Security update for curl SUSE Patch security@suse.de SUSE Security Team SUSE-SU-2024:3202-1 Final 1 1 2024-09-11T08:54:52Z current 2024-09-11T08:54:52Z 2024-09-11T08:54:52Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for curl This update for curl fixes the following issues: - CVE-2024-8096: OCSP stapling bypass with GnuTLS. (bsc#1230093) - CVE-2024-7264: ASN.1 date parser overread. (bsc#1228535) The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). Container suse/ltss/sle15.3/bci-base:latest-2024-3202,Container suse/sle-micro-rancher/5.2:latest-2024-3202,Container suse/sle-micro/5.1/toolbox:latest-2024-3202,Container suse/sle-micro/5.2/toolbox:latest-2024-3202,Container suse/sle15:15.2-2024-3202,Image SLES15-SP3-BYOS-Azure-2024-3202,Image SLES15-SP3-BYOS-EC2-HVM-2024-3202,Image SLES15-SP3-BYOS-GCE-2024-3202,Image SLES15-SP3-CHOST-BYOS-Aliyun-2024-3202,Image SLES15-SP3-CHOST-BYOS-Azure-2024-3202,Image SLES15-SP3-CHOST-BYOS-EC2-2024-3202,Image SLES15-SP3-CHOST-BYOS-GCE-2024-3202,Image SLES15-SP3-HPC-BYOS-Azure-2024-3202,Image SLES15-SP3-HPC-BYOS-EC2-HVM-2024-3202,Image SLES15-SP3-HPC-BYOS-GCE-2024-3202,Image SLES15-SP3-Micro-5-1-BYOS-Azure-2024-3202,Image SLES15-SP3-Micro-5-1-BYOS-EC2-HVM-2024-3202,Image SLES15-SP3-Micro-5-1-BYOS-GCE-2024-3202,Image SLES15-SP3-Micro-5-2-BYOS-Azure-2024-3202,Image SLES15-SP3-Micro-5-2-BYOS-EC2-HVM-2024-3202,Image SLES15-SP3-Micro-5-2-BYOS-GCE-2024-3202,Image SLES15-SP3-SAP-Azure-LI-BYOS-Production-2024-3202,Image SLES15-SP3-SAP-Azure-VLI-BYOS-Production-2024-3202,Image SLES15-SP3-SAP-BYOS-Azure-2024-3202,Image SLES15-SP3-SAP-BYOS-EC2-HVM-2024-3202,Image SLES15-SP3-SAP-BYOS-GCE-2024-3202,Image SLES15-SP3-SAPCAL-Azure-2024-3202,Image SLES15-SP3-SAPCAL-EC2-HVM-2024-3202,Image SLES15-SP3-SAPCAL-GCE-2024-3202,SUSE-2024-3202,SUSE-SUSE-MicroOS-5.1-2024-3202,SUSE-SUSE-MicroOS-5.2-2024-3202 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://www.suse.com/support/update/announcement/2024/suse-su-20243202-1/ Link for SUSE-SU-2024:3202-1 https://lists.suse.com/pipermail/sle-updates/2024-September/036853.html E-Mail link for SUSE-SU-2024:3202-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://bugzilla.suse.com/1228535 SUSE Bug 1228535 https://bugzilla.suse.com/1230093 SUSE Bug 1230093 https://www.suse.com/security/cve/CVE-2024-7264/ SUSE CVE CVE-2024-7264 page https://www.suse.com/security/cve/CVE-2024-8096/ SUSE CVE CVE-2024-8096 page Container suse/ltss/sle15.3/bci-base:latest Container suse/sle-micro-rancher/5.2:latest Container suse/sle-micro/5.1/toolbox:latest Container suse/sle-micro/5.2/toolbox:latest Container suse/sle15:15.2 Image SLES15-SP3-BYOS-Azure Image SLES15-SP3-BYOS-EC2-HVM Image SLES15-SP3-BYOS-GCE Image SLES15-SP3-CHOST-BYOS-Aliyun