libcurl would reuse a previously created connection even when a TLS or SSHrelated option had been changed that should have prohibited reuse.libcurl keeps previously used connections in a connection pool for subsequenttransfers to reuse if one of them matches the setup. However, several TLS andSSH settings were left out from the configuration match checks, making themmatch too easily.
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Curl | Haxx | * | 7.83.1 (excluding) |
| Red Hat Enterprise Linux 8 | RedHat | curl-0:7.61.1-22.el8_6.3 | * |
| Red Hat Enterprise Linux 9 | RedHat | curl-0:7.76.1-14.el9_0.4 | * |
| Red Hat Enterprise Linux 9 | RedHat | curl-0:7.76.1-14.el9_0.4 | * |
| Curl | Ubuntu | bionic | * |
| Curl | Ubuntu | devel | * |
| Curl | Ubuntu | esm-infra-legacy/trusty | * |
| Curl | Ubuntu | esm-infra/bionic | * |
| Curl | Ubuntu | esm-infra/focal | * |
| Curl | Ubuntu | esm-infra/xenial | * |
| Curl | Ubuntu | focal | * |
| Curl | Ubuntu | impish | * |
| Curl | Ubuntu | jammy | * |
| Curl | Ubuntu | trusty/esm | * |
| Curl | Ubuntu | upstream | * |