AVG-241

Package curl
Status Fixed
Severity Medium
Type certificate verification bypass
Affected 7.53.1-2
Fixed 7.54.0-1
Current 7.64.0-9 [core]
Ticket None
Created Wed Apr 19 07:46:03 2017
Issue Severity Remote Type Description
CVE-2017-7468 Medium Yes Certificate verification bypass
libcurl from 7.52.0 to and including 7.53.1 would attempt to resume a TLS session even if the client certificate had changed. That is unacceptable since a...
Date Advisory Package Description
29 Apr 2017 ASA-201704-12 curl certificate verification bypass
References
https://curl.haxx.se/docs/adv_20170419.html