VUL-0: CVE-2024-2004: curl: Usage of disabled protocol VUL-0: CVE-2024-2379: curl: QUIC certificate check bypass with wolfSSL VUL-0: CVE-2024-2398: curl: HTTP/2 push headers memory-leak VUL-0: CVE-2024-2466: curl: TLS certificate check bypass with mbedTLS VUL-0: CVE-2024-6197: curl: freeing stack buffer in utf8asn1str VUL-0: CVE-2024-7264: curl: ASN.1 date parser overread pmonrealgonzalez moderate security

Security update for curl

This update for curl fixes the following issues: Security issues fixed: - CVE-2024-7264: ASN.1 date parser overread (bsc#1228535) - CVE-2024-6197: Freeing stack buffer in utf8asn1str (bsc#1227888) - CVE-2024-2379: QUIC certificate check bypass with wolfSSL (bsc#1221666) - CVE-2024-2466: TLS certificate check bypass with mbedTLS (bsc#1221668) - CVE-2024-2004: Usage of disabled protocol (bsc#1221665) - CVE-2024-2398: HTTP/2 push headers memory-leak (bsc#1221667) Non-security issue fixed: - Fixed various TLS related issues including FTP over SSL transmission timeouts. curl