
"6Client:curl-debuginfo-0:7.19.7-46.el6.x86_64",
"6Client:libcurl-0:7.19.7-46.el6.i686",
"6Client:libcurl-0:7.19.7-46.el6.ppc",
"6Client:libcurl-0:7.19.7-46.el6.ppc64",
"6Client:libcurl-0:7.19.7-46.el6.s390",
"6Client:libcurl-0:7.19.7-46.el6.s390x",
"6Client:libcurl-0:7.19.7-46.el6.x86_64",
"6Client:libcurl-devel-0:7.19.7-46.el6.i686",
"6Client:libcurl-devel-0:7.19.7-46.el6.ppc",
"6Client:libcurl-devel-0:7.19.7-46.el6.ppc64",
"6Client:libcurl-devel-0:7.19.7-46.el6.s390",
"6Client:libcurl-devel-0:7.19.7-46.el6.s390x",
"6Client:libcurl-devel-0:7.19.7-46.el6.x86_64",
"6ComputeNode-optional:curl-0:7.19.7-46.el6.i686",
"6ComputeNode-optional:curl-0:7.19.7-46.el6.ppc64",
"6ComputeNode-optional:curl-0:7.19.7-46.el6.s390x",
"6ComputeNode-optional:curl-0:7.19.7-46.el6.src",
"6ComputeNode-optional:curl-0:7.19.7-46.el6.x86_64",
"6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.i686",
"6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.ppc",
"6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.ppc64",
"6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.s390",
"6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.s390x",
"6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.x86_64",
"6ComputeNode-optional:libcurl-0:7.19.7-46.el6.i686",
"6ComputeNode-optional:libcurl-0:7.19.7-46.el6.ppc",
"6ComputeNode-optional:libcurl-0:7.19.7-46.el6.ppc64",
"6ComputeNode-optional:libcurl-0:7.19.7-46.el6.s390",
"6ComputeNode-optional:libcurl-0:7.19.7-46.el6.s390x",
"6ComputeNode-optional:libcurl-0:7.19.7-46.el6.x86_64",
"6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.i686",
"6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.ppc",
"6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.ppc64",
"6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.s390",
"6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.s390x",
"6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.x86_64",
"6ComputeNode:curl-0:7.19.7-46.el6.i686",
"6ComputeNode:curl-0:7.19.7-46.el6.ppc64",
"6ComputeNode:curl-0:7.19.7-46.el6.s390x",
"6ComputeNode:curl-0:7.19.7-46.el6.src",
"6ComputeNode:curl-0:7.19.7-46.el6.x86_64",
"6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.i686",
"6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.ppc",
"6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.ppc64",
"6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.s390",
"6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.s390x",
"6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.x86_64",
"6ComputeNode:libcurl-0:7.19.7-46.el6.i686",
"6ComputeNode:libcurl-0:7.19.7-46.el6.ppc",
"6ComputeNode:libcurl-0:7.19.7-46.el6.ppc64",
"6ComputeNode:libcurl-0:7.19.7-46.el6.s390",
"6ComputeNode:libcurl-0:7.19.7-46.el6.s390x",
"6ComputeNode:libcurl-0:7.19.7-46.el6.x86_64",
"6ComputeNode:libcurl-devel-0:7.19.7-46.el6.i686",
"6ComputeNode:libcurl-devel-0:7.19.7-46.el6.ppc",
"6ComputeNode:libcurl-devel-0:7.19.7-46.el6.ppc64",
"6ComputeNode:libcurl-devel-0:7.19.7-46.el6.s390",
"6ComputeNode:libcurl-devel-0:7.19.7-46.el6.s390x",
"6ComputeNode:libcurl-devel-0:7.19.7-46.el6.x86_64",
"6Server:curl-0:7.19.7-46.el6.i686",
"6Server:curl-0:7.19.7-46.el6.ppc64",
"6Server:curl-0:7.19.7-46.el6.s390x",
"6Server:curl-0:7.19.7-46.el6.src",
"6Server:curl-0:7.19.7-46.el6.x86_64",
"6Server:curl-debuginfo-0:7.19.7-46.el6.i686",
"6Server:curl-debuginfo-0:7.19.7-46.el6.ppc",
"6Server:curl-debuginfo-0:7.19.7-46.el6.ppc64",
"6Server:curl-debuginfo-0:7.19.7-46.el6.s390",
"6Server:curl-debuginfo-0:7.19.7-46.el6.s390x",
"6Server:curl-debuginfo-0:7.19.7-46.el6.x86_64",
"6Server:libcurl-0:7.19.7-46.el6.i686",
"6Server:libcurl-0:7.19.7-46.el6.ppc",
"6Server:libcurl-0:7.19.7-46.el6.ppc64",
"6Server:libcurl-0:7.19.7-46.el6.s390",
"6Server:libcurl-0:7.19.7-46.el6.s390x",
"6Server:libcurl-0:7.19.7-46.el6.x86_64",
"6Server:libcurl-devel-0:7.19.7-46.el6.i686",
"6Server:libcurl-devel-0:7.19.7-46.el6.ppc",
"6Server:libcurl-devel-0:7.19.7-46.el6.ppc64",
"6Server:libcurl-devel-0:7.19.7-46.el6.s390",
"6Server:libcurl-devel-0:7.19.7-46.el6.s390x",
"6Server:libcurl-devel-0:7.19.7-46.el6.x86_64",
"6Workstation:curl-0:7.19.7-46.el6.i686",
"6Workstation:curl-0:7.19.7-46.el6.ppc64",
"6Workstation:curl-0:7.19.7-46.el6.s390x",
"6Workstation:curl-0:7.19.7-46.el6.src",
"6Workstation:curl-0:7.19.7-46.el6.x86_64",
"6Workstation:curl-debuginfo-0:7.19.7-46.el6.i686",
"6Workstation:curl-debuginfo-0:7.19.7-46.el6.ppc",
"6Workstation:curl-debuginfo-0:7.19.7-46.el6.ppc64",
"6Workstation:curl-debuginfo-0:7.19.7-46.el6.s390",
"6Workstation:curl-debuginfo-0:7.19.7-46.el6.s390x",
"6Workstation:curl-debuginfo-0:7.19.7-46.el6.x86_64",
"6Workstation:libcurl-0:7.19.7-46.el6.i686",
"6Workstation:libcurl-0:7.19.7-46.el6.ppc",
"6Workstation:libcurl-0:7.19.7-46.el6.ppc64",
"6Workstation:libcurl-0:7.19.7-46.el6.s390",
"6Workstation:libcurl-0:7.19.7-46.el6.s390x",
"6Workstation:libcurl-0:7.19.7-46.el6.x86_64",
"6Workstation:libcurl-devel-0:7.19.7-46.el6.i686",
"6Workstation:libcurl-devel-0:7.19.7-46.el6.ppc",
"6Workstation:libcurl-devel-0:7.19.7-46.el6.ppc64",
"6Workstation:libcurl-devel-0:7.19.7-46.el6.s390",
"6Workstation:libcurl-devel-0:7.19.7-46.el6.s390x",
"6Workstation:libcurl-devel-0:7.19.7-46.el6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2014-3707"
},
{
"category": "external",
"summary": "RHBZ#1154941",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1154941"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2014-3707",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-3707"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-3707",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2014-3707"
},
{
"category": "external",
"summary": "http://curl.haxx.se/docs/adv_20141105.html",
"url": "http://curl.haxx.se/docs/adv_20141105.html"
}
],
"release_date": "2014-11-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2015-07-20T13:50:03+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Client-optional:curl-0:7.19.7-46.el6.i686",
"6Client-optional:curl-0:7.19.7-46.el6.ppc64",
"6Client-optional:curl-0:7.19.7-46.el6.s390x",
"6Client-optional:curl-0:7.19.7-46.el6.src",
"6Client-optional:curl-0:7.19.7-46.el6.x86_64",
"6Client-optional:curl-debuginfo-0:7.19.7-46.el6.i686",
"6Client-optional:curl-debuginfo-0:7.19.7-46.el6.ppc",
"6Client-optional:curl-debuginfo-0:7.19.7-46.el6.ppc64",
"6Client-optional:curl-debuginfo-0:7.19.7-46.el6.s390",
"6Client-optional:curl-debuginfo-0:7.19.7-46.el6.s390x",
"6Client-optional:curl-debuginfo-0:7.19.7-46.el6.x86_64",
"6Client-optional:libcurl-0:7.19.7-46.el6.i686",
"6Client-optional:libcurl-0:7.19.7-46.el6.ppc",
"6Client-optional:libcurl-0:7.19.7-46.el6.ppc64",
"6Client-optional:libcurl-0:7.19.7-46.el6.s390",
"6Client-optional:libcurl-0:7.19.7-46.el6.s390x",
"6Client-optional:libcurl-0:7.19.7-46.el6.x86_64",
"6Client-optional:libcurl-devel-0:7.19.7-46.el6.i686",
"6Client-optional:libcurl-devel-0:7.19.7-46.el6.ppc",
"6Client-optional:libcurl-devel-0:7.19.7-46.el6.ppc64",
"6Client-optional:libcurl-devel-0:7.19.7-46.el6.s390",
"6Client-optional:libcurl-devel-0:7.19.7-46.el6.s390x",
"6Client-optional:libcurl-devel-0:7.19.7-46.el6.x86_64",
"6Client:curl-0:7.19.7-46.el6.i686",
"6Client:curl-0:7.19.7-46.el6.ppc64",
"6Client:curl-0:7.19.7-46.el6.s390x",
"6Client:curl-0:7.19.7-46.el6.src",
"6Client:curl-0:7.19.7-46.el6.x86_64",
"6Client:curl-debuginfo-0:7.19.7-46.el6.i686",
"6Client:curl-debuginfo-0:7.19.7-46.el6.ppc",
"6Client:curl-debuginfo-0:7.19.7-46.el6.ppc64",
"6Client:curl-debuginfo-0:7.19.7-46.el6.s390",
"6Client:curl-debuginfo-0:7.19.7-46.el6.s390x",
"6Client:curl-debuginfo-0:7.19.7-46.el6.x86_64",
"6Client:libcurl-0:7.19.7-46.el6.i686",
"6Client:libcurl-0:7.19.7-46.el6.ppc",
"6Client:libcurl-0:7.19.7-46.el6.ppc64",
"6Client:libcurl-0:7.19.7-46.el6.s390",
"6Client:libcurl-0:7.19.7-46.el6.s390x",
"6Client:libcurl-0:7.19.7-46.el6.x86_64",
"6Client:libcurl-devel-0:7.19.7-46.el6.i686",
"6Client:libcurl-devel-0:7.19.7-46.el6.ppc",
"6Client:libcurl-devel-0:7.19.7-46.el6.ppc64",
"6Client:libcurl-devel-0:7.19.7-46.el6.s390",
"6Client:libcurl-devel-0:7.19.7-46.el6.s390x",
"6Client:libcurl-devel-0:7.19.7-46.el6.x86_64",
"6ComputeNode-optional:curl-0:7.19.7-46.el6.i686",
"6ComputeNode-optional:curl-0:7.19.7-46.el6.ppc64",
"6ComputeNode-optional:curl-0:7.19.7-46.el6.s390x",
"6ComputeNode-optional:curl-0:7.19.7-46.el6.src",
"6ComputeNode-optional:curl-0:7.19.7-46.el6.x86_64",
"6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.i686",
"6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.ppc",
"6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.ppc64",
"6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.s390",
"6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.s390x",
"6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.x86_64",
"6ComputeNode-optional:libcurl-0:7.19.7-46.el6.i686",
"6ComputeNode-optional:libcurl-0:7.19.7-46.el6.ppc",
"6ComputeNode-optional:libcurl-0:7.19.7-46.el6.ppc64",
"6ComputeNode-optional:libcurl-0:7.19.7-46.el6.s390",
"6ComputeNode-optional:libcurl-0:7.19.7-46.el6.s390x",
"6ComputeNode-optional:libcurl-0:7.19.7-46.el6.x86_64",
"6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.i686",
"6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.ppc",
"6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.ppc64",
"6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.s390",
"6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.s390x",
"6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.x86_64",
"6ComputeNode:curl-0:7.19.7-46.el6.i686",
"6ComputeNode:curl-0:7.19.7-46.el6.ppc64",
"6ComputeNode:curl-0:7.19.7-46.el6.s390x",
"6ComputeNode:curl-0:7.19.7-46.el6.src",
"6ComputeNode:curl-0:7.19.7-46.el6.x86_64",
"6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.i686",
"6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.ppc",
"6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.ppc64",
"6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.s390",
"6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.s390x",
"6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.x86_64",
"6ComputeNode:libcurl-0:7.19.7-46.el6.i686",
"6ComputeNode:libcurl-0:7.19.7-46.el6.ppc",
"6ComputeNode:libcurl-0:7.19.7-46.el6.ppc64",
"6ComputeNode:libcurl-0:7.19.7-46.el6.s390",
"6ComputeNode:libcurl-0:7.19.7-46.el6.s390x",
"6ComputeNode:libcurl-0:7.19.7-46.el6.x86_64",
"6ComputeNode:libcurl-devel-0:7.19.7-46.el6.i686",
"6ComputeNode:libcurl-devel-0:7.19.7-46.el6.ppc",
"6ComputeNode:libcurl-devel-0:7.19.7-46.el6.ppc64",
"6ComputeNode:libcurl-devel-0:7.19.7-46.el6.s390",
"6ComputeNode:libcurl-devel-0:7.19.7-46.el6.s390x",
"6ComputeNode:libcurl-devel-0:7.19.7-46.el6.x86_64",
"6Server:curl-0:7.19.7-46.el6.i686",
"6Server:curl-0:7.19.7-46.el6.ppc64",
"6Server:curl-0:7.19.7-46.el6.s390x",
"6Server:curl-0:7.19.7-46.el6.src",
"6Server:curl-0:7.19.7-46.el6.x86_64",
"6Server:curl-debuginfo-0:7.19.7-46.el6.i686",
"6Server:curl-debuginfo-0:7.19.7-46.el6.ppc",
"6Server:curl-debuginfo-0:7.19.7-46.el6.ppc64",
"6Server:curl-debuginfo-0:7.19.7-46.el6.s390",
