СloudLinux Blog

cURL package within CentOS 6 Extended Lifecycle Support with a fix for the CVE-2020-8284 has been rolled out to 100%

Written by Inessa Atmachian | Dec 23, 2020 2:16:07 PM

We are happy to announce that a new curl-7.19.7-55.cloudlinux.els6 package within CentOS 6 extended lifecycle support has been rolled out to 100% and is now available for download from our production repository.

This update contains a fix for a new CVE-2020-8284 (https://curl.se/docs/CVE-2020-8284.html).

Errata: https://errata.cloudlinux.com/els6/CLSA-2020-1605798462.html

Changelog

curl-7.19.7-55.cloudlinux.els6

  • Trusting FTP PASV responses (CVE-2020-8284)

Update command

yum update curl*