Bug 12967

Summary: Curl update to fix security issues
Product: [ROSA-based products] ROSA Fresh Reporter: Svyatoslav Matveev <s.matveev>
Component: Packages from MainAssignee: ROSA Linux Bugs <bugs>
Status: VERIFIED FIXED QA Contact: ROSA Linux Bugs <bugs>
Severity: critical    
Priority: High CC: a.proklov, e.malashin, v.potapov
Version: AllFlags: v.potapov: qa_verified+
a.proklov: published+
Target Milestone: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Platform: 2021.1 ROSA Vulnerability identifier:
RPM Package: ISO-related:
Bad POT generating: Upstream:

Description Svyatoslav Matveev 2022-12-01 21:55:55 MSK 
********** QA ADVISORY **********

The following vulnerabilities are closed by the update:

# CVE-2022-22576 | CVE-2022-27774 | CVE-2022-27775 | CVE-2022-27776
# CVE-2022-27778 | CVE-2022-27779 | CVE-2022-27780 | CVE-2022-27781
# CVE-2022-27782 | CVE-2022-30115 | CVE-2022-32205 | CVE-2022-32206
# CVE-2022-32207 | CVE-2022-32208 | CVE-2022-35252 |

*** curl
**  upd: 7.81.0 -> 7.86.0
*
https://abf.io/build_lists/4180276
https://abf.io/build_lists/4180275
https://abf.io/build_lists/4180277
https://abf.io/build_lists/4180279
https://abf.io/build_lists/4180278
Comment 1 e.malashin@rosalinux.ru 2022-12-02 09:02:51 MSK 
The update sent to testings
Comment 2 Vladimir Potapov 2022-12-07 17:19:59 MSK 
curl-7.86.0-1
https://abf.io/build_lists/4180276
https://abf.io/build_lists/4180275
https://abf.io/build_lists/4180277
https://abf.io/build_lists/4180279
https://abf.io/build_lists/4180278
****************************** Advisory ****************************
The following vulnerabilities are closed by the update:

# CVE-2022-22576 | CVE-2022-27774 | CVE-2022-27775 | CVE-2022-27776
# CVE-2022-27778 | CVE-2022-27779 | CVE-2022-27780 | CVE-2022-27781
# CVE-2022-27782 | CVE-2022-30115 | CVE-2022-32205 | CVE-2022-32206
# CVE-2022-32207 | CVE-2022-32208 | CVE-2022-35252 |

*** curl
**  upd: 7.81.0 -> 7.86.0
*
*********************************************************************
QA Verified