"6Server:curl-debuginfo-0:7.19.7-46.el6.s390x",
"6Server:curl-debuginfo-0:7.19.7-46.el6.x86_64",
"6Server:libcurl-0:7.19.7-46.el6.i686",
"6Server:libcurl-0:7.19.7-46.el6.ppc",
"6Server:libcurl-0:7.19.7-46.el6.ppc64",
"6Server:libcurl-0:7.19.7-46.el6.s390",
"6Server:libcurl-0:7.19.7-46.el6.s390x",
"6Server:libcurl-0:7.19.7-46.el6.x86_64",
"6Server:libcurl-devel-0:7.19.7-46.el6.i686",
"6Server:libcurl-devel-0:7.19.7-46.el6.ppc",
"6Server:libcurl-devel-0:7.19.7-46.el6.ppc64",
"6Server:libcurl-devel-0:7.19.7-46.el6.s390",
"6Server:libcurl-devel-0:7.19.7-46.el6.s390x",
"6Server:libcurl-devel-0:7.19.7-46.el6.x86_64",
"6Workstation:curl-0:7.19.7-46.el6.i686",
"6Workstation:curl-0:7.19.7-46.el6.ppc64",
"6Workstation:curl-0:7.19.7-46.el6.s390x",
"6Workstation:curl-0:7.19.7-46.el6.src",
"6Workstation:curl-0:7.19.7-46.el6.x86_64",
"6Workstation:curl-debuginfo-0:7.19.7-46.el6.i686",
"6Workstation:curl-debuginfo-0:7.19.7-46.el6.ppc",
"6Workstation:curl-debuginfo-0:7.19.7-46.el6.ppc64",
"6Workstation:curl-debuginfo-0:7.19.7-46.el6.s390",
"6Workstation:curl-debuginfo-0:7.19.7-46.el6.s390x",
"6Workstation:curl-debuginfo-0:7.19.7-46.el6.x86_64",
"6Workstation:libcurl-0:7.19.7-46.el6.i686",
"6Workstation:libcurl-0:7.19.7-46.el6.ppc",
"6Workstation:libcurl-0:7.19.7-46.el6.ppc64",
"6Workstation:libcurl-0:7.19.7-46.el6.s390",
"6Workstation:libcurl-0:7.19.7-46.el6.s390x",
"6Workstation:libcurl-0:7.19.7-46.el6.x86_64",
"6Workstation:libcurl-devel-0:7.19.7-46.el6.i686",
"6Workstation:libcurl-devel-0:7.19.7-46.el6.ppc",
"6Workstation:libcurl-devel-0:7.19.7-46.el6.ppc64",
"6Workstation:libcurl-devel-0:7.19.7-46.el6.s390",
"6Workstation:libcurl-devel-0:7.19.7-46.el6.s390x",
"6Workstation:libcurl-devel-0:7.19.7-46.el6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2015:1254"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:H/Au:N/C:P/I:N/A:P",
"version": "2.0"
},
"products": [
"6Client-optional:curl-0:7.19.7-46.el6.i686",
"6Client-optional:curl-0:7.19.7-46.el6.ppc64",
"6Client-optional:curl-0:7.19.7-46.el6.s390x",
"6Client-optional:curl-0:7.19.7-46.el6.src",
"6Client-optional:curl-0:7.19.7-46.el6.x86_64",
"6Client-optional:curl-debuginfo-0:7.19.7-46.el6.i686",
"6Client-optional:curl-debuginfo-0:7.19.7-46.el6.ppc",
"6Client-optional:curl-debuginfo-0:7.19.7-46.el6.ppc64",
"6Client-optional:curl-debuginfo-0:7.19.7-46.el6.s390",
"6Client-optional:curl-debuginfo-0:7.19.7-46.el6.s390x",
"6Client-optional:curl-debuginfo-0:7.19.7-46.el6.x86_64",
"6Client-optional:libcurl-0:7.19.7-46.el6.i686",
"6Client-optional:libcurl-0:7.19.7-46.el6.ppc",
"6Client-optional:libcurl-0:7.19.7-46.el6.ppc64",
"6Client-optional:libcurl-0:7.19.7-46.el6.s390",
"6Client-optional:libcurl-0:7.19.7-46.el6.s390x",
"6Client-optional:libcurl-0:7.19.7-46.el6.x86_64",
"6Client-optional:libcurl-devel-0:7.19.7-46.el6.i686",
"6Client-optional:libcurl-devel-0:7.19.7-46.el6.ppc",
"6Client-optional:libcurl-devel-0:7.19.7-46.el6.ppc64",
"6Client-optional:libcurl-devel-0:7.19.7-46.el6.s390",
"6Client-optional:libcurl-devel-0:7.19.7-46.el6.s390x",
"6Client-optional:libcurl-devel-0:7.19.7-46.el6.x86_64",
"6Client:curl-0:7.19.7-46.el6.i686",
"6Client:curl-0:7.19.7-46.el6.ppc64",
"6Client:curl-0:7.19.7-46.el6.s390x",
"6Client:curl-0:7.19.7-46.el6.src",
"6Client:curl-0:7.19.7-46.el6.x86_64",
"6Client:curl-debuginfo-0:7.19.7-46.el6.i686",
"6Client:curl-debuginfo-0:7.19.7-46.el6.ppc",
"6Client:curl-debuginfo-0:7.19.7-46.el6.ppc64",
"6Client:curl-debuginfo-0:7.19.7-46.el6.s390",
"6Client:curl-debuginfo-0:7.19.7-46.el6.s390x",
"6Client:curl-debuginfo-0:7.19.7-46.el6.x86_64",
"6Client:libcurl-0:7.19.7-46.el6.i686",
"6Client:libcurl-0:7.19.7-46.el6.ppc",
"6Client:libcurl-0:7.19.7-46.el6.ppc64",
"6Client:libcurl-0:7.19.7-46.el6.s390",
"6Client:libcurl-0:7.19.7-46.el6.s390x",
"6Client:libcurl-0:7.19.7-46.el6.x86_64",
"6Client:libcurl-devel-0:7.19.7-46.el6.i686",
"6Client:libcurl-devel-0:7.19.7-46.el6.ppc",
"6Client:libcurl-devel-0:7.19.7-46.el6.ppc64",
"6Client:libcurl-devel-0:7.19.7-46.el6.s390",
"6Client:libcurl-devel-0:7.19.7-46.el6.s390x",
"6Client:libcurl-devel-0:7.19.7-46.el6.x86_64",
"6ComputeNode-optional:curl-0:7.19.7-46.el6.i686",
"6ComputeNode-optional:curl-0:7.19.7-46.el6.ppc64",
"6ComputeNode-optional:curl-0:7.19.7-46.el6.s390x",
"6ComputeNode-optional:curl-0:7.19.7-46.el6.src",
"6ComputeNode-optional:curl-0:7.19.7-46.el6.x86_64",
"6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.i686",
"6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.ppc",
"6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.ppc64",
"6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.s390",
"6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.s390x",
"6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.x86_64",
"6ComputeNode-optional:libcurl-0:7.19.7-46.el6.i686",
"6ComputeNode-optional:libcurl-0:7.19.7-46.el6.ppc",
"6ComputeNode-optional:libcurl-0:7.19.7-46.el6.ppc64",
"6ComputeNode-optional:libcurl-0:7.19.7-46.el6.s390",
"6ComputeNode-optional:libcurl-0:7.19.7-46.el6.s390x",
"6ComputeNode-optional:libcurl-0:7.19.7-46.el6.x86_64",
"6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.i686",
"6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.ppc",
"6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.ppc64",
"6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.s390",
"6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.s390x",
"6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.x86_64",
"6ComputeNode:curl-0:7.19.7-46.el6.i686",
"6ComputeNode:curl-0:7.19.7-46.el6.ppc64",
"6ComputeNode:curl-0:7.19.7-46.el6.s390x",
"6ComputeNode:curl-0:7.19.7-46.el6.src",
"6ComputeNode:curl-0:7.19.7-46.el6.x86_64",
"6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.i686",
"6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.ppc",
"6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.ppc64",
"6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.s390",
"6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.s390x",
"6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.x86_64",
"6ComputeNode:libcurl-0:7.19.7-46.el6.i686",
"6ComputeNode:libcurl-0:7.19.7-46.el6.ppc",
"6ComputeNode:libcurl-0:7.19.7-46.el6.ppc64",
"6ComputeNode:libcurl-0:7.19.7-46.el6.s390",
"6ComputeNode:libcurl-0:7.19.7-46.el6.s390x",
"6ComputeNode:libcurl-0:7.19.7-46.el6.x86_64",
"6ComputeNode:libcurl-devel-0:7.19.7-46.el6.i686",
"6ComputeNode:libcurl-devel-0:7.19.7-46.el6.ppc",
"6ComputeNode:libcurl-devel-0:7.19.7-46.el6.ppc64",
"6ComputeNode:libcurl-devel-0:7.19.7-46.el6.s390",
"6ComputeNode:libcurl-devel-0:7.19.7-46.el6.s390x",
"6ComputeNode:libcurl-devel-0:7.19.7-46.el6.x86_64",
"6Server:curl-0:7.19.7-46.el6.i686",
"6Server:curl-0:7.19.7-46.el6.ppc64",
"6Server:curl-0:7.19.7-46.el6.s390x",
"6Server:curl-0:7.19.7-46.el6.src",
"6Server:curl-0:7.19.7-46.el6.x86_64",
"6Server:curl-debuginfo-0:7.19.7-46.el6.i686",
"6Server:curl-debuginfo-0:7.19.7-46.el6.ppc",
"6Server:curl-debuginfo-0:7.19.7-46.el6.ppc64",
"6Server:curl-debuginfo-0:7.19.7-46.el6.s390",
"6Server:curl-debuginfo-0:7.19.7-46.el6.s390x",
"6Server:curl-debuginfo-0:7.19.7-46.el6.x86_64",
"6Server:libcurl-0:7.19.7-46.el6.i686",
"6Server:libcurl-0:7.19.7-46.el6.ppc",
"6Server:libcurl-0:7.19.7-46.el6.ppc64",
"6Server:libcurl-0:7.19.7-46.el6.s390",
"6Server:libcurl-0:7.19.7-46.el6.s390x",
"6Server:libcurl-0:7.19.7-46.el6.x86_64",
"6Server:libcurl-devel-0:7.19.7-46.el6.i686",
"6Server:libcurl-devel-0:7.19.7-46.el6.ppc",
"6Server:libcurl-devel-0:7.19.7-46.el6.ppc64",
"6Server:libcurl-devel-0:7.19.7-46.el6.s390",
"6Server:libcurl-devel-0:7.19.7-46.el6.s390x",
"6Server:libcurl-devel-0:7.19.7-46.el6.x86_64",
"6Workstation:curl-0:7.19.7-46.el6.i686",
"6Workstation:curl-0:7.19.7-46.el6.ppc64",
"6Workstation:curl-0:7.19.7-46.el6.s390x",
"6Workstation:curl-0:7.19.7-46.el6.src",
"6Workstation:curl-0:7.19.7-46.el6.x86_64",
"6Workstation:curl-debuginfo-0:7.19.7-46.el6.i686",
"6Workstation:curl-debuginfo-0:7.19.7-46.el6.ppc",
"6Workstation:curl-debuginfo-0:7.19.7-46.el6.ppc64",
"6Workstation:curl-debuginfo-0:7.19.7-46.el6.s390",
"6Workstation:curl-debuginfo-0:7.19.7-46.el6.s390x",
"6Workstation:curl-debuginfo-0:7.19.7-46.el6.x86_64",
"6Workstation:libcurl-0:7.19.7-46.el6.i686",
"6Workstation:libcurl-0:7.19.7-46.el6.ppc",
"6Workstation:libcurl-0:7.19.7-46.el6.ppc64",
"6Workstation:libcurl-0:7.19.7-46.el6.s390",
"6Workstation:libcurl-0:7.19.7-46.el6.s390x",
"6Workstation:libcurl-0:7.19.7-46.el6.x86_64",
"6Workstation:libcurl-devel-0:7.19.7-46.el6.i686",
"6Workstation:libcurl-devel-0:7.19.7-46.el6.ppc",
"6Workstation:libcurl-devel-0:7.19.7-46.el6.ppc64",
"6Workstation:libcurl-devel-0:7.19.7-46.el6.s390",
"6Workstation:libcurl-devel-0:7.19.7-46.el6.s390x",
"6Workstation:libcurl-devel-0:7.19.7-46.el6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "curl: incorrect handle duplication after COPYPOSTFIELDS"
},
{
"acknowledgments": [
{
"names": [
"cURL project"
]
},
{
"names": [
"Andrey Labunets"
],
"organization": "Facebook",
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2014-8150",
"cwe": {
"id": "CWE-113",
"name": "Improper Neutralization of CRLF Sequences in HTTP Headers (\u0027HTTP Request/Response Splitting\u0027)"
},
"discovery_date": "2015-01-05T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1178692"
}
],
"notes": [
{
"category": "description",
"text": "It was discovered that the libcurl library failed to properly handle URLs with embedded end-of-line characters. An attacker able to make an application using libcurl access a specially crafted URL via an HTTP proxy could use this flaw to inject additional headers to the request or construct additional requests.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "curl: URL request injection vulnerability in parseurlandfillconn()",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Enterprise Linux 5 is now in Production 3 Phase of the support and maintenance life cycle. This has been rated as having Moderate security impact and is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Enterprise Linux Life Cycle: https://access.redhat.com/support/policy/updates/errata/.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-optional:curl-0:7.19.7-46.el6.i686",
"6Client-optional:curl-0:7.19.7-46.el6.ppc64",
"6Client-optional:curl-0:7.19.7-46.el6.s390x",
"6Client-optional:curl-0:7.19.7-46.el6.src",
"6Client-optional:curl-0:7.19.7-46.el6.x86_64",
"6Client-optional:curl-debuginfo-0:7.19.7-46.el6.i686",
"6Client-optional:curl-debuginfo-0:7.19.7-46.el6.ppc",
"6Client-optional:curl-debuginfo-0:7.19.7-46.el6.ppc64",
"6Client-optional:curl-debuginfo-0:7.19.7-46.el6.s390",
"6Client-optional:curl-debuginfo-0:7.19.7-46.el6.s390x",
"6Client-optional:curl-debuginfo-0:7.19.7-46.el6.x86_64",
"6Client-optional:libcurl-0:7.19.7-46.el6.i686",
"6Client-optional:libcurl-0:7.19.7-46.el6.ppc",
"6Client-optional:libcurl-0:7.19.7-46.el6.ppc64",
"6Client-optional:libcurl-0:7.19.7-46.el6.s390",
"6Client-optional:libcurl-0:7.19.7-46.el6.s390x",
"6Client-optional:libcurl-0:7.19.7-46.el6.x86_64",