Image SLES15-SP3-CHOST-BYOS-Azure Image SLES15-SP3-CHOST-BYOS-EC2 Image SLES15-SP3-CHOST-BYOS-GCE Image SLES15-SP3-HPC-BYOS-Azure Image SLES15-SP3-HPC-BYOS-EC2-HVM Image SLES15-SP3-HPC-BYOS-GCE Image SLES15-SP3-Micro-5-1-BYOS-Azure Image SLES15-SP3-Micro-5-1-BYOS-EC2-HVM Image SLES15-SP3-Micro-5-1-BYOS-GCE Image SLES15-SP3-Micro-5-2-BYOS-Azure Image SLES15-SP3-Micro-5-2-BYOS-EC2-HVM Image SLES15-SP3-Micro-5-2-BYOS-GCE Image SLES15-SP3-SAP-Azure-LI-BYOS-Production Image SLES15-SP3-SAP-Azure-VLI-BYOS-Production Image SLES15-SP3-SAP-BYOS-Azure Image SLES15-SP3-SAP-BYOS-EC2-HVM Image SLES15-SP3-SAP-BYOS-GCE Image SLES15-SP3-SAPCAL-Azure Image SLES15-SP3-SAPCAL-EC2-HVM Image SLES15-SP3-SAPCAL-GCE SUSE Linux Enterprise Micro 5.1 SUSE Linux Enterprise Micro 5.2 curl-7.66.0-150200.4.78.1 libcurl4-7.66.0-150200.4.78.1 libcurl-devel-7.66.0-150200.4.78.1 libcurl4-32bit-7.66.0-150200.4.78.1 curl-mini-7.66.0-150200.4.78.1 libcurl-devel-32bit-7.66.0-150200.4.78.1 libcurl-devel-64bit-7.66.0-150200.4.78.1 libcurl-mini-devel-7.66.0-150200.4.78.1 libcurl4-64bit-7.66.0-150200.4.78.1 libcurl4-mini-7.66.0-150200.4.78.1 curl-7.66.0-150200.4.78.1 as a component of Container suse/ltss/sle15.3/bci-base:latest libcurl4-7.66.0-150200.4.78.1 as a component of Container suse/ltss/sle15.3/bci-base:latest curl-7.66.0-150200.4.78.1 as a component of Container suse/sle-micro-rancher/5.2:latest libcurl4-7.66.0-150200.4.78.1 as a component of Container suse/sle-micro-rancher/5.2:latest curl-7.66.0-150200.4.78.1 as a component of Container suse/sle-micro/5.1/toolbox:latest libcurl4-7.66.0-150200.4.78.1 as a component of Container suse/sle-micro/5.1/toolbox:latest curl-7.66.0-150200.4.78.1 as a component of Container suse/sle-micro/5.2/toolbox:latest libcurl4-7.66.0-150200.4.78.1 as a component of Container suse/sle-micro/5.2/toolbox:latest libcurl4-7.66.0-150200.4.78.1 as a component of Container suse/sle15:15.2 curl-7.66.0-150200.4.78.1 as a component of Image SLES15-SP3-BYOS-Azure libcurl4-7.66.0-150200.4.78.1 as a component of Image SLES15-SP3-BYOS-Azure curl-7.66.0-150200.4.78.1 as a component of Image SLES15-SP3-BYOS-EC2-HVM libcurl4-7.66.0-150200.4.78.1 as a component of Image SLES15-SP3-BYOS-EC2-HVM curl-7.66.0-150200.4.78.1 as a component of Image SLES15-SP3-BYOS-GCE libcurl4-7.66.0-150200.4.78.1 as a component of Image SLES15-SP3-BYOS-GCE curl-7.66.0-150200.4.78.1 as a component of Image SLES15-SP3-CHOST-BYOS-Aliyun libcurl4-7.66.0-150200.4.78.1 as a component of Image SLES15-SP3-CHOST-BYOS-Aliyun curl-7.66.0-150200.4.78.1 as a component of Image SLES15-SP3-CHOST-BYOS-Azure libcurl4-7.66.0-150200.4.78.1 as a component of Image SLES15-SP3-CHOST-BYOS-Azure curl-7.66.0-150200.4.78.1 as a component of Image