[CLSA-2026:1784123512] curl: Fix of CVE-2026-11856
Type:
security
Severity:
Moderate
Release date:
2026-07-15 13:52:05 UTC
Description:
- CVE-2026-11856: flush Digest auth state on origin or credential change to avoid leaking the Authorization header across origins on handle reuse
CVEs fixed:
Updated packages:
  • curl-7.61.1-34.el8.tuxcare.els9.x86_64.rpm
    sha:ea00de79701cd39542b03d61c8779991414a2839385cfd5d8f350f2016894c22
  • curl-minimal-7.61.1-34.el8.tuxcare.els9.x86_64.rpm
    sha:28ac3ad1e618b43107c7c6a5384bfd1d7b9f602ef00acf7a778e25f1f70a2fce
  • libcurl-7.61.1-34.el8.tuxcare.els9.i686.rpm
    sha:b2e95061792efa7a3300641020d531672d6d76c6deecbd8c1a557521f6c1be08
  • libcurl-7.61.1-34.el8.tuxcare.els9.x86_64.rpm
    sha:9abe281d7b39c3979c87069e654db5840d030a1b3662059cb1ef5e61e6e75520
  • libcurl-devel-7.61.1-34.el8.tuxcare.els9.i686.rpm
    sha:8311e75676b6c572e2fe65a6bf34d02631624bb7e45469cec9dfa0738842fde9
  • libcurl-devel-7.61.1-34.el8.tuxcare.els9.x86_64.rpm
    sha:96dbabe93d0e4dfe3a3e9278d919112bf1c0a9f815fd41531662da74db1efb7f
  • libcurl-minimal-7.61.1-34.el8.tuxcare.els9.i686.rpm
    sha:a26d9faace4587eb1c27b4cbe99cc82f4eb0780014e8cf5e73b03a1c019cc90b
  • libcurl-minimal-7.61.1-34.el8.tuxcare.els9.x86_64.rpm
    sha:9e4c36b5bc81f7189e0d837b8c6477829086236c7306071b80f025ffd1775b0e
Notes:
This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.