"6Client-optional:libcurl-devel-0:7.19.7-46.el6.i686",
"6Client-optional:libcurl-devel-0:7.19.7-46.el6.ppc",
"6Client-optional:libcurl-devel-0:7.19.7-46.el6.ppc64",
"6Client-optional:libcurl-devel-0:7.19.7-46.el6.s390",
"6Client-optional:libcurl-devel-0:7.19.7-46.el6.s390x",
"6Client-optional:libcurl-devel-0:7.19.7-46.el6.x86_64",
"6Client:curl-0:7.19.7-46.el6.i686",
"6Client:curl-0:7.19.7-46.el6.ppc64",
"6Client:curl-0:7.19.7-46.el6.s390x",
"6Client:curl-0:7.19.7-46.el6.src",
"6Client:curl-0:7.19.7-46.el6.x86_64",
"6Client:curl-debuginfo-0:7.19.7-46.el6.i686",
"6Client:curl-debuginfo-0:7.19.7-46.el6.ppc",
"6Client:curl-debuginfo-0:7.19.7-46.el6.ppc64",
"6Client:curl-debuginfo-0:7.19.7-46.el6.s390",
"6Client:curl-debuginfo-0:7.19.7-46.el6.s390x",
"6Client:curl-debuginfo-0:7.19.7-46.el6.x86_64",
"6Client:libcurl-0:7.19.7-46.el6.i686",
"6Client:libcurl-0:7.19.7-46.el6.ppc",
"6Client:libcurl-0:7.19.7-46.el6.ppc64",
"6Client:libcurl-0:7.19.7-46.el6.s390",
"6Client:libcurl-0:7.19.7-46.el6.s390x",
"6Client:libcurl-0:7.19.7-46.el6.x86_64",
"6Client:libcurl-devel-0:7.19.7-46.el6.i686",
"6Client:libcurl-devel-0:7.19.7-46.el6.ppc",
"6Client:libcurl-devel-0:7.19.7-46.el6.ppc64",
"6Client:libcurl-devel-0:7.19.7-46.el6.s390",
"6Client:libcurl-devel-0:7.19.7-46.el6.s390x",
"6Client:libcurl-devel-0:7.19.7-46.el6.x86_64",
"6ComputeNode-optional:curl-0:7.19.7-46.el6.i686",
"6ComputeNode-optional:curl-0:7.19.7-46.el6.ppc64",
"6ComputeNode-optional:curl-0:7.19.7-46.el6.s390x",
"6ComputeNode-optional:curl-0:7.19.7-46.el6.src",
"6ComputeNode-optional:curl-0:7.19.7-46.el6.x86_64",
"6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.i686",
"6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.ppc",
"6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.ppc64",
"6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.s390",
"6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.s390x",
"6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.x86_64",
"6ComputeNode-optional:libcurl-0:7.19.7-46.el6.i686",
"6ComputeNode-optional:libcurl-0:7.19.7-46.el6.ppc",
"6ComputeNode-optional:libcurl-0:7.19.7-46.el6.ppc64",
"6ComputeNode-optional:libcurl-0:7.19.7-46.el6.s390",
"6ComputeNode-optional:libcurl-0:7.19.7-46.el6.s390x",
"6ComputeNode-optional:libcurl-0:7.19.7-46.el6.x86_64",
"6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.i686",
"6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.ppc",
"6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.ppc64",
"6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.s390",
"6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.s390x",
"6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.x86_64",
"6ComputeNode:curl-0:7.19.7-46.el6.i686",
"6ComputeNode:curl-0:7.19.7-46.el6.ppc64",
"6ComputeNode:curl-0:7.19.7-46.el6.s390x",
"6ComputeNode:curl-0:7.19.7-46.el6.src",
"6ComputeNode:curl-0:7.19.7-46.el6.x86_64",
"6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.i686",
"6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.ppc",
"6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.ppc64",
"6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.s390",
"6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.s390x",
"6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.x86_64",
"6ComputeNode:libcurl-0:7.19.7-46.el6.i686",
"6ComputeNode:libcurl-0:7.19.7-46.el6.ppc",
"6ComputeNode:libcurl-0:7.19.7-46.el6.ppc64",
"6ComputeNode:libcurl-0:7.19.7-46.el6.s390",
"6ComputeNode:libcurl-0:7.19.7-46.el6.s390x",
"6ComputeNode:libcurl-0:7.19.7-46.el6.x86_64",
"6ComputeNode:libcurl-devel-0:7.19.7-46.el6.i686",
"6ComputeNode:libcurl-devel-0:7.19.7-46.el6.ppc",
"6ComputeNode:libcurl-devel-0:7.19.7-46.el6.ppc64",
"6ComputeNode:libcurl-devel-0:7.19.7-46.el6.s390",
"6ComputeNode:libcurl-devel-0:7.19.7-46.el6.s390x",
"6ComputeNode:libcurl-devel-0:7.19.7-46.el6.x86_64",
"6Server:curl-0:7.19.7-46.el6.i686",
"6Server:curl-0:7.19.7-46.el6.ppc64",
"6Server:curl-0:7.19.7-46.el6.s390x",
"6Server:curl-0:7.19.7-46.el6.src",
"6Server:curl-0:7.19.7-46.el6.x86_64",
"6Server:curl-debuginfo-0:7.19.7-46.el6.i686",
"6Server:curl-debuginfo-0:7.19.7-46.el6.ppc",
"6Server:curl-debuginfo-0:7.19.7-46.el6.ppc64",
"6Server:curl-debuginfo-0:7.19.7-46.el6.s390",
"6Server:curl-debuginfo-0:7.19.7-46.el6.s390x",
"6Server:curl-debuginfo-0:7.19.7-46.el6.x86_64",
"6Server:libcurl-0:7.19.7-46.el6.i686",
"6Server:libcurl-0:7.19.7-46.el6.ppc",
"6Server:libcurl-0:7.19.7-46.el6.ppc64",
"6Server:libcurl-0:7.19.7-46.el6.s390",
"6Server:libcurl-0:7.19.7-46.el6.s390x",
"6Server:libcurl-0:7.19.7-46.el6.x86_64",
"6Server:libcurl-devel-0:7.19.7-46.el6.i686",
"6Server:libcurl-devel-0:7.19.7-46.el6.ppc",
"6Server:libcurl-devel-0:7.19.7-46.el6.ppc64",
"6Server:libcurl-devel-0:7.19.7-46.el6.s390",
"6Server:libcurl-devel-0:7.19.7-46.el6.s390x",
"6Server:libcurl-devel-0:7.19.7-46.el6.x86_64",
"6Workstation:curl-0:7.19.7-46.el6.i686",
"6Workstation:curl-0:7.19.7-46.el6.ppc64",
"6Workstation:curl-0:7.19.7-46.el6.s390x",
"6Workstation:curl-0:7.19.7-46.el6.src",
"6Workstation:curl-0:7.19.7-46.el6.x86_64",
"6Workstation:curl-debuginfo-0:7.19.7-46.el6.i686",
"6Workstation:curl-debuginfo-0:7.19.7-46.el6.ppc",
"6Workstation:curl-debuginfo-0:7.19.7-46.el6.ppc64",
"6Workstation:curl-debuginfo-0:7.19.7-46.el6.s390",
"6Workstation:curl-debuginfo-0:7.19.7-46.el6.s390x",
"6Workstation:curl-debuginfo-0:7.19.7-46.el6.x86_64",
"6Workstation:libcurl-0:7.19.7-46.el6.i686",
"6Workstation:libcurl-0:7.19.7-46.el6.ppc",
"6Workstation:libcurl-0:7.19.7-46.el6.ppc64",
"6Workstation:libcurl-0:7.19.7-46.el6.s390",
"6Workstation:libcurl-0:7.19.7-46.el6.s390x",
"6Workstation:libcurl-0:7.19.7-46.el6.x86_64",
"6Workstation:libcurl-devel-0:7.19.7-46.el6.i686",
"6Workstation:libcurl-devel-0:7.19.7-46.el6.ppc",
"6Workstation:libcurl-devel-0:7.19.7-46.el6.ppc64",
"6Workstation:libcurl-devel-0:7.19.7-46.el6.s390",
"6Workstation:libcurl-devel-0:7.19.7-46.el6.s390x",
"6Workstation:libcurl-devel-0:7.19.7-46.el6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2014-8150"
},
{
"category": "external",
"summary": "RHBZ#1178692",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1178692"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2014-8150",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-8150"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-8150",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2014-8150"
},
{
"category": "external",
"summary": "http://curl.haxx.se/docs/adv_20150108B.html",
"url": "http://curl.haxx.se/docs/adv_20150108B.html"
}
],
"release_date": "2015-01-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2015-07-20T13:50:03+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Client-optional:curl-0:7.19.7-46.el6.i686",
"6Client-optional:curl-0:7.19.7-46.el6.ppc64",
"6Client-optional:curl-0:7.19.7-46.el6.s390x",
"6Client-optional:curl-0:7.19.7-46.el6.src",
"6Client-optional:curl-0:7.19.7-46.el6.x86_64",
"6Client-optional:curl-debuginfo-0:7.19.7-46.el6.i686",
"6Client-optional:curl-debuginfo-0:7.19.7-46.el6.ppc",
"6Client-optional:curl-debuginfo-0:7.19.7-46.el6.ppc64",
"6Client-optional:curl-debuginfo-0:7.19.7-46.el6.s390",
"6Client-optional:curl-debuginfo-0:7.19.7-46.el6.s390x",
"6Client-optional:curl-debuginfo-0:7.19.7-46.el6.x86_64",
"6Client-optional:libcurl-0:7.19.7-46.el6.i686",
"6Client-optional:libcurl-0:7.19.7-46.el6.ppc",
"6Client-optional:libcurl-0:7.19.7-46.el6.ppc64",
"6Client-optional:libcurl-0:7.19.7-46.el6.s390",
"6Client-optional:libcurl-0:7.19.7-46.el6.s390x",
"6Client-optional:libcurl-0:7.19.7-46.el6.x86_64",
"6Client-optional:libcurl-devel-0:7.19.7-46.el6.i686",
"6Client-optional:libcurl-devel-0:7.19.7-46.el6.ppc",
"6Client-optional:libcurl-devel-0:7.19.7-46.el6.ppc64",
"6Client-optional:libcurl-devel-0:7.19.7-46.el6.s390",
"6Client-optional:libcurl-devel-0:7.19.7-46.el6.s390x",
"6Client-optional:libcurl-devel-0:7.19.7-46.el6.x86_64",
"6Client:curl-0:7.19.7-46.el6.i686",
"6Client:curl-0:7.19.7-46.el6.ppc64",
"6Client:curl-0:7.19.7-46.el6.s390x",
"6Client:curl-0:7.19.7-46.el6.src",
"6Client:curl-0:7.19.7-46.el6.x86_64",
"6Client:curl-debuginfo-0:7.19.7-46.el6.i686",
"6Client:curl-debuginfo-0:7.19.7-46.el6.ppc",
"6Client:curl-debuginfo-0:7.19.7-46.el6.ppc64",
"6Client:curl-debuginfo-0:7.19.7-46.el6.s390",
"6Client:curl-debuginfo-0:7.19.7-46.el6.s390x",
"6Client:curl-debuginfo-0:7.19.7-46.el6.x86_64",
"6Client:libcurl-0:7.19.7-46.el6.i686",
"6Client:libcurl-0:7.19.7-46.el6.ppc",
"6Client:libcurl-0:7.19.7-46.el6.ppc64",
"6Client:libcurl-0:7.19.7-46.el6.s390",
"6Client:libcurl-0:7.19.7-46.el6.s390x",
"6Client:libcurl-0:7.19.7-46.el6.x86_64",
"6Client:libcurl-devel-0:7.19.7-46.el6.i686",
"6Client:libcurl-devel-0:7.19.7-46.el6.ppc",
"6Client:libcurl-devel-0:7.19.7-46.el6.ppc64",
"6Client:libcurl-devel-0:7.19.7-46.el6.s390",
"6Client:libcurl-devel-0:7.19.7-46.el6.s390x",
"6Client:libcurl-devel-0:7.19.7-46.el6.x86_64",
"6ComputeNode-optional:curl-0:7.19.7-46.el6.i686",
"6ComputeNode-optional:curl-0:7.19.7-46.el6.ppc64",
"6ComputeNode-optional:curl-0:7.19.7-46.el6.s390x",
"6ComputeNode-optional:curl-0:7.19.7-46.el6.src",
"6ComputeNode-optional:curl-0:7.19.7-46.el6.x86_64",
"6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.i686",
"6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.ppc",
"6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.ppc64",
"6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.s390",
"6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.s390x",
"6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.x86_64",
"6ComputeNode-optional:libcurl-0:7.19.7-46.el6.i686",
"6ComputeNode-optional:libcurl-0:7.19.7-46.el6.ppc",
"6ComputeNode-optional:libcurl-0:7.19.7-46.el6.ppc64",
"6ComputeNode-optional:libcurl-0:7.19.7-46.el6.s390",
"6ComputeNode-optional:libcurl-0:7.19.7-46.el6.s390x",
"6ComputeNode-optional:libcurl-0:7.19.7-46.el6.x86_64",
"6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.i686",
"6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.ppc",
"6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.ppc64",
"6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.s390",
"6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.s390x",
"6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.x86_64",
"6ComputeNode:curl-0:7.19.7-46.el6.i686",
"6ComputeNode:curl-0:7.19.7-46.el6.ppc64",
"6ComputeNode:curl-0:7.19.7-46.el6.s390x",
"6ComputeNode:curl-0:7.19.7-46.el6.src",
"6ComputeNode:curl-0:7.19.7-46.el6.x86_64",
"6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.i686",
"6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.ppc",
"6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.ppc64",
"6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.s390",
"6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.s390x",
"6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.x86_64",
"6ComputeNode:libcurl-0:7.19.7-46.el6.i686",
"6ComputeNode:libcurl-0:7.19.7-46.el6.ppc",
"6ComputeNode:libcurl-0:7.19.7-46.el6.ppc64",
"6ComputeNode:libcurl-0:7.19.7-46.el6.s390",
