Amazon Linux AMI Security Advisory: ALAS-2020-1444
Advisory Release Date: 2020-11-14 01:22 Pacific
Advisory Updated Date: 2020-11-16 21:17 Pacific
A flaw was found in libcurl from versions 7.29.0 through 7.71.1. An application that performs multiple requests with libcurl's multi API, and sets the `CURLOPT_CONNECT_ONLY` option, might experience libcurl using the wrong connection. The highest threat from this vulnerability is to data confidentiality. (CVE-2020-8231 )
Run yum update curl to update your system.