|Category:||SuSE Local Security Checks|
|Title:||SUSE: Security Advisory (SUSE-SU-2021:1763-1)|
|Summary:||The remote host is missing an update for the 'curl' package(s) announced via the SUSE-SU-2021:1763-1 advisory.|
The remote host is missing an update for the 'curl' package(s) announced via the SUSE-SU-2021:1763-1 advisory.
This update for curl fixes the following issues:
CVE-2021-22898: Fixed curl TELNET stack contents disclosure
Allow partial chain verification [jsc#SLE-17956]
* Have intermediate certificates in the trust store be treated as
trust-anchors, in the same way as self-signed root CA certificates
are. This allows users to verify servers using the intermediate cert
only, instead of needing the whole chain.
* Set FLAG_TRUSTED_FIRST unconditionally.
* Do not check partial chains with CRL check.
'curl' package(s) on SUSE Linux Enterprise Software Development Kit 12-SP5, SUSE Linux Enterprise Server 12-SP5
Please install the updated package(s).
Common Vulnerability Exposure (CVE) ID: CVE-2021-22898|
|Copyright||Copyright (C) 2021 Greenbone Networks GmbH|
|This is only one of 97459 vulnerability tests in our test suite. Find out more about running a complete security audit.|
To run a free test of this vulnerability against your system, register below.