Release date:
2026-03-23 09:58:29 UTC
Description:
- CVE-2026-1965: fix incorrect connection reuse; prevent reuse of Negotiate-
authenticated connections with different credentials and require
authentication identity match
- CVE-2026-3784: fix wrong proxy connection reuse with different credentials;
check proxy user/password in proxy_info_matches to prevent reuse of HTTP
proxy CONNECT connections when credentials differ
- CVE-2026-3783: prevent bearer token leak on HTTP(S) redirect when .netrc
contains entries for the redirected host
Updated packages:
-
curl-7.61.1-22.el8.tuxcare.els18.x86_64.rpm
sha:b88ceacbd49df3cae3db6fd788983945427549510c9853e8b12fdd7ee91e37d5
-
curl-minimal-7.61.1-22.el8.tuxcare.els18.x86_64.rpm
sha:e693bb2f01b665bf5f40212b724b8b2552729fbfa78ee6926c046964476cc090
-
libcurl-7.61.1-22.el8.tuxcare.els18.i686.rpm
sha:5366d857d15943f7ae82ecbe93e6c29deba9c10854edecd9a7254d27ef7889af
-
libcurl-7.61.1-22.el8.tuxcare.els18.x86_64.rpm
sha:dc426f22375abe6ae864c780b662bb861b8a705481e020af2cfa123fbda923a9
-
libcurl-devel-7.61.1-22.el8.tuxcare.els18.i686.rpm
sha:a9c1b940970c1536050bbe3a9298700e8270e7653c0c91dec7f599ac76a7beb8
-
libcurl-devel-7.61.1-22.el8.tuxcare.els18.x86_64.rpm
sha:7b72de15ea1ae2e6b1460bd361f16284de58ef760e97f643e330eb89bc20826a
-
libcurl-minimal-7.61.1-22.el8.tuxcare.els18.i686.rpm
sha:ca763c90917201f6b6b7d9e4c7cd563885897cef562b6fc6a49e779f8f92b6c9
-
libcurl-minimal-7.61.1-22.el8.tuxcare.els18.x86_64.rpm
sha:1dbbb113a9020c33d4a6d2e11a8c2e3479a077f6ccefa55a52cc7fb40012cfa5
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.