SLES15-SP3-CHOST-BYOS-EC2 libcurl4-7.66.0-150200.4.78.1 as a component of Image SLES15-SP3-CHOST-BYOS-EC2 curl-7.66.0-150200.4.78.1 as a component of Image SLES15-SP3-CHOST-BYOS-GCE libcurl4-7.66.0-150200.4.78.1 as a component of Image SLES15-SP3-CHOST-BYOS-GCE curl-7.66.0-150200.4.78.1 as a component of Image SLES15-SP3-HPC-BYOS-Azure libcurl4-7.66.0-150200.4.78.1 as a component of Image SLES15-SP3-HPC-BYOS-Azure curl-7.66.0-150200.4.78.1 as a component of Image SLES15-SP3-HPC-BYOS-EC2-HVM libcurl4-7.66.0-150200.4.78.1 as a component of Image SLES15-SP3-HPC-BYOS-EC2-HVM curl-7.66.0-150200.4.78.1 as a component of Image SLES15-SP3-HPC-BYOS-GCE libcurl4-7.66.0-150200.4.78.1 as a component of Image SLES15-SP3-HPC-BYOS-GCE curl-7.66.0-150200.4.78.1 as a component of Image SLES15-SP3-Micro-5-1-BYOS-Azure libcurl4-7.66.0-150200.4.78.1 as a component of Image SLES15-SP3-Micro-5-1-BYOS-Azure curl-7.66.0-150200.4.78.1 as a component of Image SLES15-SP3-Micro-5-1-BYOS-EC2-HVM libcurl4-7.66.0-150200.4.78.1 as a component of Image SLES15-SP3-Micro-5-1-BYOS-EC2-HVM curl-7.66.0-150200.4.78.1 as a component of Image SLES15-SP3-Micro-5-1-BYOS-GCE libcurl4-7.66.0-150200.4.78.1 as a component of Image SLES15-SP3-Micro-5-1-BYOS-GCE curl-7.66.0-150200.4.78.1 as a component of Image SLES15-SP3-Micro-5-2-BYOS-Azure libcurl4-7.66.0-150200.4.78.1 as a component of Image SLES15-SP3-Micro-5-2-BYOS-Azure curl-7.66.0-150200.4.78.1 as a component of Image SLES15-SP3-Micro-5-2-BYOS-EC2-HVM libcurl4-7.66.0-150200.4.78.1 as a component of Image SLES15-SP3-Micro-5-2-BYOS-EC2-HVM curl-7.66.0-150200.4.78.1 as a component of Image SLES15-SP3-Micro-5-2-BYOS-GCE libcurl4-7.66.0-150200.4.78.1 as a component of Image SLES15-SP3-Micro-5-2-BYOS-GCE curl-7.66.0-150200.4.78.1 as a component of Image SLES15-SP3-SAP-Azure-LI-BYOS-Production libcurl4-7.66.0-150200.4.78.1 as a component of Image SLES15-SP3-SAP-Azure-LI-BYOS-Production curl-7.66.0-150200.4.78.1 as a component of Image SLES15-SP3-SAP-Azure-VLI-BYOS-Production libcurl4-7.66.0-150200.4.78.1 as a component of Image SLES15-SP3-SAP-Azure-VLI-BYOS-Production curl-7.66.0-150200.4.78.1 as a component of Image SLES15-SP3-SAP-BYOS-Azure libcurl4-7.66.0-150200.4.78.1 as a component of Image SLES15-SP3-SAP-BYOS-Azure curl-7.66.0-150200.4.78.1 as a component of Image SLES15-SP3-SAP-BYOS-EC2-HVM libcurl4-7.66.0-150200.4.78.1 as a component of Image SLES15-SP3-SAP-BYOS-EC2-HVM curl-7.66.0-150200.4.78.1 as a component of Image SLES15-SP3-SAP-BYOS-GCE libcurl4-7.66.0-150200.4.78.1 as a component of Image SLES15-SP3-SAP-BYOS-GCE curl-7.66.0-150200.4.78.1 as a component of Image SLES15-SP3-SAPCAL-Azure libcurl-devel-7.66.0-150200.4.78.1 as a component of Image SLES15-SP3-SAPCAL-Azure