ELA-780-2 curl regression update

regression in libcurl

2023-02-10
Packagecurl
Version7.38.0-4+deb8u25 (jessie)
Related CVEs CVE-2022-27774


The patches for CVE-2022-27774 caused a regression in libcurl which could result in a segmentation fault. The root cause has been identified and the patches have been revised.



For Debian 8 jessie, these problems have been fixed in version 7.38.0-4+deb8u25.

We recommend that you upgrade your curl packages.

Further information about Extended LTS security advisories can be found in the dedicated section of our website.