Red Hat Security Advisory 2021-2472-01 - This release adds the new Apache HTTP Server 2.4.37 Service Pack 8 packages that are part of the JBoss Core Services offering. This release serves as a replacement for Red Hat JBoss Core Services Pack Apache Server 2.4.37 Service Pack 7 and includes bug fixes and enhancements. Issues addressed include null pointer and use-after-free vulnerabilities.
19735da2179172dfd4dafbdef97ffa2abdb672d9b8f5865fe7fd9e743f621ed9
Red Hat Security Advisory 2021-2471-01 - Red Hat JBoss Core Services is a set of supplementary software for Red Hat JBoss middleware products. This software, such as Apache HTTP Server, is common to multiple JBoss middleware products, and is packaged under Red Hat JBoss Core Services to allow for faster distribution of updates, and for a more consistent update experience. This release adds the new Apache HTTP Server 2.4.37 Service Pack 8 packages that are part of the JBoss Core Services offering. This release serves as a replacement for Red Hat JBoss Core Services Pack Apache Server 2.4.37 Service Pack 7 and includes bug fixes and enhancements. Issues addressed include null pointer and use-after-free vulnerabilities.
c503b0c9787ff152a79b6411488dd21ecce7fa317d626248d8da273122c8eb96
Debian Linux Security Advisory 4881-1 - Multiple vulnerabilities were discovered in cURL, an URL transfer library.
bc9e30e2495c14523abe0253c23adf2b8510b307a08eb0748a5275eab7b6de70
Gentoo Linux Security Advisory 202007-16 - Multiple vulnerabilities have been found in cURL, the worst of which could result in information disclosure or data loss. Versions less than 7.71.0 are affected.
e1af21d96da50a0e0f4dff009603981342b13a6aea2d3a597f06b655ca54182b
Ubuntu Security Notice 4402-1 - Marek Szlagor, Gregory Jefferis and Jeroen Ooms discovered that curl incorrectly handled certain credentials. An attacker could possibly use this issue to expose sensitive information. This issue only affected Ubuntu 19.10 and Ubuntu 20.04 LTS. It was discovered that curl incorrectly handled certain parameters. An attacker could possibly use this issue to overwrite a local file. Various other issues were also addressed.
7ad6be029b3ae23be7701aa1b9dde82d54233beeaddc75b7a387cc28e8118870