Debian
curl package

curl 7.86.0-3 source package in Debian

Changelog

curl (7.86.0-3) unstable; urgency=medium

  * Fix two HSTS-related CVEs.
    - d/p/CVE-2022-43551-another-hsts-bypass-via-idn.patch: use the IDN
      decoded name in HSTS checks.
      (Closes: #1026829, CVE-2022-43551)
    - d/p/CVE-2022-43552-http-proxy-deny-use-after-free.patch: do not free
      smb's/telnet's protocol struct in *_done().
      (Closes: #1026830, CVE-2022-43552)

 -- Sergio Durigan Junior <email address hidden>  Wed, 21 Dec 2022 15:55:18 -0500

Upload details

Uploaded by:: Alessandro Ghedini on 2022-12-22

Uploaded to:: Sid

Original maintainer:: Alessandro Ghedini

Architectures:: any all

Section:: libs

Urgency:: Medium Urgency

See full publishing history Publishing

Series	Pocket	Published	Component	Section

Builds

Downloads

File	Size	SHA-256 Checksum
curl_7.86.0-3.dsc	2.9 KiB	0d827d32b5a11cfc755fac6df75641ac2a6236ceec4e1ada1086b8505835d58e
curl_7.86.0.orig.tar.gz	4.0 MiB	3dfdd39ba95e18847965cd3051ea6d22586609d9011d91df7bc5521288987a82
curl_7.86.0.orig.tar.gz.asc	488 bytes	8e31713d4513023e44a2034af660b2af6240a8501cadf153f96431cd34f5fc31
curl_7.86.0-3.debian.tar.xz	40.7 KiB	466e1fcf4fa5726ef86ee254c8725e11837395ebb9c41ee13fa4cea15b77956f

Available diffs

diff from 7.86.0-2build1 (in Ubuntu) to 7.86.0-3 (2.1 KiB)

No changes file available.

Debiancurl package

curl 7.86.0-3 source package in Debian

Changelog

Upload details

See full publishing history Publishing

Builds

Downloads

Available diffs

Binary packages built by this source

Debian
curl package