ASA-202107-61 - log back

ASA-202107-61 edited at 22 Jul 2021 15:56:40
Workaround
- CVE-2021-22925 can be mitigated by avoiding to use CURLOPT_TELNETOPTIONS. No known workaround exists for CVE-2021-22924.
+ CVE-2021-22925 can be mitigated by avoiding to use
+ CURLOPT_TELNETOPTIONS. No known workaround exists for CVE-2021-22924.
Impact
- libcurl could disclose potentially sensitive memory contents to a remote server when an uncommon option for TELNET servers is used. Additionally, libcurl did not sufficiently verify the 'issuer cert' when reusing connections.
+ libcurl could disclose potentially sensitive memory contents to a remote server when an uncommon option for TELNET servers is used.
+ Additionally, libcurl did not sufficiently verify the 'issuer cert' when reusing connections.
ASA-202107-61 edited at 21 Jul 2021 21:46:09
Workaround
+ CVE-2021-22925 can be mitigated by avoiding to use CURLOPT_TELNETOPTIONS. No known workaround exists for CVE-2021-22924.
Impact
+ libcurl could disclose potentially sensitive memory contents to a remote server when an uncommon option for TELNET servers is used. Additionally, libcurl did not sufficiently verify the 'issuer cert' when reusing connections.
ASA-202107-61 created at 21 Jul 2021 21:45:59