Release date:
2026-03-24 15:32:53 UTC
Description:
- CVE-2026-1965: fix incorrect connection reuse; prevent reuse of Negotiate-
authenticated connections with different credentials and require
authentication identity match
- CVE-2026-3784: fix wrong proxy connection reuse with different credentials;
check proxy user/password in proxy_info_matches to prevent reuse of HTTP
proxy CONNECT connections when credentials differ
- CVE-2026-3783: prevent bearer token leak on HTTP(S) redirect when .netrc
contains entries for the redirected host
Updated packages:
-
curl-7.61.1-34.el8.tuxcare.els6.x86_64.rpm
sha:fe39e95066fb359b5ef46abeefe0350016ea2b9e8b1def3920e825580a007aff
-
curl-minimal-7.61.1-34.el8.tuxcare.els6.x86_64.rpm
sha:6424391e0fdd032382ba67b0eb65e4411735f5fb04131e635b91c0a28246911a
-
libcurl-7.61.1-34.el8.tuxcare.els6.i686.rpm
sha:e6c173ac41356b4cfe520069cceb3fe20715241e8ecbf7b51fb578b866b916e8
-
libcurl-7.61.1-34.el8.tuxcare.els6.x86_64.rpm
sha:abf224153f58a46629ce7172033a5c1622296852e08030644f958e5492fc38c1
-
libcurl-devel-7.61.1-34.el8.tuxcare.els6.i686.rpm
sha:345bdc18eb71fcde2b0b1f2a4ab35ca3bcbef19ab1ea51244125277b5732ad97
-
libcurl-devel-7.61.1-34.el8.tuxcare.els6.x86_64.rpm
sha:bdf3e7a77d28ee9fed0d76ad9d5ca1ecefb12eb28f578a85d8e5acf625693d1a
-
libcurl-minimal-7.61.1-34.el8.tuxcare.els6.i686.rpm
sha:6113cc838f530ce9a8dbefea6ffc73b586629a1fc02e8a2ce0a6e327ec249dd9
-
libcurl-minimal-7.61.1-34.el8.tuxcare.els6.x86_64.rpm
sha:938ba7fa4b6c8cf56e4db51f6745a8f9713dd7da6d40ca61c221d3264f42edda
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.
