Wind River Support Network

HomeDefectsLIN1018-6979
Fixed

LIN1018-6979 : Security Advisory - curl - CVE-2020-8286

Created: Dec 8, 2020    Updated: Mar 23, 2021
Resolved Date: Mar 23, 2021
Found In Version: 10.18.44.1
Severity: Standard
Applicable for: Wind River Linux LTS 18
Component/s: Userspace

Description

The vulnerability is present only if OpenSSL is the designated TLS backend. OCSP stapling is not enabled by default by libcurl, it needs to be explicitly enabled by the application to get used.
https://curl.se/docs/CVE-2020-8286.html

CREATE(Triage):(User=admin) [CVE-2020-8286|https://nvd.nist.gov/vuln/detail/CVE-2020-8286]

CVEs

Live chat
Online
  • Linkedin
  • Facebook
  • Twitter
  • Youtube