Wind River Support Network

HomeDefectsLIN10-8020
Fixed

LIN10-8020 : Security Advisory - curl - CVE-2020-8286

Created: Dec 8, 2020    Updated: Apr 1, 2021
Resolved Date: Apr 1, 2021
Found In Version: 10.17.41.1
Severity: Standard
Applicable for: Wind River Linux LTS 17
Component/s: Userspace

Description

The vulnerability is present only if OpenSSL is the designated TLS backend. OCSP stapling is not enabled by default by libcurl, it needs to be explicitly enabled by the application to get used.
https://curl.se/docs/CVE-2020-8286.html

CREATE(Triage):(User=admin) [CVE-2020-8286|https://nvd.nist.gov/vuln/detail/CVE-2020-8286]

CVEs

Live chat
Online
  • Linkedin
  • Facebook
  • Twitter
  • Youtube