СloudLinux Blog

A new curl package with the fix for the CVE-2021-22876 within OracleLinux 6 ELS released

Written by Inessa Atmachian | Apr 12, 2021 4:01:14 PM

A new curl package with the fix for the CVE-2021-22876 within OracleLinux 6 extended lifecycle support is now available for download from our production repository.

Changelog

curl-7.19.7-56.el6.cloudlinux.ol.els6

  • back-port urlapi from v7.75.0 (used by CVE-2021-22876)
  • strip credentials from the auto-referer header (CVE-2021-22876)

Update command

yum update curl*
View full post