libcurl4-7.66.0-150200.4.78.1 as a component of Image SLES15-SP3-SAPCAL-Azure libcurl4-32bit-7.66.0-150200.4.78.1 as a component of Image SLES15-SP3-SAPCAL-Azure curl-7.66.0-150200.4.78.1 as a component of Image SLES15-SP3-SAPCAL-EC2-HVM libcurl-devel-7.66.0-150200.4.78.1 as a component of Image SLES15-SP3-SAPCAL-EC2-HVM libcurl4-7.66.0-150200.4.78.1 as a component of Image SLES15-SP3-SAPCAL-EC2-HVM libcurl4-32bit-7.66.0-150200.4.78.1 as a component of Image SLES15-SP3-SAPCAL-EC2-HVM curl-7.66.0-150200.4.78.1 as a component of Image SLES15-SP3-SAPCAL-GCE libcurl-devel-7.66.0-150200.4.78.1 as a component of Image SLES15-SP3-SAPCAL-GCE libcurl4-7.66.0-150200.4.78.1 as a component of Image SLES15-SP3-SAPCAL-GCE libcurl4-32bit-7.66.0-150200.4.78.1 as a component of Image SLES15-SP3-SAPCAL-GCE curl-7.66.0-150200.4.78.1 as a component of SUSE Linux Enterprise Micro 5.1 libcurl4-7.66.0-150200.4.78.1 as a component of SUSE Linux Enterprise Micro 5.1 curl-7.66.0-150200.4.78.1 as a component of SUSE Linux Enterprise Micro 5.2 libcurl4-7.66.0-150200.4.78.1 as a component of SUSE Linux Enterprise Micro 5.2 libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an ASN.1 Generalized Time field. If given an syntactically incorrect field, the parser might end up using -1 for the length of the *time fraction*, leading to a `strlen()` getting performed on a pointer to a heap buffer area that is not (purposely) null terminated. This flaw most likely leads to a crash, but can also lead to heap contents getting returned to the application when [CURLINFO_CERTINFO](https://curl.se/libcurl/c/CURLINFO_CERTINFO.html) is used. CVE-2024-7264 Container suse/ltss/sle15.3/bci-base:latest:curl-7.66.0-150200.4.78.1 Container suse/ltss/sle15.3/bci-base:latest:libcurl4-7.66.0-150200.4.78.1 Container suse/sle-micro-rancher/5.2:latest:curl-7.66.0-150200.4.78.1 Container suse/sle-micro-rancher/5.2:latest:libcurl4-7.66.0-150200.4.78.1 Container suse/sle-micro/5.1/toolbox:latest:curl-7.66.0-150200.4.78.1 Container suse/sle-micro/5.1/toolbox:latest:libcurl4-7.66.0-150200.4.78.1 Container suse/sle-micro/5.2/toolbox:latest:curl-7.66.0-150200.4.78.1 Container suse/sle-micro/5.2/toolbox:latest:libcurl4-7.66.0-150200.4.78.1 Container suse/sle15:15.2:libcurl4-7.66.0-150200.4.78.1 Image SLES15-SP3-BYOS-Azure:curl-7.66.0-150200.4.78.1 Image SLES15-SP3-BYOS-Azure:libcurl4-7.66.0-150200.4.78.1 Image SLES15-SP3-BYOS-EC2-HVM:curl-7.66.0-150200.4.78.1 Image SLES15-SP3-BYOS-EC2-HVM:libcurl4-7.66.0-150200.4.78.1 Image SLES15-SP3-BYOS-GCE:curl-7.66.0-150200.4.78.1 Image SLES15-SP3-BYOS-GCE:libcurl4-7.66.0-150200.4.78.1 Image SLES15-SP3-CHOST-BYOS-Aliyun:curl-7.66.0-150200.4.78.1 Image SLES15-SP3-CHOST-BYOS-Aliyun:libcurl4-7.66.0-150200.4.78.1 