Changes in Mini Update Released on 13-October-2023

This is a Mini PDL update release which is considerably smaller in size, containing data related to a specific component and a CVE.

This Update includes the changes described in the following sections.

Issues/Bugs Addressed

The following issues were addressed in the Update:

Issue ID	Issue Summary
SCA-50859	Addition of vulnerabilities "CVE-2023-38545" and "CVE-2023-38546" to curl/libcurl and related components

Updates to Curl and Libcurl Components

Added vulnerability information to the following Curl/Libcurl components:

Component ID	Component Name	URL
372	curl	https://sourceforge\.net/projects/curl
63745	libcurl	https://directory\.fsf\.org/wiki?title=Libcurl&oldid=416
5400074	libcurl	http://curl\.haxx\.se/
5406656	curl	http://curl\.haxx\.se/
7466892	curl	http://curl\.haxx\.se
12395199	curl-curl	https://github\.com/curl/curl
12960352	curl	https://directory\.fsf\.org/wiki?title=Curl&oldid=17934
27213212	curl	https://koji\.fedoraproject\.org/koji/packageinfo?packageID=curl
29960949	libcurl	https://pkgs\.alpinelinux\.org/package/v3\.18/main/x86\_64/libcurl
29968624	curl	https://pkgs\.alpinelinux\.org/package/v3\.18/main/x86\_64/curl
30362751	curl	https://tracker\.debian\.org/pkg/curl
22012687	pycurl	https://pypi\.org/pypi/pycurl
4595372	pycurl-pycurl	https://github\.com/pycurl/pycurl
8180	pycurl	https://sourceforge\.net/projects/pycurl
21868341	pycurl	https://directory\.fsf\.org/wiki?title=PycURL&oldid=2278
3518205	curl	https://www\.nuget\.org/packages/curl
22329315	curl-vc140-static-32_64	https://www\.nuget\.org/packages/curl\-vc140\-static\-32\_64

Related to vulnerability CVEs:

• CVE - 2023-38545 (https://nvd.nist.gov/vuln/detail/CVE-2023-38545)

• CVE - 2023-38546 (https://nvd.nist.gov/vuln/detail/CVE-2023-38546)

  Issue ID	Issue Summary
  SCA-50859	Addition of vulnerabilities "CVE-2023-38545" and "CVE-2023-38546" to curl/libcurl and related components