A new curl package with the fix for the CVE-2021-22876 within CentOS 6 ELS has been scheduled for gradual rollout

Extended-CentOS

A new curl package with the fix for the CVE-2021-22876 within CentOS 6 extended lifecycle support has been scheduled for gradual rollout from our production repository.

Rollout slot: 1

Rolled out to: 1%

ETA for 100% rollout: April, 8

Errata: https://errata.cloudlinux.com/els6/CLSA-2021-1617285762.html

Changelog

curl-7.19.7-56.cloudlinux.els6

back-port urlapi from v7.75.0 (used by CVE-2021-22876)
strip credentials from the auto-referer header (CVE-2021-22876)

Update command

yum update curl*

Immediate update (via bypass)

yum update curl* --enablerepo=ELS6-rollout-1-bypass

A new curl package with the fix for the CVE-2021-22876 within CentOS 6 ELS has been scheduled for gradual rollout

Apr 1, 2021 10:53:25 AM

Inessa Atmachian

Extended-CentOS

A new curl package with the fix for the CVE-2021-22876 within CentOS 6 extended lifecycle support has been scheduled for gradual rollout from our production repository.

Rollout slot: 1

Rolled out to: 1%

ETA for 100% rollout: April, 8

Errata: https://errata.cloudlinux.com/els6/CLSA-2021-1617285762.html

Changelog

curl-7.19.7-56.cloudlinux.els6

back-port urlapi from v7.75.0 (used by CVE-2021-22876)
strip credentials from the auto-referer header (CVE-2021-22876)

Update command

yum update curl*

Immediate update (via bypass)

yum update curl* --enablerepo=ELS6-rollout-1-bypass

Looking for “how to” content?

A new curl package with the fix for the CVE-2021-22876 within CentOS 6 ELS has been scheduled for gradual rollout

Changelog

Update command

Immediate update (via bypass)

A new curl package with the fix for the CVE-2021-22876 within CentOS 6 ELS has been scheduled for gradual rollout

Changelog

Update command

Immediate update (via bypass)

WEB SERVER SECURITY BLOG

Subscribe to CloudLinux Newsletter