"6ComputeNode:libcurl-0:7.19.7-46.el6.s390x",
"6ComputeNode:libcurl-0:7.19.7-46.el6.x86_64",
"6ComputeNode:libcurl-devel-0:7.19.7-46.el6.i686",
"6ComputeNode:libcurl-devel-0:7.19.7-46.el6.ppc",
"6ComputeNode:libcurl-devel-0:7.19.7-46.el6.ppc64",
"6ComputeNode:libcurl-devel-0:7.19.7-46.el6.s390",
"6ComputeNode:libcurl-devel-0:7.19.7-46.el6.s390x",
"6ComputeNode:libcurl-devel-0:7.19.7-46.el6.x86_64",
"6Server:curl-0:7.19.7-46.el6.i686",
"6Server:curl-0:7.19.7-46.el6.ppc64",
"6Server:curl-0:7.19.7-46.el6.s390x",
"6Server:curl-0:7.19.7-46.el6.src",
"6Server:curl-0:7.19.7-46.el6.x86_64",
"6Server:curl-debuginfo-0:7.19.7-46.el6.i686",
"6Server:curl-debuginfo-0:7.19.7-46.el6.ppc",
"6Server:curl-debuginfo-0:7.19.7-46.el6.ppc64",
"6Server:curl-debuginfo-0:7.19.7-46.el6.s390",
"6Server:curl-debuginfo-0:7.19.7-46.el6.s390x",
"6Server:curl-debuginfo-0:7.19.7-46.el6.x86_64",
"6Server:libcurl-0:7.19.7-46.el6.i686",
"6Server:libcurl-0:7.19.7-46.el6.ppc",
"6Server:libcurl-0:7.19.7-46.el6.ppc64",
"6Server:libcurl-0:7.19.7-46.el6.s390",
"6Server:libcurl-0:7.19.7-46.el6.s390x",
"6Server:libcurl-0:7.19.7-46.el6.x86_64",
"6Server:libcurl-devel-0:7.19.7-46.el6.i686",
"6Server:libcurl-devel-0:7.19.7-46.el6.ppc",
"6Server:libcurl-devel-0:7.19.7-46.el6.ppc64",
"6Server:libcurl-devel-0:7.19.7-46.el6.s390",
"6Server:libcurl-devel-0:7.19.7-46.el6.s390x",
"6Server:libcurl-devel-0:7.19.7-46.el6.x86_64",
"6Workstation:curl-0:7.19.7-46.el6.i686",
"6Workstation:curl-0:7.19.7-46.el6.ppc64",
"6Workstation:curl-0:7.19.7-46.el6.s390x",
"6Workstation:curl-0:7.19.7-46.el6.src",
"6Workstation:curl-0:7.19.7-46.el6.x86_64",
"6Workstation:curl-debuginfo-0:7.19.7-46.el6.i686",
"6Workstation:curl-debuginfo-0:7.19.7-46.el6.ppc",
"6Workstation:curl-debuginfo-0:7.19.7-46.el6.ppc64",
"6Workstation:curl-debuginfo-0:7.19.7-46.el6.s390",
"6Workstation:curl-debuginfo-0:7.19.7-46.el6.s390x",
"6Workstation:curl-debuginfo-0:7.19.7-46.el6.x86_64",
"6Workstation:libcurl-0:7.19.7-46.el6.i686",
"6Workstation:libcurl-0:7.19.7-46.el6.ppc",
"6Workstation:libcurl-0:7.19.7-46.el6.ppc64",
"6Workstation:libcurl-0:7.19.7-46.el6.s390",
"6Workstation:libcurl-0:7.19.7-46.el6.s390x",
"6Workstation:libcurl-0:7.19.7-46.el6.x86_64",
"6Workstation:libcurl-devel-0:7.19.7-46.el6.i686",
"6Workstation:libcurl-devel-0:7.19.7-46.el6.ppc",
"6Workstation:libcurl-devel-0:7.19.7-46.el6.ppc64",
"6Workstation:libcurl-devel-0:7.19.7-46.el6.s390",
"6Workstation:libcurl-devel-0:7.19.7-46.el6.s390x",
"6Workstation:libcurl-devel-0:7.19.7-46.el6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2015:1254"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"products": [
"6Client-optional:curl-0:7.19.7-46.el6.i686",
"6Client-optional:curl-0:7.19.7-46.el6.ppc64",
"6Client-optional:curl-0:7.19.7-46.el6.s390x",
"6Client-optional:curl-0:7.19.7-46.el6.src",
"6Client-optional:curl-0:7.19.7-46.el6.x86_64",
"6Client-optional:curl-debuginfo-0:7.19.7-46.el6.i686",
"6Client-optional:curl-debuginfo-0:7.19.7-46.el6.ppc",
"6Client-optional:curl-debuginfo-0:7.19.7-46.el6.ppc64",
"6Client-optional:curl-debuginfo-0:7.19.7-46.el6.s390",
"6Client-optional:curl-debuginfo-0:7.19.7-46.el6.s390x",
"6Client-optional:curl-debuginfo-0:7.19.7-46.el6.x86_64",
"6Client-optional:libcurl-0:7.19.7-46.el6.i686",
"6Client-optional:libcurl-0:7.19.7-46.el6.ppc",
"6Client-optional:libcurl-0:7.19.7-46.el6.ppc64",
"6Client-optional:libcurl-0:7.19.7-46.el6.s390",
"6Client-optional:libcurl-0:7.19.7-46.el6.s390x",
"6Client-optional:libcurl-0:7.19.7-46.el6.x86_64",
"6Client-optional:libcurl-devel-0:7.19.7-46.el6.i686",
"6Client-optional:libcurl-devel-0:7.19.7-46.el6.ppc",
"6Client-optional:libcurl-devel-0:7.19.7-46.el6.ppc64",
"6Client-optional:libcurl-devel-0:7.19.7-46.el6.s390",
"6Client-optional:libcurl-devel-0:7.19.7-46.el6.s390x",
"6Client-optional:libcurl-devel-0:7.19.7-46.el6.x86_64",
"6Client:curl-0:7.19.7-46.el6.i686",
"6Client:curl-0:7.19.7-46.el6.ppc64",
"6Client:curl-0:7.19.7-46.el6.s390x",
"6Client:curl-0:7.19.7-46.el6.src",
"6Client:curl-0:7.19.7-46.el6.x86_64",
"6Client:curl-debuginfo-0:7.19.7-46.el6.i686",
"6Client:curl-debuginfo-0:7.19.7-46.el6.ppc",
"6Client:curl-debuginfo-0:7.19.7-46.el6.ppc64",
"6Client:curl-debuginfo-0:7.19.7-46.el6.s390",
"6Client:curl-debuginfo-0:7.19.7-46.el6.s390x",
"6Client:curl-debuginfo-0:7.19.7-46.el6.x86_64",
"6Client:libcurl-0:7.19.7-46.el6.i686",
"6Client:libcurl-0:7.19.7-46.el6.ppc",
"6Client:libcurl-0:7.19.7-46.el6.ppc64",
"6Client:libcurl-0:7.19.7-46.el6.s390",
"6Client:libcurl-0:7.19.7-46.el6.s390x",
"6Client:libcurl-0:7.19.7-46.el6.x86_64",
"6Client:libcurl-devel-0:7.19.7-46.el6.i686",
"6Client:libcurl-devel-0:7.19.7-46.el6.ppc",
"6Client:libcurl-devel-0:7.19.7-46.el6.ppc64",
"6Client:libcurl-devel-0:7.19.7-46.el6.s390",
"6Client:libcurl-devel-0:7.19.7-46.el6.s390x",
"6Client:libcurl-devel-0:7.19.7-46.el6.x86_64",
"6ComputeNode-optional:curl-0:7.19.7-46.el6.i686",
"6ComputeNode-optional:curl-0:7.19.7-46.el6.ppc64",
"6ComputeNode-optional:curl-0:7.19.7-46.el6.s390x",
"6ComputeNode-optional:curl-0:7.19.7-46.el6.src",
"6ComputeNode-optional:curl-0:7.19.7-46.el6.x86_64",
"6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.i686",
"6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.ppc",
"6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.ppc64",
"6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.s390",
"6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.s390x",
"6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.x86_64",
"6ComputeNode-optional:libcurl-0:7.19.7-46.el6.i686",
"6ComputeNode-optional:libcurl-0:7.19.7-46.el6.ppc",
"6ComputeNode-optional:libcurl-0:7.19.7-46.el6.ppc64",
"6ComputeNode-optional:libcurl-0:7.19.7-46.el6.s390",
"6ComputeNode-optional:libcurl-0:7.19.7-46.el6.s390x",
"6ComputeNode-optional:libcurl-0:7.19.7-46.el6.x86_64",
"6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.i686",
"6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.ppc",
"6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.ppc64",
"6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.s390",
"6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.s390x",
"6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.x86_64",
"6ComputeNode:curl-0:7.19.7-46.el6.i686",
"6ComputeNode:curl-0:7.19.7-46.el6.ppc64",
"6ComputeNode:curl-0:7.19.7-46.el6.s390x",
"6ComputeNode:curl-0:7.19.7-46.el6.src",
"6ComputeNode:curl-0:7.19.7-46.el6.x86_64",
"6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.i686",
"6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.ppc",
"6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.ppc64",
"6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.s390",
"6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.s390x",
"6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.x86_64",
"6ComputeNode:libcurl-0:7.19.7-46.el6.i686",
"6ComputeNode:libcurl-0:7.19.7-46.el6.ppc",
"6ComputeNode:libcurl-0:7.19.7-46.el6.ppc64",
"6ComputeNode:libcurl-0:7.19.7-46.el6.s390",
"6ComputeNode:libcurl-0:7.19.7-46.el6.s390x",
"6ComputeNode:libcurl-0:7.19.7-46.el6.x86_64",
"6ComputeNode:libcurl-devel-0:7.19.7-46.el6.i686",
"6ComputeNode:libcurl-devel-0:7.19.7-46.el6.ppc",
"6ComputeNode:libcurl-devel-0:7.19.7-46.el6.ppc64",
"6ComputeNode:libcurl-devel-0:7.19.7-46.el6.s390",
"6ComputeNode:libcurl-devel-0:7.19.7-46.el6.s390x",
"6ComputeNode:libcurl-devel-0:7.19.7-46.el6.x86_64",
"6Server:curl-0:7.19.7-46.el6.i686",
"6Server:curl-0:7.19.7-46.el6.ppc64",
"6Server:curl-0:7.19.7-46.el6.s390x",
"6Server:curl-0:7.19.7-46.el6.src",
"6Server:curl-0:7.19.7-46.el6.x86_64",
"6Server:curl-debuginfo-0:7.19.7-46.el6.i686",
"6Server:curl-debuginfo-0:7.19.7-46.el6.ppc",
"6Server:curl-debuginfo-0:7.19.7-46.el6.ppc64",
"6Server:curl-debuginfo-0:7.19.7-46.el6.s390",
"6Server:curl-debuginfo-0:7.19.7-46.el6.s390x",
"6Server:curl-debuginfo-0:7.19.7-46.el6.x86_64",
"6Server:libcurl-0:7.19.7-46.el6.i686",
"6Server:libcurl-0:7.19.7-46.el6.ppc",
"6Server:libcurl-0:7.19.7-46.el6.ppc64",
"6Server:libcurl-0:7.19.7-46.el6.s390",
"6Server:libcurl-0:7.19.7-46.el6.s390x",
"6Server:libcurl-0:7.19.7-46.el6.x86_64",
"6Server:libcurl-devel-0:7.19.7-46.el6.i686",
"6Server:libcurl-devel-0:7.19.7-46.el6.ppc",
"6Server:libcurl-devel-0:7.19.7-46.el6.ppc64",
"6Server:libcurl-devel-0:7.19.7-46.el6.s390",
"6Server:libcurl-devel-0:7.19.7-46.el6.s390x",
"6Server:libcurl-devel-0:7.19.7-46.el6.x86_64",
"6Workstation:curl-0:7.19.7-46.el6.i686",
"6Workstation:curl-0:7.19.7-46.el6.ppc64",
"6Workstation:curl-0:7.19.7-46.el6.s390x",
"6Workstation:curl-0:7.19.7-46.el6.src",
"6Workstation:curl-0:7.19.7-46.el6.x86_64",
"6Workstation:curl-debuginfo-0:7.19.7-46.el6.i686",
"6Workstation:curl-debuginfo-0:7.19.7-46.el6.ppc",
"6Workstation:curl-debuginfo-0:7.19.7-46.el6.ppc64",
"6Workstation:curl-debuginfo-0:7.19.7-46.el6.s390",
"6Workstation:curl-debuginfo-0:7.19.7-46.el6.s390x",
"6Workstation:curl-debuginfo-0:7.19.7-46.el6.x86_64",
"6Workstation:libcurl-0:7.19.7-46.el6.i686",
"6Workstation:libcurl-0:7.19.7-46.el6.ppc",
"6Workstation:libcurl-0:7.19.7-46.el6.ppc64",
"6Workstation:libcurl-0:7.19.7-46.el6.s390",
"6Workstation:libcurl-0:7.19.7-46.el6.s390x",
"6Workstation:libcurl-0:7.19.7-46.el6.x86_64",
"6Workstation:libcurl-devel-0:7.19.7-46.el6.i686",
"6Workstation:libcurl-devel-0:7.19.7-46.el6.ppc",
"6Workstation:libcurl-devel-0:7.19.7-46.el6.ppc64",
"6Workstation:libcurl-devel-0:7.19.7-46.el6.s390",
"6Workstation:libcurl-devel-0:7.19.7-46.el6.s390x",
"6Workstation:libcurl-devel-0:7.19.7-46.el6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "curl: URL request injection vulnerability in parseurlandfillconn()"
},
{
"acknowledgments": [
{
"names": [
"Daniel Stenberg"
],
"organization": "curl upstream"
},
{
"names": [
"Paras Sethia"
],
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2015-3143",
"cwe": {
"id": "CWE-287",
"name": "Improper Authentication"
},
"discovery_date": "2015-04-16T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1213306"
}
],
"notes": [
{
"category": "description",
"text": "It was discovered that libcurl could incorrectly reuse NTLM-authenticated connections for subsequent unauthenticated requests to the same host. If an application using libcurl established an NTLM-authenticated connection to a server, and sent subsequent unauthenticated requests to the same server, the unauthenticated requests could be sent over the NTLM-authenticated connection, appearing as if they were sent by the NTLM authenticated user.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "curl: re-using authenticated connection when unauthenticated",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue affects the version of curl package as shipped with Red Hat Enterprise Linux 5. Red Hat Enterprise Linux 5 is now in Production 3 Phase of the support and maintenance life cycle. This issue is not planned to be addressed in a future update for Red Hat Enterprise Linux 5.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-optional:curl-0:7.19.7-46.el6.i686",
"6Client-optional:curl-0:7.19.7-46.el6.ppc64",
"6Client-optional:curl-0:7.19.7-46.el6.s390x",