Image SLES15-SP3-CHOST-BYOS-Azure:curl-7.66.0-150200.4.78.1 Image SLES15-SP3-CHOST-BYOS-Azure:libcurl4-7.66.0-150200.4.78.1 Image SLES15-SP3-CHOST-BYOS-EC2:curl-7.66.0-150200.4.78.1 Image SLES15-SP3-CHOST-BYOS-EC2:libcurl4-7.66.0-150200.4.78.1 Image SLES15-SP3-CHOST-BYOS-GCE:curl-7.66.0-150200.4.78.1 Image SLES15-SP3-CHOST-BYOS-GCE:libcurl4-7.66.0-150200.4.78.1 Image SLES15-SP3-HPC-BYOS-Azure:curl-7.66.0-150200.4.78.1 Image SLES15-SP3-HPC-BYOS-Azure:libcurl4-7.66.0-150200.4.78.1 Image SLES15-SP3-HPC-BYOS-EC2-HVM:curl-7.66.0-150200.4.78.1 Image SLES15-SP3-HPC-BYOS-EC2-HVM:libcurl4-7.66.0-150200.4.78.1 Image SLES15-SP3-HPC-BYOS-GCE:curl-7.66.0-150200.4.78.1 Image SLES15-SP3-HPC-BYOS-GCE:libcurl4-7.66.0-150200.4.78.1 Image SLES15-SP3-Micro-5-1-BYOS-Azure:curl-7.66.0-150200.4.78.1 Image SLES15-SP3-Micro-5-1-BYOS-Azure:libcurl4-7.66.0-150200.4.78.1 Image SLES15-SP3-Micro-5-1-BYOS-EC2-HVM:curl-7.66.0-150200.4.78.1 Image SLES15-SP3-Micro-5-1-BYOS-EC2-HVM:libcurl4-7.66.0-150200.4.78.1 Image SLES15-SP3-Micro-5-1-BYOS-GCE:curl-7.66.0-150200.4.78.1 Image SLES15-SP3-Micro-5-1-BYOS-GCE:libcurl4-7.66.0-150200.4.78.1 Image SLES15-SP3-Micro-5-2-BYOS-Azure:curl-7.66.0-150200.4.78.1 Image SLES15-SP3-Micro-5-2-BYOS-Azure:libcurl4-7.66.0-150200.4.78.1 Image SLES15-SP3-Micro-5-2-BYOS-EC2-HVM:curl-7.66.0-150200.4.78.1 Image SLES15-SP3-Micro-5-2-BYOS-EC2-HVM:libcurl4-7.66.0-150200.4.78.1 Image SLES15-SP3-Micro-5-2-BYOS-GCE:curl-7.66.0-150200.4.78.1 Image SLES15-SP3-Micro-5-2-BYOS-GCE:libcurl4-7.66.0-150200.4.78.1 Image SLES15-SP3-SAP-Azure-LI-BYOS-Production:curl-7.66.0-150200.4.78.1 Image SLES15-SP3-SAP-Azure-LI-BYOS-Production:libcurl4-7.66.0-150200.4.78.1 Image SLES15-SP3-SAP-Azure-VLI-BYOS-Production:curl-7.66.0-150200.4.78.1 Image SLES15-SP3-SAP-Azure-VLI-BYOS-Production:libcurl4-7.66.0-150200.4.78.1 Image SLES15-SP3-SAP-BYOS-Azure:curl-7.66.0-150200.4.78.1 Image SLES15-SP3-SAP-BYOS-Azure:libcurl4-7.66.0-150200.4.78.1 Image SLES15-SP3-SAP-BYOS-EC2-HVM:curl-7.66.0-150200.4.78.1 Image SLES15-SP3-SAP-BYOS-EC2-HVM:libcurl4-7.66.0-150200.4.78.1 Image SLES15-SP3-SAP-BYOS-GCE:curl-7.66.0-150200.4.78.1 Image SLES15-SP3-SAP-BYOS-GCE:libcurl4-7.66.0-150200.4.78.1 Image SLES15-SP3-SAPCAL-Azure:curl-7.66.0-150200.4.78.1 Image SLES15-SP3-SAPCAL-Azure:libcurl-devel-7.66.0-150200.4.78.1 Image SLES15-SP3-SAPCAL-Azure:libcurl4-32bit-7.66.0-150200.4.78.1 Image SLES15-SP3-SAPCAL-Azure:libcurl4-7.66.0-150200.4.78.1 Image SLES15-SP3-SAPCAL-EC2-HVM:curl-7.66.0-150200.4.78.1 Image SLES15-SP3-SAPCAL-EC2-HVM:libcurl-devel-7.66.0-150200.4.78.1 Image SLES15-SP3-SAPCAL-EC2-HVM:libcurl4-32bit-7.66.0-150200.4.78.1 Image SLES15-SP3-SAPCAL-EC2-HVM:libcurl4-7.66.0-150200.4.78.1 Image SLES15-SP3-SAPCAL-GCE:curl-7.66.0-150200.4.78.1 