curl 7.86.0-3 source package in Debian
Changelog
curl (7.86.0-3) unstable; urgency=medium * Fix two HSTS-related CVEs. - d/p/CVE-2022-43551-another-hsts-bypass-via-idn.patch: use the IDN decoded name in HSTS checks. (Closes: #1026829, CVE-2022-43551) - d/p/CVE-2022-43552-http-proxy-deny-use-after-free.patch: do not free smb's/telnet's protocol struct in *_done(). (Closes: #1026830, CVE-2022-43552) -- Sergio Durigan Junior <email address hidden> Wed, 21 Dec 2022 15:55:18 -0500
Upload details
- Uploaded by:
- Alessandro Ghedini
- Uploaded to:
- Sid
- Original maintainer:
- Alessandro Ghedini
- Architectures:
- any all
- Section:
- libs
- Urgency:
- Medium Urgency
See full publishing history Publishing
Series | Published | Component | Section |
---|
Builds
Downloads
File | Size | SHA-256 Checksum |
---|---|---|
curl_7.86.0-3.dsc | 2.9 KiB | 0d827d32b5a11cfc755fac6df75641ac2a6236ceec4e1ada1086b8505835d58e |
curl_7.86.0.orig.tar.gz | 4.0 MiB | 3dfdd39ba95e18847965cd3051ea6d22586609d9011d91df7bc5521288987a82 |
curl_7.86.0.orig.tar.gz.asc | 488 bytes | 8e31713d4513023e44a2034af660b2af6240a8501cadf153f96431cd34f5fc31 |
curl_7.86.0-3.debian.tar.xz | 40.7 KiB | 466e1fcf4fa5726ef86ee254c8725e11837395ebb9c41ee13fa4cea15b77956f |
Available diffs
No changes file available.