Changes in Mini Update Released on 13-October-2023

This is a Mini PDL update release which is considerably smaller in size, containing data related to a specific component and a CVE.

This Update includes the changes described in the following sections.

Issues/Bugs Addressed

The following issues were addressed in the Update:

Issue ID	Issue Summary
SCA-50859	Addition of vulnerabilities "CVE-2023-38545" and "CVE-2023-38546" to curl/libcurl and related components

Updates to Curl and Libcurl Components

Added vulnerability information to the following Curl/Libcurl components:

Component ID	Component Name	URL
372	curl	https://sourceforge.net/projects/curl
63745	libcurl	https://directory.fsf.org/wiki?title=Libcurl&oldid=416
5400074	libcurl	http://curl.haxx.se/
5406656	curl	http://curl.haxx.se/
7466892	curl	http://curl.haxx.se
12395199	curl-curl	https://github.com/curl/curl
12960352	curl	https://directory.fsf.org/wiki?title=Curl&oldid=17934
27213212	curl	https://koji.fedoraproject.org/koji/packageinfo?packageID=curl
29960949	libcurl	https://pkgs.alpinelinux.org/package/v3.18/main/x86_64/libcurl
29968624	curl	https://pkgs.alpinelinux.org/package/v3.18/main/x86_64/curl
30362751	curl	https://tracker.debian.org/pkg/curl
22012687	pycurl	https://pypi.org/pypi/pycurl
4595372	pycurl-pycurl	https://github.com/pycurl/pycurl
8180	pycurl	https://sourceforge.net/projects/pycurl
21868341	pycurl	https://directory.fsf.org/wiki?title=PycURL&oldid=2278
3518205	curl	https://www.nuget.org/packages/curl
22329315	curl-vc140-static-32_64	https://www.nuget.org/packages/curl-vc140-static-32_64

Related to vulnerability CVEs:

• CVE - 2023-38545 (https://nvd.nist.gov/vuln/detail/CVE-2023-38545)

• CVE - 2023-38546 (https://nvd.nist.gov/vuln/detail/CVE-2023-38546)

  Issue ID	Issue Summary
  SCA-50859	Addition of vulnerabilities "CVE-2023-38545" and "CVE-2023-38546" to curl/libcurl and related components