Image SLES15-SP3-SAPCAL-GCE:libcurl-devel-7.66.0-150200.4.78.1 Image SLES15-SP3-SAPCAL-GCE:libcurl4-32bit-7.66.0-150200.4.78.1 Image SLES15-SP3-SAPCAL-GCE:libcurl4-7.66.0-150200.4.78.1 SUSE Linux Enterprise Micro 5.1:curl-7.66.0-150200.4.78.1 SUSE Linux Enterprise Micro 5.1:libcurl4-7.66.0-150200.4.78.1 SUSE Linux Enterprise Micro 5.2:curl-7.66.0-150200.4.78.1 SUSE Linux Enterprise Micro 5.2:libcurl4-7.66.0-150200.4.78.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2024/suse-su-20243202-1/ https://www.suse.com/security/cve/CVE-2024-7264.html CVE-2024-7264 https://bugzilla.suse.com/1228535 SUSE Bug 1228535 When curl is told to use the Certificate Status Request TLS extension, often referred to as OCSP stapling, to verify that the server certificate is valid, it might fail to detect some OCSP problems and instead wrongly consider the response as fine. If the returned status reports another error than 'revoked' (like for example 'unauthorized') it is not treated as a bad certficate. CVE-2024-8096 Container suse/ltss/sle15.3/bci-base:latest:curl-7.66.0-150200.4.78.1 Container suse/ltss/sle15.3/bci-base:latest:libcurl4-7.66.0-150200.4.78.1 Container suse/sle-micro-rancher/5.2:latest:curl-7.66.0-150200.4.78.1 Container suse/sle-micro-rancher/5.2:latest:libcurl4-7.66.0-150200.4.78.1 Container suse/sle-micro/5.1/toolbox:latest:curl-7.66.0-150200.4.78.1 Container suse/sle-micro/5.1/toolbox:latest:libcurl4-7.66.0-150200.4.78.1 Container suse/sle-micro/5.2/toolbox:latest:curl-7.66.0-150200.4.78.1 Container suse/sle-micro/5.2/toolbox:latest:libcurl4-7.66.0-150200.4.78.1 Container suse/sle15:15.2:libcurl4-7.66.0-150200.4.78.1 Image SLES15-SP3-BYOS-Azure:curl-7.66.0-150200.4.78.1 Image SLES15-SP3-BYOS-Azure:libcurl4-7.66.0-150200.4.78.1 Image SLES15-SP3-BYOS-EC2-HVM:curl-7.66.0-150200.4.78.1 Image SLES15-SP3-BYOS-EC2-HVM:libcurl4-7.66.0-150200.4.78.1 Image SLES15-SP3-BYOS-GCE:curl-7.66.0-150200.4.78.1 Image SLES15-SP3-BYOS-GCE:libcurl4-7.66.0-150200.4.78.1 Image SLES15-SP3-CHOST-BYOS-Aliyun:curl-7.66.0-150200.4.78.1 Image SLES15-SP3-CHOST-BYOS-Aliyun:libcurl4-7.66.0-150200.4.78.1 Image SLES15-SP3-CHOST-BYOS-Azure:curl-7.66.0-150200.4.78.1 Image SLES15-SP3-CHOST-BYOS-Azure:libcurl4-7.66.0-150200.4.78.1 Image SLES15-SP3-CHOST-BYOS-EC2:curl-7.66.0-150200.4.78.1 Image SLES15-SP3-CHOST-BYOS-EC2:libcurl4-7.66.0-150200.4.78.1 Image SLES15-SP3-CHOST-BYOS-GCE:curl-7.66.0-150200.4.78.1 Image SLES15-SP3-CHOST-BYOS-GCE:libcurl4-7.66.0-150200.4.78.1 Image SLES15-SP3-HPC-BYOS-Azure:curl-7.66.0-150200.4.78.1 Image SLES15-SP3-HPC-BYOS-Azure:libcurl4-7.66.0-150200.4.78.1 Image SLES15-SP3-HPC-BYOS-EC2-HVM:curl-7.66.0-150200.4.78.1 Image SLES15-SP3-HPC-BYOS-EC2-HVM:libcurl4-7.66.0-150200.4.78.1 Image