Univention Bugzilla – Bug 52529
curl: Multiple issues (4.4)
Last modified: 2021-01-06 16:53:45 CET
New Debian curl 7.52.1-5+deb9u13 fixes: This update addresses the following issues: * dangerous nature of PASV command could be used to make curl extract information otherwise private (CVE-2020-8284) * malicious FTP server can trigger stack overflow when CURLOPT_CHUNK_BGN_FUNCTION is used (CVE-2020-8285) * inferior OCSP verification (CVE-2020-8286)
--- mirror/ftp/4.4/unmaintained/4.4-7/source/curl_7.52.1-5+deb9u12.dsc +++ apt/ucs_4.4-0-errata4.4-7/source/curl_7.52.1-5+deb9u13.dsc @@ -1,3 +1,19 @@ +7.52.1-5+deb9u13 [Thu, 17 Dec 2020 14:12:07 -0500] Roberto C. Sánchez <roberto@debian.org>: + + * Non-maintainer upload by the LTS Team. + * CVE-2020-8284 + malicious server can use the FTP PASV response to trick curl into + connecting back to a given IP address and port, and this way potentially + make curl extract information about services that are otherwise private and + not disclosed, for example doing port scanning and service banner + extractions (Closes: #977163) + * CVE-2020-8285 + curl is vulnerable to uncontrolled recursion due to a stack overflow issue + in FTP wildcard match parsing (Closes: #977162) + * CVE-2020-8286 + curl is vulnerable to an improper check for certificate revocation due to + insufficient verification of the OCSP response (Closes: #977161) + 7.52.1-5+deb9u12 [Sun, 20 Sep 2020 18:03:02 +0200] Thorsten Alteholz <debian@alteholz.de>: * Non-maintainer upload by the LTS Team. <http://10.200.17.11/4.4-7/#8640689909874988622>
OK: yaml OK: announce_errata OK: patch OK: piuparts [4.4-7] 20e4ad0ed9 Bug #52529: curl 7.52.1-5+deb9u13 doc/errata/staging/curl.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) [4.4-7] 683ccd8823 Bug #52529: curl 7.52.1-5+deb9u13 doc/errata/staging/curl.yaml | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+)
<https://errata.software-univention.de/#/?erratum=4.4x851>