"6Client-optional:curl-0:7.19.7-46.el6.src",
"6Client-optional:curl-0:7.19.7-46.el6.x86_64",
"6Client-optional:curl-debuginfo-0:7.19.7-46.el6.i686",
"6Client-optional:curl-debuginfo-0:7.19.7-46.el6.ppc",
"6Client-optional:curl-debuginfo-0:7.19.7-46.el6.ppc64",
"6Client-optional:curl-debuginfo-0:7.19.7-46.el6.s390",
"6Client-optional:curl-debuginfo-0:7.19.7-46.el6.s390x",
"6Client-optional:curl-debuginfo-0:7.19.7-46.el6.x86_64",
"6Client-optional:libcurl-0:7.19.7-46.el6.i686",
"6Client-optional:libcurl-0:7.19.7-46.el6.ppc",
"6Client-optional:libcurl-0:7.19.7-46.el6.ppc64",
"6Client-optional:libcurl-0:7.19.7-46.el6.s390",
"6Client-optional:libcurl-0:7.19.7-46.el6.s390x",
"6Client-optional:libcurl-0:7.19.7-46.el6.x86_64",
"6Client-optional:libcurl-devel-0:7.19.7-46.el6.i686",
"6Client-optional:libcurl-devel-0:7.19.7-46.el6.ppc",
"6Client-optional:libcurl-devel-0:7.19.7-46.el6.ppc64",
"6Client-optional:libcurl-devel-0:7.19.7-46.el6.s390",
"6Client-optional:libcurl-devel-0:7.19.7-46.el6.s390x",
"6Client-optional:libcurl-devel-0:7.19.7-46.el6.x86_64",
"6Client:curl-0:7.19.7-46.el6.i686",
"6Client:curl-0:7.19.7-46.el6.ppc64",
"6Client:curl-0:7.19.7-46.el6.s390x",
"6Client:curl-0:7.19.7-46.el6.src",
"6Client:curl-0:7.19.7-46.el6.x86_64",
"6Client:curl-debuginfo-0:7.19.7-46.el6.i686",
"6Client:curl-debuginfo-0:7.19.7-46.el6.ppc",
"6Client:curl-debuginfo-0:7.19.7-46.el6.ppc64",
"6Client:curl-debuginfo-0:7.19.7-46.el6.s390",
"6Client:curl-debuginfo-0:7.19.7-46.el6.s390x",
"6Client:curl-debuginfo-0:7.19.7-46.el6.x86_64",
"6Client:libcurl-0:7.19.7-46.el6.i686",
"6Client:libcurl-0:7.19.7-46.el6.ppc",
"6Client:libcurl-0:7.19.7-46.el6.ppc64",
"6Client:libcurl-0:7.19.7-46.el6.s390",
"6Client:libcurl-0:7.19.7-46.el6.s390x",
"6Client:libcurl-0:7.19.7-46.el6.x86_64",
"6Client:libcurl-devel-0:7.19.7-46.el6.i686",
"6Client:libcurl-devel-0:7.19.7-46.el6.ppc",
"6Client:libcurl-devel-0:7.19.7-46.el6.ppc64",
"6Client:libcurl-devel-0:7.19.7-46.el6.s390",
"6Client:libcurl-devel-0:7.19.7-46.el6.s390x",
"6Client:libcurl-devel-0:7.19.7-46.el6.x86_64",
"6ComputeNode-optional:curl-0:7.19.7-46.el6.i686",
"6ComputeNode-optional:curl-0:7.19.7-46.el6.ppc64",
"6ComputeNode-optional:curl-0:7.19.7-46.el6.s390x",
"6ComputeNode-optional:curl-0:7.19.7-46.el6.src",
"6ComputeNode-optional:curl-0:7.19.7-46.el6.x86_64",
"6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.i686",
"6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.ppc",
"6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.ppc64",
"6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.s390",
"6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.s390x",
"6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.x86_64",
"6ComputeNode-optional:libcurl-0:7.19.7-46.el6.i686",
"6ComputeNode-optional:libcurl-0:7.19.7-46.el6.ppc",
"6ComputeNode-optional:libcurl-0:7.19.7-46.el6.ppc64",
"6ComputeNode-optional:libcurl-0:7.19.7-46.el6.s390",
"6ComputeNode-optional:libcurl-0:7.19.7-46.el6.s390x",
"6ComputeNode-optional:libcurl-0:7.19.7-46.el6.x86_64",
"6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.i686",
"6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.ppc",
"6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.ppc64",
"6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.s390",
"6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.s390x",
"6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.x86_64",
"6ComputeNode:curl-0:7.19.7-46.el6.i686",
"6ComputeNode:curl-0:7.19.7-46.el6.ppc64",
"6ComputeNode:curl-0:7.19.7-46.el6.s390x",
"6ComputeNode:curl-0:7.19.7-46.el6.src",
"6ComputeNode:curl-0:7.19.7-46.el6.x86_64",
"6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.i686",
"6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.ppc",
"6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.ppc64",
"6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.s390",
"6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.s390x",
"6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.x86_64",
"6ComputeNode:libcurl-0:7.19.7-46.el6.i686",
"6ComputeNode:libcurl-0:7.19.7-46.el6.ppc",
"6ComputeNode:libcurl-0:7.19.7-46.el6.ppc64",
"6ComputeNode:libcurl-0:7.19.7-46.el6.s390",
"6ComputeNode:libcurl-0:7.19.7-46.el6.s390x",
"6ComputeNode:libcurl-0:7.19.7-46.el6.x86_64",
"6ComputeNode:libcurl-devel-0:7.19.7-46.el6.i686",
"6ComputeNode:libcurl-devel-0:7.19.7-46.el6.ppc",
"6ComputeNode:libcurl-devel-0:7.19.7-46.el6.ppc64",
"6ComputeNode:libcurl-devel-0:7.19.7-46.el6.s390",
"6ComputeNode:libcurl-devel-0:7.19.7-46.el6.s390x",
"6ComputeNode:libcurl-devel-0:7.19.7-46.el6.x86_64",
"6Server:curl-0:7.19.7-46.el6.i686",
"6Server:curl-0:7.19.7-46.el6.ppc64",
"6Server:curl-0:7.19.7-46.el6.s390x",
"6Server:curl-0:7.19.7-46.el6.src",
"6Server:curl-0:7.19.7-46.el6.x86_64",
"6Server:curl-debuginfo-0:7.19.7-46.el6.i686",
"6Server:curl-debuginfo-0:7.19.7-46.el6.ppc",
"6Server:curl-debuginfo-0:7.19.7-46.el6.ppc64",
"6Server:curl-debuginfo-0:7.19.7-46.el6.s390",
"6Server:curl-debuginfo-0:7.19.7-46.el6.s390x",
"6Server:curl-debuginfo-0:7.19.7-46.el6.x86_64",
"6Server:libcurl-0:7.19.7-46.el6.i686",
"6Server:libcurl-0:7.19.7-46.el6.ppc",
"6Server:libcurl-0:7.19.7-46.el6.ppc64",
"6Server:libcurl-0:7.19.7-46.el6.s390",
"6Server:libcurl-0:7.19.7-46.el6.s390x",
"6Server:libcurl-0:7.19.7-46.el6.x86_64",
"6Server:libcurl-devel-0:7.19.7-46.el6.i686",
"6Server:libcurl-devel-0:7.19.7-46.el6.ppc",
"6Server:libcurl-devel-0:7.19.7-46.el6.ppc64",
"6Server:libcurl-devel-0:7.19.7-46.el6.s390",
"6Server:libcurl-devel-0:7.19.7-46.el6.s390x",
"6Server:libcurl-devel-0:7.19.7-46.el6.x86_64",
"6Workstation:curl-0:7.19.7-46.el6.i686",
"6Workstation:curl-0:7.19.7-46.el6.ppc64",
"6Workstation:curl-0:7.19.7-46.el6.s390x",
"6Workstation:curl-0:7.19.7-46.el6.src",
"6Workstation:curl-0:7.19.7-46.el6.x86_64",
"6Workstation:curl-debuginfo-0:7.19.7-46.el6.i686",
"6Workstation:curl-debuginfo-0:7.19.7-46.el6.ppc",
"6Workstation:curl-debuginfo-0:7.19.7-46.el6.ppc64",
"6Workstation:curl-debuginfo-0:7.19.7-46.el6.s390",
"6Workstation:curl-debuginfo-0:7.19.7-46.el6.s390x",
"6Workstation:curl-debuginfo-0:7.19.7-46.el6.x86_64",
"6Workstation:libcurl-0:7.19.7-46.el6.i686",
"6Workstation:libcurl-0:7.19.7-46.el6.ppc",
"6Workstation:libcurl-0:7.19.7-46.el6.ppc64",
"6Workstation:libcurl-0:7.19.7-46.el6.s390",
"6Workstation:libcurl-0:7.19.7-46.el6.s390x",
"6Workstation:libcurl-0:7.19.7-46.el6.x86_64",
"6Workstation:libcurl-devel-0:7.19.7-46.el6.i686",
"6Workstation:libcurl-devel-0:7.19.7-46.el6.ppc",
"6Workstation:libcurl-devel-0:7.19.7-46.el6.ppc64",
"6Workstation:libcurl-devel-0:7.19.7-46.el6.s390",
"6Workstation:libcurl-devel-0:7.19.7-46.el6.s390x",
"6Workstation:libcurl-devel-0:7.19.7-46.el6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2015-3143"
},
{
"category": "external",
"summary": "RHBZ#1213306",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1213306"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2015-3143",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-3143"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-3143",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2015-3143"
},
{
"category": "external",
"summary": "http://curl.haxx.se/docs/adv_20150422A.html",
"url": "http://curl.haxx.se/docs/adv_20150422A.html"
}
],
"release_date": "2015-04-22T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2015-07-20T13:50:03+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Client-optional:curl-0:7.19.7-46.el6.i686",
"6Client-optional:curl-0:7.19.7-46.el6.ppc64",
"6Client-optional:curl-0:7.19.7-46.el6.s390x",
"6Client-optional:curl-0:7.19.7-46.el6.src",
"6Client-optional:curl-0:7.19.7-46.el6.x86_64",
"6Client-optional:curl-debuginfo-0:7.19.7-46.el6.i686",
"6Client-optional:curl-debuginfo-0:7.19.7-46.el6.ppc",
"6Client-optional:curl-debuginfo-0:7.19.7-46.el6.ppc64",
"6Client-optional:curl-debuginfo-0:7.19.7-46.el6.s390",
"6Client-optional:curl-debuginfo-0:7.19.7-46.el6.s390x",
"6Client-optional:curl-debuginfo-0:7.19.7-46.el6.x86_64",
"6Client-optional:libcurl-0:7.19.7-46.el6.i686",
"6Client-optional:libcurl-0:7.19.7-46.el6.ppc",
"6Client-optional:libcurl-0:7.19.7-46.el6.ppc64",
"6Client-optional:libcurl-0:7.19.7-46.el6.s390",
"6Client-optional:libcurl-0:7.19.7-46.el6.s390x",
"6Client-optional:libcurl-0:7.19.7-46.el6.x86_64",
"6Client-optional:libcurl-devel-0:7.19.7-46.el6.i686",
"6Client-optional:libcurl-devel-0:7.19.7-46.el6.ppc",
"6Client-optional:libcurl-devel-0:7.19.7-46.el6.ppc64",
"6Client-optional:libcurl-devel-0:7.19.7-46.el6.s390",
"6Client-optional:libcurl-devel-0:7.19.7-46.el6.s390x",
"6Client-optional:libcurl-devel-0:7.19.7-46.el6.x86_64",
"6Client:curl-0:7.19.7-46.el6.i686",
"6Client:curl-0:7.19.7-46.el6.ppc64",
"6Client:curl-0:7.19.7-46.el6.s390x",
"6Client:curl-0:7.19.7-46.el6.src",
"6Client:curl-0:7.19.7-46.el6.x86_64",
"6Client:curl-debuginfo-0:7.19.7-46.el6.i686",
"6Client:curl-debuginfo-0:7.19.7-46.el6.ppc",
"6Client:curl-debuginfo-0:7.19.7-46.el6.ppc64",
"6Client:curl-debuginfo-0:7.19.7-46.el6.s390",
"6Client:curl-debuginfo-0:7.19.7-46.el6.s390x",
"6Client:curl-debuginfo-0:7.19.7-46.el6.x86_64",
"6Client:libcurl-0:7.19.7-46.el6.i686",
"6Client:libcurl-0:7.19.7-46.el6.ppc",
"6Client:libcurl-0:7.19.7-46.el6.ppc64",
"6Client:libcurl-0:7.19.7-46.el6.s390",
"6Client:libcurl-0:7.19.7-46.el6.s390x",
"6Client:libcurl-0:7.19.7-46.el6.x86_64",
"6Client:libcurl-devel-0:7.19.7-46.el6.i686",
"6Client:libcurl-devel-0:7.19.7-46.el6.ppc",
"6Client:libcurl-devel-0:7.19.7-46.el6.ppc64",
"6Client:libcurl-devel-0:7.19.7-46.el6.s390",
"6Client:libcurl-devel-0:7.19.7-46.el6.s390x",
"6Client:libcurl-devel-0:7.19.7-46.el6.x86_64",
"6ComputeNode-optional:curl-0:7.19.7-46.el6.i686",
"6ComputeNode-optional:curl-0:7.19.7-46.el6.ppc64",
"6ComputeNode-optional:curl-0:7.19.7-46.el6.s390x",
"6ComputeNode-optional:curl-0:7.19.7-46.el6.src",
"6ComputeNode-optional:curl-0:7.19.7-46.el6.x86_64",
"6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.i686",
"6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.ppc",
"6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.ppc64",
"6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.s390",
"6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.s390x",
"6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.x86_64",
"6ComputeNode-optional:libcurl-0:7.19.7-46.el6.i686",
"6ComputeNode-optional:libcurl-0:7.19.7-46.el6.ppc",
"6ComputeNode-optional:libcurl-0:7.19.7-46.el6.ppc64",
"6ComputeNode-optional:libcurl-0:7.19.7-46.el6.s390",
"6ComputeNode-optional:libcurl-0:7.19.7-46.el6.s390x",
"6ComputeNode-optional:libcurl-0:7.19.7-46.el6.x86_64",
"6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.i686",
"6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.ppc",
"6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.ppc64",
"6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.s390",
"6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.s390x",
"6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.x86_64",
"6ComputeNode:curl-0:7.19.7-46.el6.i686",
