Changes in Mini Update Released on 13-October-2023
This is a Mini PDL update release which is considerably smaller in size, containing data related to a specific component and a CVE.
This Update includes the changes described in the following sections.
Issues/Bugs Addressed
The following issues were addressed in the Update:
| Issue ID | Issue Summary | 
|---|---|
| SCA-50859 | Addition of vulnerabilities "CVE-2023-38545" and "CVE-2023-38546" to curl/libcurl and related components | 
Updates to Curl and Libcurl Components
Added vulnerability information to the following Curl/Libcurl components:
| Component ID | Component Name | URL | 
|---|---|---|
| 372 | curl | https://sourceforge\.net/projects/curl | 
| 63745 | libcurl | https://directory\.fsf\.org/wiki?title=Libcurl&oldid=416 | 
| 5400074 | libcurl | http://curl\.haxx\.se/ | 
| 5406656 | curl | http://curl\.haxx\.se/ | 
| 7466892 | curl | http://curl\.haxx\.se | 
| 12395199 | curl-curl | https://github\.com/curl/curl | 
| 12960352 | curl | https://directory\.fsf\.org/wiki?title=Curl&oldid=17934 | 
| 27213212 | curl | https://koji\.fedoraproject\.org/koji/packageinfo?packageID=curl | 
| 29960949 | libcurl | https://pkgs\.alpinelinux\.org/package/v3\.18/main/x86\_64/libcurl | 
| 29968624 | curl | https://pkgs\.alpinelinux\.org/package/v3\.18/main/x86\_64/curl | 
| 30362751 | curl | https://tracker\.debian\.org/pkg/curl | 
| 22012687 | pycurl | https://pypi\.org/pypi/pycurl | 
| 4595372 | pycurl-pycurl | https://github\.com/pycurl/pycurl | 
| 8180 | pycurl | https://sourceforge\.net/projects/pycurl | 
| 21868341 | pycurl | https://directory\.fsf\.org/wiki?title=PycURL&oldid=2278 | 
| 3518205 | curl | https://www\.nuget\.org/packages/curl | 
| 22329315 | curl-vc140-static-32_64 | https://www\.nuget\.org/packages/curl\-vc140\-static\-32\_64 | 
Related to vulnerability CVEs:
- 
CVE - 2023-38545 (https://nvd.nist.gov/vuln/detail/CVE-2023-38545) 
- 
CVE - 2023-38546 (https://nvd.nist.gov/vuln/detail/CVE-2023-38546) Issue ID Issue Summary SCA-50859 Addition of vulnerabilities "CVE-2023-38545" and "CVE-2023-38546" to curl/libcurl and related components