The manufacturer Canonical has not yet set up its devicebase profile. Content such as updates, compatibilities and support may only be maintained with a delay.
Update

USN-7162-1: curl vulnerability

USN-7162-1: curl vulnerability
16 December 2024

curl could be made to expose sensitive information.

Releases
Ubuntu 24.10 Ubuntu 24.04 LTS Ubuntu 22.04 LTS Ubuntu 20.04 LTS

Packages
curl - HTTP, HTTPS, and FTP client and client libraries

Details
Harry Sintonen discovered that curl incorrectly handled credentials from
.netrc files when following HTTP redirects. In certain configurations, the
password for the first host could be leaked to the followed-to host,
contrary to expectations.

Update instructions
The problem can be corrected by updating your system to the following package versions:

Ubuntu 24.10

  • curl - 8.9.1-2ubuntu2.2
  • libcurl3t64-gnutls - 8.9.1-2ubuntu2.2
  • libcurl4t64 - 8.9.1-2ubuntu2.2
    Ubuntu 24.04
  • curl - 8.5.0-2ubuntu10.6
  • libcurl3t64-gnutls - 8.5.0-2ubuntu10.6
  • libcurl4t64 - 8.5.0-2ubuntu10.6
    Ubuntu 22.04
  • curl - 7.81.0-1ubuntu1.20
  • libcurl3-gnutls - 7.81.0-1ubuntu1.20
  • libcurl3-nss - 7.81.0-1ubuntu1.20
  • libcurl4 - 7.81.0-1ubuntu1.20
    Ubuntu 20.04
  • curl - 7.68.0-1ubuntu2.25
  • libcurl3-gnutls - 7.68.0-1ubuntu2.25
  • libcurl3-nss - 7.68.0-1ubuntu2.25
  • libcurl4 - 7.68.0-1ubuntu2.25

In general, a standard system update will make all the necessary changes.

Version: 24.04 LTS Link
Receive Important Update Messages Stay tuned for upcoming Canonical Ubuntu Desktop updates

Was the content helpful to you?

Advertisement Advertise here?
Udemy IT certification ad