"6ComputeNode:curl-0:7.19.7-46.el6.ppc64",
"6ComputeNode:curl-0:7.19.7-46.el6.s390x",
"6ComputeNode:curl-0:7.19.7-46.el6.src",
"6ComputeNode:curl-0:7.19.7-46.el6.x86_64",
"6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.i686",
"6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.ppc",
"6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.ppc64",
"6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.s390",
"6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.s390x",
"6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.x86_64",
"6ComputeNode:libcurl-0:7.19.7-46.el6.i686",
"6ComputeNode:libcurl-0:7.19.7-46.el6.ppc",
"6ComputeNode:libcurl-0:7.19.7-46.el6.ppc64",
"6ComputeNode:libcurl-0:7.19.7-46.el6.s390",
"6ComputeNode:libcurl-0:7.19.7-46.el6.s390x",
"6ComputeNode:libcurl-0:7.19.7-46.el6.x86_64",
"6ComputeNode:libcurl-devel-0:7.19.7-46.el6.i686",
"6ComputeNode:libcurl-devel-0:7.19.7-46.el6.ppc",
"6ComputeNode:libcurl-devel-0:7.19.7-46.el6.ppc64",
"6ComputeNode:libcurl-devel-0:7.19.7-46.el6.s390",
"6ComputeNode:libcurl-devel-0:7.19.7-46.el6.s390x",
"6ComputeNode:libcurl-devel-0:7.19.7-46.el6.x86_64",
"6Server:curl-0:7.19.7-46.el6.i686",
"6Server:curl-0:7.19.7-46.el6.ppc64",
"6Server:curl-0:7.19.7-46.el6.s390x",
"6Server:curl-0:7.19.7-46.el6.src",
"6Server:curl-0:7.19.7-46.el6.x86_64",
"6Server:curl-debuginfo-0:7.19.7-46.el6.i686",
"6Server:curl-debuginfo-0:7.19.7-46.el6.ppc",
"6Server:curl-debuginfo-0:7.19.7-46.el6.ppc64",
"6Server:curl-debuginfo-0:7.19.7-46.el6.s390",
"6Server:curl-debuginfo-0:7.19.7-46.el6.s390x",
"6Server:curl-debuginfo-0:7.19.7-46.el6.x86_64",
"6Server:libcurl-0:7.19.7-46.el6.i686",
"6Server:libcurl-0:7.19.7-46.el6.ppc",
"6Server:libcurl-0:7.19.7-46.el6.ppc64",
"6Server:libcurl-0:7.19.7-46.el6.s390",
"6Server:libcurl-0:7.19.7-46.el6.s390x",
"6Server:libcurl-0:7.19.7-46.el6.x86_64",
"6Server:libcurl-devel-0:7.19.7-46.el6.i686",
"6Server:libcurl-devel-0:7.19.7-46.el6.ppc",
"6Server:libcurl-devel-0:7.19.7-46.el6.ppc64",
"6Server:libcurl-devel-0:7.19.7-46.el6.s390",
"6Server:libcurl-devel-0:7.19.7-46.el6.s390x",
"6Server:libcurl-devel-0:7.19.7-46.el6.x86_64",
"6Workstation:curl-0:7.19.7-46.el6.i686",
"6Workstation:curl-0:7.19.7-46.el6.ppc64",
"6Workstation:curl-0:7.19.7-46.el6.s390x",
"6Workstation:curl-0:7.19.7-46.el6.src",
"6Workstation:curl-0:7.19.7-46.el6.x86_64",
"6Workstation:curl-debuginfo-0:7.19.7-46.el6.i686",
"6Workstation:curl-debuginfo-0:7.19.7-46.el6.ppc",
"6Workstation:curl-debuginfo-0:7.19.7-46.el6.ppc64",
"6Workstation:curl-debuginfo-0:7.19.7-46.el6.s390",
"6Workstation:curl-debuginfo-0:7.19.7-46.el6.s390x",
"6Workstation:curl-debuginfo-0:7.19.7-46.el6.x86_64",
"6Workstation:libcurl-0:7.19.7-46.el6.i686",
"6Workstation:libcurl-0:7.19.7-46.el6.ppc",
"6Workstation:libcurl-0:7.19.7-46.el6.ppc64",
"6Workstation:libcurl-0:7.19.7-46.el6.s390",
"6Workstation:libcurl-0:7.19.7-46.el6.s390x",
"6Workstation:libcurl-0:7.19.7-46.el6.x86_64",
"6Workstation:libcurl-devel-0:7.19.7-46.el6.i686",
"6Workstation:libcurl-devel-0:7.19.7-46.el6.ppc",
"6Workstation:libcurl-devel-0:7.19.7-46.el6.ppc64",
"6Workstation:libcurl-devel-0:7.19.7-46.el6.s390",
"6Workstation:libcurl-devel-0:7.19.7-46.el6.s390x",
"6Workstation:libcurl-devel-0:7.19.7-46.el6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2015:1254"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
"products": [
"6Client-optional:curl-0:7.19.7-46.el6.i686",
"6Client-optional:curl-0:7.19.7-46.el6.ppc64",
"6Client-optional:curl-0:7.19.7-46.el6.s390x",
"6Client-optional:curl-0:7.19.7-46.el6.src",
"6Client-optional:curl-0:7.19.7-46.el6.x86_64",
"6Client-optional:curl-debuginfo-0:7.19.7-46.el6.i686",
"6Client-optional:curl-debuginfo-0:7.19.7-46.el6.ppc",
"6Client-optional:curl-debuginfo-0:7.19.7-46.el6.ppc64",
"6Client-optional:curl-debuginfo-0:7.19.7-46.el6.s390",
"6Client-optional:curl-debuginfo-0:7.19.7-46.el6.s390x",
"6Client-optional:curl-debuginfo-0:7.19.7-46.el6.x86_64",
"6Client-optional:libcurl-0:7.19.7-46.el6.i686",
"6Client-optional:libcurl-0:7.19.7-46.el6.ppc",
"6Client-optional:libcurl-0:7.19.7-46.el6.ppc64",
"6Client-optional:libcurl-0:7.19.7-46.el6.s390",
"6Client-optional:libcurl-0:7.19.7-46.el6.s390x",
"6Client-optional:libcurl-0:7.19.7-46.el6.x86_64",
"6Client-optional:libcurl-devel-0:7.19.7-46.el6.i686",
"6Client-optional:libcurl-devel-0:7.19.7-46.el6.ppc",
"6Client-optional:libcurl-devel-0:7.19.7-46.el6.ppc64",
"6Client-optional:libcurl-devel-0:7.19.7-46.el6.s390",
"6Client-optional:libcurl-devel-0:7.19.7-46.el6.s390x",
"6Client-optional:libcurl-devel-0:7.19.7-46.el6.x86_64",
"6Client:curl-0:7.19.7-46.el6.i686",
"6Client:curl-0:7.19.7-46.el6.ppc64",
"6Client:curl-0:7.19.7-46.el6.s390x",
"6Client:curl-0:7.19.7-46.el6.src",
"6Client:curl-0:7.19.7-46.el6.x86_64",
"6Client:curl-debuginfo-0:7.19.7-46.el6.i686",
"6Client:curl-debuginfo-0:7.19.7-46.el6.ppc",
"6Client:curl-debuginfo-0:7.19.7-46.el6.ppc64",
"6Client:curl-debuginfo-0:7.19.7-46.el6.s390",
"6Client:curl-debuginfo-0:7.19.7-46.el6.s390x",
"6Client:curl-debuginfo-0:7.19.7-46.el6.x86_64",
"6Client:libcurl-0:7.19.7-46.el6.i686",
"6Client:libcurl-0:7.19.7-46.el6.ppc",
"6Client:libcurl-0:7.19.7-46.el6.ppc64",
"6Client:libcurl-0:7.19.7-46.el6.s390",
"6Client:libcurl-0:7.19.7-46.el6.s390x",
"6Client:libcurl-0:7.19.7-46.el6.x86_64",
"6Client:libcurl-devel-0:7.19.7-46.el6.i686",
"6Client:libcurl-devel-0:7.19.7-46.el6.ppc",
"6Client:libcurl-devel-0:7.19.7-46.el6.ppc64",
"6Client:libcurl-devel-0:7.19.7-46.el6.s390",
"6Client:libcurl-devel-0:7.19.7-46.el6.s390x",
"6Client:libcurl-devel-0:7.19.7-46.el6.x86_64",
"6ComputeNode-optional:curl-0:7.19.7-46.el6.i686",
"6ComputeNode-optional:curl-0:7.19.7-46.el6.ppc64",
"6ComputeNode-optional:curl-0:7.19.7-46.el6.s390x",
"6ComputeNode-optional:curl-0:7.19.7-46.el6.src",
"6ComputeNode-optional:curl-0:7.19.7-46.el6.x86_64",
"6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.i686",
"6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.ppc",
"6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.ppc64",
"6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.s390",
"6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.s390x",
"6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.x86_64",
"6ComputeNode-optional:libcurl-0:7.19.7-46.el6.i686",
"6ComputeNode-optional:libcurl-0:7.19.7-46.el6.ppc",
"6ComputeNode-optional:libcurl-0:7.19.7-46.el6.ppc64",
"6ComputeNode-optional:libcurl-0:7.19.7-46.el6.s390",
"6ComputeNode-optional:libcurl-0:7.19.7-46.el6.s390x",
"6ComputeNode-optional:libcurl-0:7.19.7-46.el6.x86_64",
"6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.i686",
"6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.ppc",
"6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.ppc64",
"6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.s390",
"6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.s390x",
"6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.x86_64",
"6ComputeNode:curl-0:7.19.7-46.el6.i686",
"6ComputeNode:curl-0:7.19.7-46.el6.ppc64",
"6ComputeNode:curl-0:7.19.7-46.el6.s390x",
"6ComputeNode:curl-0:7.19.7-46.el6.src",
"6ComputeNode:curl-0:7.19.7-46.el6.x86_64",
"6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.i686",
"6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.ppc",
"6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.ppc64",
"6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.s390",
"6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.s390x",
"6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.x86_64",
"6ComputeNode:libcurl-0:7.19.7-46.el6.i686",
"6ComputeNode:libcurl-0:7.19.7-46.el6.ppc",
"6ComputeNode:libcurl-0:7.19.7-46.el6.ppc64",
"6ComputeNode:libcurl-0:7.19.7-46.el6.s390",
"6ComputeNode:libcurl-0:7.19.7-46.el6.s390x",
"6ComputeNode:libcurl-0:7.19.7-46.el6.x86_64",
"6ComputeNode:libcurl-devel-0:7.19.7-46.el6.i686",
"6ComputeNode:libcurl-devel-0:7.19.7-46.el6.ppc",
"6ComputeNode:libcurl-devel-0:7.19.7-46.el6.ppc64",
"6ComputeNode:libcurl-devel-0:7.19.7-46.el6.s390",
"6ComputeNode:libcurl-devel-0:7.19.7-46.el6.s390x",
"6ComputeNode:libcurl-devel-0:7.19.7-46.el6.x86_64",
"6Server:curl-0:7.19.7-46.el6.i686",
"6Server:curl-0:7.19.7-46.el6.ppc64",
"6Server:curl-0:7.19.7-46.el6.s390x",
"6Server:curl-0:7.19.7-46.el6.src",
"6Server:curl-0:7.19.7-46.el6.x86_64",
"6Server:curl-debuginfo-0:7.19.7-46.el6.i686",
"6Server:curl-debuginfo-0:7.19.7-46.el6.ppc",
"6Server:curl-debuginfo-0:7.19.7-46.el6.ppc64",
"6Server:curl-debuginfo-0:7.19.7-46.el6.s390",
"6Server:curl-debuginfo-0:7.19.7-46.el6.s390x",
"6Server:curl-debuginfo-0:7.19.7-46.el6.x86_64",
"6Server:libcurl-0:7.19.7-46.el6.i686",
"6Server:libcurl-0:7.19.7-46.el6.ppc",
"6Server:libcurl-0:7.19.7-46.el6.ppc64",
"6Server:libcurl-0:7.19.7-46.el6.s390",
"6Server:libcurl-0:7.19.7-46.el6.s390x",
"6Server:libcurl-0:7.19.7-46.el6.x86_64",
"6Server:libcurl-devel-0:7.19.7-46.el6.i686",
"6Server:libcurl-devel-0:7.19.7-46.el6.ppc",
"6Server:libcurl-devel-0:7.19.7-46.el6.ppc64",
"6Server:libcurl-devel-0:7.19.7-46.el6.s390",
"6Server:libcurl-devel-0:7.19.7-46.el6.s390x",
"6Server:libcurl-devel-0:7.19.7-46.el6.x86_64",
"6Workstation:curl-0:7.19.7-46.el6.i686",
"6Workstation:curl-0:7.19.7-46.el6.ppc64",
"6Workstation:curl-0:7.19.7-46.el6.s390x",
"6Workstation:curl-0:7.19.7-46.el6.src",
"6Workstation:curl-0:7.19.7-46.el6.x86_64",
"6Workstation:curl-debuginfo-0:7.19.7-46.el6.i686",
"6Workstation:curl-debuginfo-0:7.19.7-46.el6.ppc",
"6Workstation:curl-debuginfo-0:7.19.7-46.el6.ppc64",
"6Workstation:curl-debuginfo-0:7.19.7-46.el6.s390",
"6Workstation:curl-debuginfo-0:7.19.7-46.el6.s390x",
"6Workstation:curl-debuginfo-0:7.19.7-46.el6.x86_64",
"6Workstation:libcurl-0:7.19.7-46.el6.i686",
"6Workstation:libcurl-0:7.19.7-46.el6.ppc",
"6Workstation:libcurl-0:7.19.7-46.el6.ppc64",
"6Workstation:libcurl-0:7.19.7-46.el6.s390",
"6Workstation:libcurl-0:7.19.7-46.el6.s390x",
"6Workstation:libcurl-0:7.19.7-46.el6.x86_64",
"6Workstation:libcurl-devel-0:7.19.7-46.el6.i686",
"6Workstation:libcurl-devel-0:7.19.7-46.el6.ppc",
"6Workstation:libcurl-devel-0:7.19.7-46.el6.ppc64",
"6Workstation:libcurl-devel-0:7.19.7-46.el6.s390",
"6Workstation:libcurl-devel-0:7.19.7-46.el6.s390x",
"6Workstation:libcurl-devel-0:7.19.7-46.el6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "curl: re-using authenticated connection when unauthenticated"
},
{
"acknowledgments": [
{
"names": [
"Daniel Stenberg"
],
"organization": "curl upstream"
},
{
"names": [
"Isaac Boukris"
],
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2015-3148",
"cwe": {
"id": "CWE-287",
"name": "Improper Authentication"
},
"discovery_date": "2015-04-16T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1213351"
}
],
"notes": [
{
"category": "description",