SLES15-SP3-HPC-BYOS-GCE:curl-7.66.0-150200.4.78.1 Image SLES15-SP3-HPC-BYOS-GCE:libcurl4-7.66.0-150200.4.78.1 Image SLES15-SP3-Micro-5-1-BYOS-Azure:curl-7.66.0-150200.4.78.1 Image SLES15-SP3-Micro-5-1-BYOS-Azure:libcurl4-7.66.0-150200.4.78.1 Image SLES15-SP3-Micro-5-1-BYOS-EC2-HVM:curl-7.66.0-150200.4.78.1 Image SLES15-SP3-Micro-5-1-BYOS-EC2-HVM:libcurl4-7.66.0-150200.4.78.1 Image SLES15-SP3-Micro-5-1-BYOS-GCE:curl-7.66.0-150200.4.78.1 Image SLES15-SP3-Micro-5-1-BYOS-GCE:libcurl4-7.66.0-150200.4.78.1 Image SLES15-SP3-Micro-5-2-BYOS-Azure:curl-7.66.0-150200.4.78.1 Image SLES15-SP3-Micro-5-2-BYOS-Azure:libcurl4-7.66.0-150200.4.78.1 Image SLES15-SP3-Micro-5-2-BYOS-EC2-HVM:curl-7.66.0-150200.4.78.1 Image SLES15-SP3-Micro-5-2-BYOS-EC2-HVM:libcurl4-7.66.0-150200.4.78.1 Image SLES15-SP3-Micro-5-2-BYOS-GCE:curl-7.66.0-150200.4.78.1 Image SLES15-SP3-Micro-5-2-BYOS-GCE:libcurl4-7.66.0-150200.4.78.1 Image SLES15-SP3-SAP-Azure-LI-BYOS-Production:curl-7.66.0-150200.4.78.1 Image SLES15-SP3-SAP-Azure-LI-BYOS-Production:libcurl4-7.66.0-150200.4.78.1 Image SLES15-SP3-SAP-Azure-VLI-BYOS-Production:curl-7.66.0-150200.4.78.1 Image SLES15-SP3-SAP-Azure-VLI-BYOS-Production:libcurl4-7.66.0-150200.4.78.1 Image SLES15-SP3-SAP-BYOS-Azure:curl-7.66.0-150200.4.78.1 Image SLES15-SP3-SAP-BYOS-Azure:libcurl4-7.66.0-150200.4.78.1 Image SLES15-SP3-SAP-BYOS-EC2-HVM:curl-7.66.0-150200.4.78.1 Image SLES15-SP3-SAP-BYOS-EC2-HVM:libcurl4-7.66.0-150200.4.78.1 Image SLES15-SP3-SAP-BYOS-GCE:curl-7.66.0-150200.4.78.1 Image SLES15-SP3-SAP-BYOS-GCE:libcurl4-7.66.0-150200.4.78.1 Image SLES15-SP3-SAPCAL-Azure:curl-7.66.0-150200.4.78.1 Image SLES15-SP3-SAPCAL-Azure:libcurl-devel-7.66.0-150200.4.78.1 Image SLES15-SP3-SAPCAL-Azure:libcurl4-32bit-7.66.0-150200.4.78.1 Image SLES15-SP3-SAPCAL-Azure:libcurl4-7.66.0-150200.4.78.1 Image SLES15-SP3-SAPCAL-EC2-HVM:curl-7.66.0-150200.4.78.1 Image SLES15-SP3-SAPCAL-EC2-HVM:libcurl-devel-7.66.0-150200.4.78.1 Image SLES15-SP3-SAPCAL-EC2-HVM:libcurl4-32bit-7.66.0-150200.4.78.1 Image SLES15-SP3-SAPCAL-EC2-HVM:libcurl4-7.66.0-150200.4.78.1 Image SLES15-SP3-SAPCAL-GCE:curl-7.66.0-150200.4.78.1 Image SLES15-SP3-SAPCAL-GCE:libcurl-devel-7.66.0-150200.4.78.1 Image SLES15-SP3-SAPCAL-GCE:libcurl4-32bit-7.66.0-150200.4.78.1 Image SLES15-SP3-SAPCAL-GCE:libcurl4-7.66.0-150200.4.78.1 SUSE Linux Enterprise Micro 5.1:curl-7.66.0-150200.4.78.1 SUSE Linux Enterprise Micro 5.1:libcurl4-7.66.0-150200.4.78.1 SUSE Linux Enterprise Micro 5.2:curl-7.66.0-150200.4.78.1 SUSE Linux Enterprise Micro 5.2:libcurl4-7.66.0-150200.4.78.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2024/suse-su-20243202-1/ https://www.suse.com/security/cve/CVE-2024-8096.html CVE-2024-8096 https://bugzilla.suse.com/1230093 SUSE Bug 1230093