Release date:
2026-03-23 09:47:04 UTC
Description:
- CVE-2026-1965: fix incorrect connection reuse; prevent reuse of Negotiate-
authenticated connections with different credentials and require
authentication identity match
- CVE-2026-3784: fix wrong proxy connection reuse with different credentials;
check proxy user/password in proxy_info_matches to prevent reuse of HTTP
proxy CONNECT connections when credentials differ
- CVE-2026-3783: prevent bearer token leak on HTTP(S) redirect when .netrc
contains entries for the redirected host
Updated packages:
-
curl-7.61.1-22.el8.tuxcare.els18.x86_64.rpm
sha:c341aa37f6ef71027dd9c0d56c7cec6ad1217a036d39b779da7aca7d74efe901
-
curl-minimal-7.61.1-22.el8.tuxcare.els18.x86_64.rpm
sha:2354a641e8a5da5fcaf334108b78680e80ed37f6fc7875c91edbba573e605adc
-
libcurl-7.61.1-22.el8.tuxcare.els18.i686.rpm
sha:22ec4808b3c1406c0156c10d7afe38cdc5c16c9da638c407db877f3572d56a77
-
libcurl-7.61.1-22.el8.tuxcare.els18.x86_64.rpm
sha:426cae83c96b7750eb8d41187acb8c14fbbb7d487cba4f4277c1a72f60cb3946
-
libcurl-devel-7.61.1-22.el8.tuxcare.els18.i686.rpm
sha:3bb0f427e144892a62573955542c8e7b40b6eb08309d9a014708bd1366c50f47
-
libcurl-devel-7.61.1-22.el8.tuxcare.els18.x86_64.rpm
sha:a9f017ae7a6688c0f6bd6e7832e3916dbacd6d6a78ed6d4ea3fbf33a0c1b0964
-
libcurl-minimal-7.61.1-22.el8.tuxcare.els18.i686.rpm
sha:7572e1ac133d377ae1965f4aa2fcbfb6e24e76e10cdb4bcc2143acc5eedcb1d0
-
libcurl-minimal-7.61.1-22.el8.tuxcare.els18.x86_64.rpm
sha:533676a3d5c04e60593568565090fcb085f24ee23be7d163056c031a30357ba4
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.