"text": "It was discovered that libcurl could incorrectly reuse Negotiate authenticated HTTP connections for subsequent requests. If an application using libcurl established a Negotiate authenticated HTTP connection to a server and sent subsequent requests with different credentials, the connection could be re-used with the initial set of credentials instead of using the new ones.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "curl: Negotiate not treated as connection-oriented",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue affects the version of curl package as shipped with Red Hat Enterprise Linux 5. Red Hat Enterprise Linux 5 is now in Production 3 Phase of the support and maintenance life cycle. This issue is not planned to be addressed in a future update for Red Hat Enterprise Linux 5.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-optional:curl-0:7.19.7-46.el6.i686",
"6Client-optional:curl-0:7.19.7-46.el6.ppc64",
"6Client-optional:curl-0:7.19.7-46.el6.s390x",
"6Client-optional:curl-0:7.19.7-46.el6.src",
"6Client-optional:curl-0:7.19.7-46.el6.x86_64",
"6Client-optional:curl-debuginfo-0:7.19.7-46.el6.i686",
"6Client-optional:curl-debuginfo-0:7.19.7-46.el6.ppc",
"6Client-optional:curl-debuginfo-0:7.19.7-46.el6.ppc64",
"6Client-optional:curl-debuginfo-0:7.19.7-46.el6.s390",
"6Client-optional:curl-debuginfo-0:7.19.7-46.el6.s390x",
"6Client-optional:curl-debuginfo-0:7.19.7-46.el6.x86_64",
"6Client-optional:libcurl-0:7.19.7-46.el6.i686",
"6Client-optional:libcurl-0:7.19.7-46.el6.ppc",
"6Client-optional:libcurl-0:7.19.7-46.el6.ppc64",
"6Client-optional:libcurl-0:7.19.7-46.el6.s390",
"6Client-optional:libcurl-0:7.19.7-46.el6.s390x",
"6Client-optional:libcurl-0:7.19.7-46.el6.x86_64",
"6Client-optional:libcurl-devel-0:7.19.7-46.el6.i686",
"6Client-optional:libcurl-devel-0:7.19.7-46.el6.ppc",
"6Client-optional:libcurl-devel-0:7.19.7-46.el6.ppc64",
"6Client-optional:libcurl-devel-0:7.19.7-46.el6.s390",
"6Client-optional:libcurl-devel-0:7.19.7-46.el6.s390x",
"6Client-optional:libcurl-devel-0:7.19.7-46.el6.x86_64",
"6Client:curl-0:7.19.7-46.el6.i686",
"6Client:curl-0:7.19.7-46.el6.ppc64",
"6Client:curl-0:7.19.7-46.el6.s390x",
"6Client:curl-0:7.19.7-46.el6.src",
"6Client:curl-0:7.19.7-46.el6.x86_64",
"6Client:curl-debuginfo-0:7.19.7-46.el6.i686",
"6Client:curl-debuginfo-0:7.19.7-46.el6.ppc",
"6Client:curl-debuginfo-0:7.19.7-46.el6.ppc64",
"6Client:curl-debuginfo-0:7.19.7-46.el6.s390",
"6Client:curl-debuginfo-0:7.19.7-46.el6.s390x",
"6Client:curl-debuginfo-0:7.19.7-46.el6.x86_64",
"6Client:libcurl-0:7.19.7-46.el6.i686",
"6Client:libcurl-0:7.19.7-46.el6.ppc",
"6Client:libcurl-0:7.19.7-46.el6.ppc64",
"6Client:libcurl-0:7.19.7-46.el6.s390",
"6Client:libcurl-0:7.19.7-46.el6.s390x",
"6Client:libcurl-0:7.19.7-46.el6.x86_64",
"6Client:libcurl-devel-0:7.19.7-46.el6.i686",
"6Client:libcurl-devel-0:7.19.7-46.el6.ppc",
"6Client:libcurl-devel-0:7.19.7-46.el6.ppc64",
"6Client:libcurl-devel-0:7.19.7-46.el6.s390",
"6Client:libcurl-devel-0:7.19.7-46.el6.s390x",
"6Client:libcurl-devel-0:7.19.7-46.el6.x86_64",
"6ComputeNode-optional:curl-0:7.19.7-46.el6.i686",
"6ComputeNode-optional:curl-0:7.19.7-46.el6.ppc64",
"6ComputeNode-optional:curl-0:7.19.7-46.el6.s390x",
"6ComputeNode-optional:curl-0:7.19.7-46.el6.src",
"6ComputeNode-optional:curl-0:7.19.7-46.el6.x86_64",
"6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.i686",
"6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.ppc",
"6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.ppc64",
"6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.s390",
"6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.s390x",
"6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.x86_64",
"6ComputeNode-optional:libcurl-0:7.19.7-46.el6.i686",
"6ComputeNode-optional:libcurl-0:7.19.7-46.el6.ppc",
"6ComputeNode-optional:libcurl-0:7.19.7-46.el6.ppc64",
"6ComputeNode-optional:libcurl-0:7.19.7-46.el6.s390",
"6ComputeNode-optional:libcurl-0:7.19.7-46.el6.s390x",
"6ComputeNode-optional:libcurl-0:7.19.7-46.el6.x86_64",
"6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.i686",
"6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.ppc",
"6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.ppc64",
"6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.s390",
"6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.s390x",
"6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.x86_64",
"6ComputeNode:curl-0:7.19.7-46.el6.i686",
"6ComputeNode:curl-0:7.19.7-46.el6.ppc64",
"6ComputeNode:curl-0:7.19.7-46.el6.s390x",
"6ComputeNode:curl-0:7.19.7-46.el6.src",
"6ComputeNode:curl-0:7.19.7-46.el6.x86_64",
"6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.i686",
"6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.ppc",
"6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.ppc64",
"6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.s390",
"6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.s390x",
"6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.x86_64",
"6ComputeNode:libcurl-0:7.19.7-46.el6.i686",
"6ComputeNode:libcurl-0:7.19.7-46.el6.ppc",
"6ComputeNode:libcurl-0:7.19.7-46.el6.ppc64",
"6ComputeNode:libcurl-0:7.19.7-46.el6.s390",
"6ComputeNode:libcurl-0:7.19.7-46.el6.s390x",
"6ComputeNode:libcurl-0:7.19.7-46.el6.x86_64",
"6ComputeNode:libcurl-devel-0:7.19.7-46.el6.i686",
"6ComputeNode:libcurl-devel-0:7.19.7-46.el6.ppc",
"6ComputeNode:libcurl-devel-0:7.19.7-46.el6.ppc64",
"6ComputeNode:libcurl-devel-0:7.19.7-46.el6.s390",
"6ComputeNode:libcurl-devel-0:7.19.7-46.el6.s390x",
"6ComputeNode:libcurl-devel-0:7.19.7-46.el6.x86_64",
"6Server:curl-0:7.19.7-46.el6.i686",
"6Server:curl-0:7.19.7-46.el6.ppc64",
"6Server:curl-0:7.19.7-46.el6.s390x",
"6Server:curl-0:7.19.7-46.el6.src",
"6Server:curl-0:7.19.7-46.el6.x86_64",
"6Server:curl-debuginfo-0:7.19.7-46.el6.i686",
"6Server:curl-debuginfo-0:7.19.7-46.el6.ppc",
"6Server:curl-debuginfo-0:7.19.7-46.el6.ppc64",
"6Server:curl-debuginfo-0:7.19.7-46.el6.s390",
"6Server:curl-debuginfo-0:7.19.7-46.el6.s390x",
"6Server:curl-debuginfo-0:7.19.7-46.el6.x86_64",
"6Server:libcurl-0:7.19.7-46.el6.i686",
"6Server:libcurl-0:7.19.7-46.el6.ppc",
"6Server:libcurl-0:7.19.7-46.el6.ppc64",
"6Server:libcurl-0:7.19.7-46.el6.s390",
"6Server:libcurl-0:7.19.7-46.el6.s390x",
"6Server:libcurl-0:7.19.7-46.el6.x86_64",
"6Server:libcurl-devel-0:7.19.7-46.el6.i686",
"6Server:libcurl-devel-0:7.19.7-46.el6.ppc",
"6Server:libcurl-devel-0:7.19.7-46.el6.ppc64",
"6Server:libcurl-devel-0:7.19.7-46.el6.s390",
"6Server:libcurl-devel-0:7.19.7-46.el6.s390x",
"6Server:libcurl-devel-0:7.19.7-46.el6.x86_64",
"6Workstation:curl-0:7.19.7-46.el6.i686",
"6Workstation:curl-0:7.19.7-46.el6.ppc64",
"6Workstation:curl-0:7.19.7-46.el6.s390x",
"6Workstation:curl-0:7.19.7-46.el6.src",
"6Workstation:curl-0:7.19.7-46.el6.x86_64",
"6Workstation:curl-debuginfo-0:7.19.7-46.el6.i686",
"6Workstation:curl-debuginfo-0:7.19.7-46.el6.ppc",
"6Workstation:curl-debuginfo-0:7.19.7-46.el6.ppc64",
"6Workstation:curl-debuginfo-0:7.19.7-46.el6.s390",
"6Workstation:curl-debuginfo-0:7.19.7-46.el6.s390x",
"6Workstation:curl-debuginfo-0:7.19.7-46.el6.x86_64",
"6Workstation:libcurl-0:7.19.7-46.el6.i686",
"6Workstation:libcurl-0:7.19.7-46.el6.ppc",
"6Workstation:libcurl-0:7.19.7-46.el6.ppc64",
"6Workstation:libcurl-0:7.19.7-46.el6.s390",
"6Workstation:libcurl-0:7.19.7-46.el6.s390x",
"6Workstation:libcurl-0:7.19.7-46.el6.x86_64",
"6Workstation:libcurl-devel-0:7.19.7-46.el6.i686",
"6Workstation:libcurl-devel-0:7.19.7-46.el6.ppc",
"6Workstation:libcurl-devel-0:7.19.7-46.el6.ppc64",
"6Workstation:libcurl-devel-0:7.19.7-46.el6.s390",
"6Workstation:libcurl-devel-0:7.19.7-46.el6.s390x",
"6Workstation:libcurl-devel-0:7.19.7-46.el6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2015-3148"
},
{
"category": "external",
"summary": "RHBZ#1213351",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1213351"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2015-3148",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-3148"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-3148",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2015-3148"
},
{
"category": "external",
"summary": "http://curl.haxx.se/docs/adv_20150422B.html",
"url": "http://curl.haxx.se/docs/adv_20150422B.html"
}
],
"release_date": "2015-04-22T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2015-07-20T13:50:03+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Client-optional:curl-0:7.19.7-46.el6.i686",
"6Client-optional:curl-0:7.19.7-46.el6.ppc64",
"6Client-optional:curl-0:7.19.7-46.el6.s390x",
"6Client-optional:curl-0:7.19.7-46.el6.src",
"6Client-optional:curl-0:7.19.7-46.el6.x86_64",
"6Client-optional:curl-debuginfo-0:7.19.7-46.el6.i686",
"6Client-optional:curl-debuginfo-0:7.19.7-46.el6.ppc",
"6Client-optional:curl-debuginfo-0:7.19.7-46.el6.ppc64",
"6Client-optional:curl-debuginfo-0:7.19.7-46.el6.s390",
"6Client-optional:curl-debuginfo-0:7.19.7-46.el6.s390x",
"6Client-optional:curl-debuginfo-0:7.19.7-46.el6.x86_64",
"6Client-optional:libcurl-0:7.19.7-46.el6.i686",
"6Client-optional:libcurl-0:7.19.7-46.el6.ppc",
"6Client-optional:libcurl-0:7.19.7-46.el6.ppc64",
"6Client-optional:libcurl-0:7.19.7-46.el6.s390",
"6Client-optional:libcurl-0:7.19.7-46.el6.s390x",
"6Client-optional:libcurl-0:7.19.7-46.el6.x86_64",
"6Client-optional:libcurl-devel-0:7.19.7-46.el6.i686",
"6Client-optional:libcurl-devel-0:7.19.7-46.el6.ppc",
"6Client-optional:libcurl-devel-0:7.19.7-46.el6.ppc64",
"6Client-optional:libcurl-devel-0:7.19.7-46.el6.s390",
"6Client-optional:libcurl-devel-0:7.19.7-46.el6.s390x",
"6Client-optional:libcurl-devel-0:7.19.7-46.el6.x86_64",
"6Client:curl-0:7.19.7-46.el6.i686",
"6Client:curl-0:7.19.7-46.el6.ppc64",
"6Client:curl-0:7.19.7-46.el6.s390x",
"6Client:curl-0:7.19.7-46.el6.src",
"6Client:curl-0:7.19.7-46.el6.x86_64",
"6Client:curl-debuginfo-0:7.19.7-46.el6.i686",
"6Client:curl-debuginfo-0:7.19.7-46.el6.ppc",
"6Client:curl-debuginfo-0:7.19.7-46.el6.ppc64",
"6Client:curl-debuginfo-0:7.19.7-46.el6.s390",
"6Client:curl-debuginfo-0:7.19.7-46.el6.s390x",
"6Client:curl-debuginfo-0:7.19.7-46.el6.x86_64",
"6Client:libcurl-0:7.19.7-46.el6.i686",
"6Client:libcurl-0:7.19.7-46.el6.ppc",
"6Client:libcurl-0:7.19.7-46.el6.ppc64",
"6Client:libcurl-0:7.19.7-46.el6.s390",
"6Client:libcurl-0:7.19.7-46.el6.s390x",
"6Client:libcurl-0:7.19.7-46.el6.x86_64",
"6Client:libcurl-devel-0:7.19.7-46.el6.i686",
"6Client:libcurl-devel-0:7.19.7-46.el6.ppc",
"6Client:libcurl-devel-0:7.19.7-46.el6.ppc64",
"6Client:libcurl-devel-0:7.19.7-46.el6.s390",
"6Client:libcurl-devel-0:7.19.7-46.el6.s390x",
"6Client:libcurl-devel-0:7.19.7-46.el6.x86_64",
"6ComputeNode-optional:curl-0:7.19.7-46.el6.i686",
"6ComputeNode-optional:curl-0:7.19.7-46.el6.ppc64",
"6ComputeNode-optional:curl-0:7.19.7-46.el6.s390x",
"6ComputeNode-optional:curl-0:7.19.7-46.el6.src",
"6ComputeNode-optional:curl-0:7.19.7-46.el6.x86_64",
"6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.i686",
"6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.ppc",
"6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.ppc64",
"6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.s390",
"6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.s390x",
"6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.x86_64",
"6ComputeNode-optional:libcurl-0:7.19.7-46.el6.i686",
