vulnerability: CVE-2024-7264 with Curl version
search cancel

vulnerability: CVE-2024-7264 with Curl version

book

Article ID: 378171

calendar_today

Updated On:

Products

SITEMINDER

Issue/Introduction

Description: 

 Path : /opt/CA/siteminder/lib/libcurl.so Installed version : 8.4.0 Fixed version : 8.9.1 Path : /opt/CA/siteminder/lib/libcurl.so.4 Installed version : 8.4.0 Fixed version : 8.9.1 Path : /opt/CA/siteminder/lib/libcurl.so.4.8.0 Installed version : 8.4.0 Fixed version : 8.9.1 Path : /opt/CA/siteminder-sp6/lib/libcurl.so Installed version : 7.77.0 Fixed version : 8.9.1 Path : /opt/CA/siteminder-sp6/lib/libcurl.so.4 Installed version : 7.77.0 Fixed version : 8.9.1 Path : /opt/CA/siteminder-sp6/lib/libcurl.so.4.7.0 Installed version : 7.77.0 Fixed version : 8.9.1 Path : /opt/CA/siteminder-sp6/siteminder/lib/libcurl.so Installed version : 8.4.0 Fixed version : 8.9.1 Path : /opt/CA/siteminder-sp6/siteminder/lib/libcurl.so.4 Installed version : 8.4.0 Fixed version : 8.9.1 Path : /opt/CA/siteminder-sp6/siteminder/lib/libcurl.so.4.8.0 Installed version : 8.4.0 Fixed version : 8.9.1

Environment

Siteminder release: 12.8.6 
OS: Linux

Resolution

filename: LibCurlPatch_8.10.0.zip 

bellow are the instructions for applying: 

steps to port 

  1. Unzip the file
  2. Take the backup of original files
  3. check libcurl.so files in siteminder/lib folder 
  4. copy the libcurl.so.4.8.0 to siteminder/lib folder.
  5. Also check any duplicate files available in siteminder lib folder

          [siteminder/lib]# ls libcurl*
          libcurl.so  libcurl.so.4
 

           Take the back up of these two files libcurl.so, libcurl.so.4 

           create a copy of libcurl.so.4.8.0 to another two files libcurl.so, libcurl.so.4

           cp  libcurl.so.4.8.0  libcurl.so

           cp  libcurl.so.4.8.0  libcurl.so.4  

Attachments

libcurlpatch_8.10.0.zip get_app
Powered by Wolken Software