| Package | curl |
|---|---|
| Version | 7.38.0-4+deb8u18 |
| Related CVEs | CVE-2020-8231 |
An issue has been found in curl, a command line tool for transferring data with URL syntax. In rare circumstances, when using the multi API of curl in combination with CURLOPT_CONNECT_ONLY, the wrong connection might be used when transfering data later.
For Debian 8 jessie, these problems have been fixed in version 7.38.0-4+deb8u18.
We recommend that you upgrade your curl packages.
Further information about Extended LTS security advisories can be found in the dedicated section of our website.