"6ComputeNode-optional:libcurl-0:7.19.7-46.el6.ppc",
"6ComputeNode-optional:libcurl-0:7.19.7-46.el6.ppc64",
"6ComputeNode-optional:libcurl-0:7.19.7-46.el6.s390",
"6ComputeNode-optional:libcurl-0:7.19.7-46.el6.s390x",
"6ComputeNode-optional:libcurl-0:7.19.7-46.el6.x86_64",
"6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.i686",
"6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.ppc",
"6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.ppc64",
"6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.s390",
"6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.s390x",
"6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.x86_64",
"6ComputeNode:curl-0:7.19.7-46.el6.i686",
"6ComputeNode:curl-0:7.19.7-46.el6.ppc64",
"6ComputeNode:curl-0:7.19.7-46.el6.s390x",
"6ComputeNode:curl-0:7.19.7-46.el6.src",
"6ComputeNode:curl-0:7.19.7-46.el6.x86_64",
"6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.i686",
"6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.ppc",
"6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.ppc64",
"6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.s390",
"6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.s390x",
"6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.x86_64",
"6ComputeNode:libcurl-0:7.19.7-46.el6.i686",
"6ComputeNode:libcurl-0:7.19.7-46.el6.ppc",
"6ComputeNode:libcurl-0:7.19.7-46.el6.ppc64",
"6ComputeNode:libcurl-0:7.19.7-46.el6.s390",
"6ComputeNode:libcurl-0:7.19.7-46.el6.s390x",
"6ComputeNode:libcurl-0:7.19.7-46.el6.x86_64",
"6ComputeNode:libcurl-devel-0:7.19.7-46.el6.i686",
"6ComputeNode:libcurl-devel-0:7.19.7-46.el6.ppc",
"6ComputeNode:libcurl-devel-0:7.19.7-46.el6.ppc64",
"6ComputeNode:libcurl-devel-0:7.19.7-46.el6.s390",
"6ComputeNode:libcurl-devel-0:7.19.7-46.el6.s390x",
"6ComputeNode:libcurl-devel-0:7.19.7-46.el6.x86_64",
"6Server:curl-0:7.19.7-46.el6.i686",
"6Server:curl-0:7.19.7-46.el6.ppc64",
"6Server:curl-0:7.19.7-46.el6.s390x",
"6Server:curl-0:7.19.7-46.el6.src",
"6Server:curl-0:7.19.7-46.el6.x86_64",
"6Server:curl-debuginfo-0:7.19.7-46.el6.i686",
"6Server:curl-debuginfo-0:7.19.7-46.el6.ppc",
"6Server:curl-debuginfo-0:7.19.7-46.el6.ppc64",
"6Server:curl-debuginfo-0:7.19.7-46.el6.s390",
"6Server:curl-debuginfo-0:7.19.7-46.el6.s390x",
"6Server:curl-debuginfo-0:7.19.7-46.el6.x86_64",
"6Server:libcurl-0:7.19.7-46.el6.i686",
"6Server:libcurl-0:7.19.7-46.el6.ppc",
"6Server:libcurl-0:7.19.7-46.el6.ppc64",
"6Server:libcurl-0:7.19.7-46.el6.s390",
"6Server:libcurl-0:7.19.7-46.el6.s390x",
"6Server:libcurl-0:7.19.7-46.el6.x86_64",
"6Server:libcurl-devel-0:7.19.7-46.el6.i686",
"6Server:libcurl-devel-0:7.19.7-46.el6.ppc",
"6Server:libcurl-devel-0:7.19.7-46.el6.ppc64",
"6Server:libcurl-devel-0:7.19.7-46.el6.s390",
"6Server:libcurl-devel-0:7.19.7-46.el6.s390x",
"6Server:libcurl-devel-0:7.19.7-46.el6.x86_64",
"6Workstation:curl-0:7.19.7-46.el6.i686",
"6Workstation:curl-0:7.19.7-46.el6.ppc64",
"6Workstation:curl-0:7.19.7-46.el6.s390x",
"6Workstation:curl-0:7.19.7-46.el6.src",
"6Workstation:curl-0:7.19.7-46.el6.x86_64",
"6Workstation:curl-debuginfo-0:7.19.7-46.el6.i686",
"6Workstation:curl-debuginfo-0:7.19.7-46.el6.ppc",
"6Workstation:curl-debuginfo-0:7.19.7-46.el6.ppc64",
"6Workstation:curl-debuginfo-0:7.19.7-46.el6.s390",
"6Workstation:curl-debuginfo-0:7.19.7-46.el6.s390x",
"6Workstation:curl-debuginfo-0:7.19.7-46.el6.x86_64",
"6Workstation:libcurl-0:7.19.7-46.el6.i686",
"6Workstation:libcurl-0:7.19.7-46.el6.ppc",
"6Workstation:libcurl-0:7.19.7-46.el6.ppc64",
"6Workstation:libcurl-0:7.19.7-46.el6.s390",
"6Workstation:libcurl-0:7.19.7-46.el6.s390x",
"6Workstation:libcurl-0:7.19.7-46.el6.x86_64",
"6Workstation:libcurl-devel-0:7.19.7-46.el6.i686",
"6Workstation:libcurl-devel-0:7.19.7-46.el6.ppc",
"6Workstation:libcurl-devel-0:7.19.7-46.el6.ppc64",
"6Workstation:libcurl-devel-0:7.19.7-46.el6.s390",
"6Workstation:libcurl-devel-0:7.19.7-46.el6.s390x",
"6Workstation:libcurl-devel-0:7.19.7-46.el6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2015:1254"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
"products": [
"6Client-optional:curl-0:7.19.7-46.el6.i686",
"6Client-optional:curl-0:7.19.7-46.el6.ppc64",
"6Client-optional:curl-0:7.19.7-46.el6.s390x",
"6Client-optional:curl-0:7.19.7-46.el6.src",
"6Client-optional:curl-0:7.19.7-46.el6.x86_64",
"6Client-optional:curl-debuginfo-0:7.19.7-46.el6.i686",
"6Client-optional:curl-debuginfo-0:7.19.7-46.el6.ppc",
"6Client-optional:curl-debuginfo-0:7.19.7-46.el6.ppc64",
"6Client-optional:curl-debuginfo-0:7.19.7-46.el6.s390",
"6Client-optional:curl-debuginfo-0:7.19.7-46.el6.s390x",
"6Client-optional:curl-debuginfo-0:7.19.7-46.el6.x86_64",
"6Client-optional:libcurl-0:7.19.7-46.el6.i686",
"6Client-optional:libcurl-0:7.19.7-46.el6.ppc",
"6Client-optional:libcurl-0:7.19.7-46.el6.ppc64",
"6Client-optional:libcurl-0:7.19.7-46.el6.s390",
"6Client-optional:libcurl-0:7.19.7-46.el6.s390x",
"6Client-optional:libcurl-0:7.19.7-46.el6.x86_64",
"6Client-optional:libcurl-devel-0:7.19.7-46.el6.i686",
"6Client-optional:libcurl-devel-0:7.19.7-46.el6.ppc",
"6Client-optional:libcurl-devel-0:7.19.7-46.el6.ppc64",
"6Client-optional:libcurl-devel-0:7.19.7-46.el6.s390",
"6Client-optional:libcurl-devel-0:7.19.7-46.el6.s390x",
"6Client-optional:libcurl-devel-0:7.19.7-46.el6.x86_64",
"6Client:curl-0:7.19.7-46.el6.i686",
"6Client:curl-0:7.19.7-46.el6.ppc64",
"6Client:curl-0:7.19.7-46.el6.s390x",
"6Client:curl-0:7.19.7-46.el6.src",
"6Client:curl-0:7.19.7-46.el6.x86_64",
"6Client:curl-debuginfo-0:7.19.7-46.el6.i686",
"6Client:curl-debuginfo-0:7.19.7-46.el6.ppc",
"6Client:curl-debuginfo-0:7.19.7-46.el6.ppc64",
"6Client:curl-debuginfo-0:7.19.7-46.el6.s390",
"6Client:curl-debuginfo-0:7.19.7-46.el6.s390x",
"6Client:curl-debuginfo-0:7.19.7-46.el6.x86_64",
"6Client:libcurl-0:7.19.7-46.el6.i686",
"6Client:libcurl-0:7.19.7-46.el6.ppc",
"6Client:libcurl-0:7.19.7-46.el6.ppc64",
"6Client:libcurl-0:7.19.7-46.el6.s390",
"6Client:libcurl-0:7.19.7-46.el6.s390x",
"6Client:libcurl-0:7.19.7-46.el6.x86_64",
"6Client:libcurl-devel-0:7.19.7-46.el6.i686",
"6Client:libcurl-devel-0:7.19.7-46.el6.ppc",
"6Client:libcurl-devel-0:7.19.7-46.el6.ppc64",
"6Client:libcurl-devel-0:7.19.7-46.el6.s390",
"6Client:libcurl-devel-0:7.19.7-46.el6.s390x",
"6Client:libcurl-devel-0:7.19.7-46.el6.x86_64",
"6ComputeNode-optional:curl-0:7.19.7-46.el6.i686",
"6ComputeNode-optional:curl-0:7.19.7-46.el6.ppc64",
"6ComputeNode-optional:curl-0:7.19.7-46.el6.s390x",
"6ComputeNode-optional:curl-0:7.19.7-46.el6.src",
"6ComputeNode-optional:curl-0:7.19.7-46.el6.x86_64",
"6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.i686",
"6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.ppc",
"6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.ppc64",
"6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.s390",
"6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.s390x",
"6ComputeNode-optional:curl-debuginfo-0:7.19.7-46.el6.x86_64",
"6ComputeNode-optional:libcurl-0:7.19.7-46.el6.i686",
"6ComputeNode-optional:libcurl-0:7.19.7-46.el6.ppc",
"6ComputeNode-optional:libcurl-0:7.19.7-46.el6.ppc64",
"6ComputeNode-optional:libcurl-0:7.19.7-46.el6.s390",
"6ComputeNode-optional:libcurl-0:7.19.7-46.el6.s390x",
"6ComputeNode-optional:libcurl-0:7.19.7-46.el6.x86_64",
"6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.i686",
"6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.ppc",
"6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.ppc64",
"6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.s390",
"6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.s390x",
"6ComputeNode-optional:libcurl-devel-0:7.19.7-46.el6.x86_64",
"6ComputeNode:curl-0:7.19.7-46.el6.i686",
"6ComputeNode:curl-0:7.19.7-46.el6.ppc64",
"6ComputeNode:curl-0:7.19.7-46.el6.s390x",
"6ComputeNode:curl-0:7.19.7-46.el6.src",
"6ComputeNode:curl-0:7.19.7-46.el6.x86_64",
"6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.i686",
"6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.ppc",
"6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.ppc64",
"6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.s390",
"6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.s390x",
"6ComputeNode:curl-debuginfo-0:7.19.7-46.el6.x86_64",
"6ComputeNode:libcurl-0:7.19.7-46.el6.i686",
"6ComputeNode:libcurl-0:7.19.7-46.el6.ppc",
"6ComputeNode:libcurl-0:7.19.7-46.el6.ppc64",
"6ComputeNode:libcurl-0:7.19.7-46.el6.s390",
"6ComputeNode:libcurl-0:7.19.7-46.el6.s390x",
"6ComputeNode:libcurl-0:7.19.7-46.el6.x86_64",
"6ComputeNode:libcurl-devel-0:7.19.7-46.el6.i686",
"6ComputeNode:libcurl-devel-0:7.19.7-46.el6.ppc",
"6ComputeNode:libcurl-devel-0:7.19.7-46.el6.ppc64",
"6ComputeNode:libcurl-devel-0:7.19.7-46.el6.s390",
"6ComputeNode:libcurl-devel-0:7.19.7-46.el6.s390x",
"6ComputeNode:libcurl-devel-0:7.19.7-46.el6.x86_64",
"6Server:curl-0:7.19.7-46.el6.i686",
"6Server:curl-0:7.19.7-46.el6.ppc64",
"6Server:curl-0:7.19.7-46.el6.s390x",
"6Server:curl-0:7.19.7-46.el6.src",
"6Server:curl-0:7.19.7-46.el6.x86_64",
"6Server:curl-debuginfo-0:7.19.7-46.el6.i686",
"6Server:curl-debuginfo-0:7.19.7-46.el6.ppc",
"6Server:curl-debuginfo-0:7.19.7-46.el6.ppc64",
"6Server:curl-debuginfo-0:7.19.7-46.el6.s390",
"6Server:curl-debuginfo-0:7.19.7-46.el6.s390x",
"6Server:curl-debuginfo-0:7.19.7-46.el6.x86_64",
"6Server:libcurl-0:7.19.7-46.el6.i686",
"6Server:libcurl-0:7.19.7-46.el6.ppc",
"6Server:libcurl-0:7.19.7-46.el6.ppc64",
"6Server:libcurl-0:7.19.7-46.el6.s390",
"6Server:libcurl-0:7.19.7-46.el6.s390x",
"6Server:libcurl-0:7.19.7-46.el6.x86_64",
"6Server:libcurl-devel-0:7.19.7-46.el6.i686",
"6Server:libcurl-devel-0:7.19.7-46.el6.ppc",
"6Server:libcurl-devel-0:7.19.7-46.el6.ppc64",
"6Server:libcurl-devel-0:7.19.7-46.el6.s390",
"6Server:libcurl-devel-0:7.19.7-46.el6.s390x",
"6Server:libcurl-devel-0:7.19.7-46.el6.x86_64",
"6Workstation:curl-0:7.19.7-46.el6.i686",
"6Workstation:curl-0:7.19.7-46.el6.ppc64",
"6Workstation:curl-0:7.19.7-46.el6.s390x",
"6Workstation:curl-0:7.19.7-46.el6.src",
"6Workstation:curl-0:7.19.7-46.el6.x86_64",
"6Workstation:curl-debuginfo-0:7.19.7-46.el6.i686",
"6Workstation:curl-debuginfo-0:7.19.7-46.el6.ppc",
"6Workstation:curl-debuginfo-0:7.19.7-46.el6.ppc64",
"6Workstation:curl-debuginfo-0:7.19.7-46.el6.s390",
"6Workstation:curl-debuginfo-0:7.19.7-46.el6.s390x",
"6Workstation:curl-debuginfo-0:7.19.7-46.el6.x86_64",
"6Workstation:libcurl-0:7.19.7-46.el6.i686",
"6Workstation:libcurl-0:7.19.7-46.el6.ppc",
"6Workstation:libcurl-0:7.19.7-46.el6.ppc64",
"6Workstation:libcurl-0:7.19.7-46.el6.s390",
"6Workstation:libcurl-0:7.19.7-46.el6.s390x",
"6Workstation:libcurl-0:7.19.7-46.el6.x86_64",
"6Workstation:libcurl-devel-0:7.19.7-46.el6.i686",
"6Workstation:libcurl-devel-0:7.19.7-46.el6.ppc",
"6Workstation:libcurl-devel-0:7.19.7-46.el6.ppc64",
"6Workstation:libcurl-devel-0:7.19.7-46.el6.s390",
"6Workstation:libcurl-devel-0:7.19.7-46.el6.s390x",
"6Workstation:libcurl-devel-0:7.19.7-46.el6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "curl: Negotiate not treated as connection-oriented"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.