[CLSA-2026:1783705168] curl: Fix of CVE-2026-11856
Type:
security
Severity:
Moderate
Release date:
2026-07-10 17:39:54 UTC
Description:
- CVE-2026-11856: flush cached HTTP Digest auth state when the origin or credentials change on the same easy handle so a challenge computed for one origin or set of credentials is not reused for another
CVEs fixed:
Updated packages:
  • curl-7.76.1-31.el9_2.1.tuxcare.els13.x86_64.rpm
    sha:a6c944a4dc0a72c87f9b1b8e8740f0ed80ec09abc6a7c35b202dc43918e0311d
  • curl-minimal-7.76.1-31.el9_2.1.tuxcare.els13.x86_64.rpm
    sha:f26248bf307bc53afa6d47e5cd3d6529690e91874a063fba22dc5f3e3723a1f7
  • libcurl-7.76.1-31.el9_2.1.tuxcare.els13.i686.rpm
    sha:71e1209d69b3964fc73640a8c5789b3edbe3f77ef1cfe7184c183008f18cde2d
  • libcurl-7.76.1-31.el9_2.1.tuxcare.els13.x86_64.rpm
    sha:5847f6f8a89c92244be8136fdfec38db66d7658eaac130f36bd3a18b76438c1b
  • libcurl-devel-7.76.1-31.el9_2.1.tuxcare.els13.i686.rpm
    sha:b27d04ae4bddace53628c11cc351e7758ce38506207f454e10371959423e2e33
  • libcurl-devel-7.76.1-31.el9_2.1.tuxcare.els13.x86_64.rpm
    sha:665a04b5719aa6b8c638a500a1e298d0eb90adeb8917b67c1e783182522771a6
  • libcurl-minimal-7.76.1-31.el9_2.1.tuxcare.els13.i686.rpm
    sha:f6d891d25cbbdae4c5e1f61652af7661926ce9728cc6dbd9eb31985d3f07b57a
  • libcurl-minimal-7.76.1-31.el9_2.1.tuxcare.els13.x86_64.rpm
    sha:7e01bd76601fd848c217f8b230ec24b43bc12c6ca01f17cf969a53cbc119927b
Notes:
This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.