Red Hat Security Advisory 2021-2472-01 - This release adds the new Apache HTTP Server 2.4.37 Service Pack 8 packages that are part of the JBoss Core Services offering. This release serves as a replacement for Red Hat JBoss Core Services Pack Apache Server 2.4.37 Service Pack 7 and includes bug fixes and enhancements. Issues addressed include null pointer and use-after-free vulnerabilities.
19735da2179172dfd4dafbdef97ffa2abdb672d9b8f5865fe7fd9e743f621ed9
Red Hat Security Advisory 2021-2471-01 - Red Hat JBoss Core Services is a set of supplementary software for Red Hat JBoss middleware products. This software, such as Apache HTTP Server, is common to multiple JBoss middleware products, and is packaged under Red Hat JBoss Core Services to allow for faster distribution of updates, and for a more consistent update experience. This release adds the new Apache HTTP Server 2.4.37 Service Pack 8 packages that are part of the JBoss Core Services offering. This release serves as a replacement for Red Hat JBoss Core Services Pack Apache Server 2.4.37 Service Pack 7 and includes bug fixes and enhancements. Issues addressed include null pointer and use-after-free vulnerabilities.
c503b0c9787ff152a79b6411488dd21ecce7fa317d626248d8da273122c8eb96
Gentoo Linux Security Advisory 202105-36 - Multiple vulnerabilities have been found in cURL, the worst of which could result in the arbitrary execution of code. Versions less than 7.77.0 are affected.
27d653e9c404fce8a51dc5b8eb56846b8d6b8bc2c806dad855056460e4cd9d0d
Ubuntu Security Notice 4898-1 - Viktor Szakats discovered that curl did not strip off user credentials from referrer header fields. A remote attacker could possibly use this issue to obtain sensitive information. Mingtao Yang discovered that curl incorrectly handled session tickets when using an HTTPS proxy. A remote attacker in control of an HTTPS proxy could use this issue to bypass certificate checks and intercept communications. This issue only affected Ubuntu 20.04 LTS and Ubuntu 20.10. Various other issues were also addressed.
22173ed9e34384a637f436fbee924cd1e6f822bde6b4c5d87b6d0061740ea569
Debian Linux Security Advisory 4881-1 - Multiple vulnerabilities were discovered in cURL, an URL transfer library.
bc9e30e2495c14523abe0253c23adf2b8510b307a08eb0748a5275eab7b6de70