cURL package within CentOS 6 Extended Lifecycle Support with a fix for the CVE-2020-8284 has been scheduled for gradual rollout
We are happy to announce that a new curl-7.19.7-55.cloudlinux.els6 package within CentOS 6 extended lifecycle support has been scheduled for gradual rollout from our production repository.
This update contains a fix for a new CVE-2020-8284 (https://curl.se/docs/CVE-
Errata: https://errata.
Rollout slot: 1
Rolled out to: 1%
ETA for 100% rollout: December, 23
Changelog
curl-7.19.7-55.cloudlinux.els6
- Trusting FTP PASV responses (CVE-2020-8284)
Update command
yum update curl*
Immediate update (via bypass)
yum update curl* --enablerepo=ELS6-rollout-1-bypass