Debian CVE: CVE-2021-22945/CVE-2022-27781/CVE-2022-32207: curl: multiple CVEs
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
StarlingX |
Fix Released
|
Medium
|
Yue Tao |
Bug Description
Title
-----
CVE-2022-32207: [https:/
CVE-2022-27781: [https:/
CVE-2022-32207: [https:/
Brief Description
-----------------
CVE-2022-32207
When curl < 7.84.0 saves cookies, alt-svc and hsts data to local files, it makes the operation atomic by finalizing the operation with a rename from a temporary name to the final target file name.In that rename operation, it might accidentally *widen* the permissions for the target file, leaving the updated file accessible to more users than intended.
CVE-2022-27781
libcurl provides the `CURLOPT_CERTINFO` option to allow applications torequest details to be returned about a server's certificate chain.Due to an erroneous function, a malicious server could make libcurl built withNSS get stuck in a never-ending busy-loop when trying to retrieve thatinformation.
CVE-2022-32207
When curl < 7.84.0 saves cookies, alt-svc and hsts data to local files, it makes the operation atomic by finalizing the operation with a rename from a temporary name to the final target file name.In that rename operation, it might accidentally *widen* the permissions for the target file, leaving the updated file accessible to more users than intended.
Fix
---
'curl_7.
'libcurl3-
'libcurl4_
Fix proposed to branch: master /review. opendev. org/c/starlingx /tools/ +/862776
Review: https:/