Bug 11037

Summary: curl 7.74.0 (CVE-2020-8286, CVE-2020-8285, CVE-2020-8231, CVE-2020-8284)
Product: [ROSA-based products] ROSA Fresh Reporter: Mikhail Novosyolov <m.novosyolov>
Component: Packages from MainAssignee: ROSA Linux Bugs <bugs>
Status: VERIFIED FIXED QA Contact: ROSA Linux Bugs <bugs>
Severity: normal    
Priority: Normal CC: alzim, v.potapov
Version: AllFlags: v.potapov: qa_verified+
alzim: published+
Target Milestone: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Platform: --- ROSA Vulnerability identifier:
RPM Package: ISO-related:
Bad POT generating: Upstream:

Description Mikhail Novosyolov 2020-12-12 00:34:22 MSK 
********* QA ADVISORY **********

curl 7.74.0-1
- updated to 7.74.0 (includes fixes of CVE-2020-8286, CVE-2020-8285, CVE-2020-8231, CVE-2020-8284)
- packaged more docs
- enabled TLS SRP support in curl-libressl / curl-gost

Depends from bug#11036 due to enabled TLS SRP in curl-libressl.

https://abf.io/build_lists/3605416
https://abf.io/build_lists/3605417
Comment 1 Vladimir Potapov 2020-12-15 15:48:16 MSK 
*************************************
The update is sent to expanded testing
Comment 2 Vladimir Potapov 2020-12-21 18:02:59 MSK 
curl-7.74.0-1
https://abf.io/build_lists/3605416
https://abf.io/build_lists/3605417
******************************** Advisory ***************************
curl 7.74.0-1
- updated to 7.74.0 (includes fixes of CVE-2020-8286, CVE-2020-8285, CVE-2020-8231, CVE-2020-8284)
- packaged more docs
- enabled TLS SRP support in curl-libressl / curl-gost
**********************************************************************
QA Verified