Univention Bugzilla – Bug 53658
curl: Multiple issues (4.4)
Last modified: 2021-08-18 17:58:26 CEST
New Debian curl 7.52.1-5+deb9u15 fixes: This update addresses the following issues: * TELNET stack contents disclosure (CVE-2021-22898) * bad connection reuse due to flawed path name checks (CVE-2021-22924)
--- mirror/ftp/4.4/unmaintained/component/4.4-8-errata/source/curl_7.52.1-5+deb9u14.dsc +++ apt/ucs_4.4-0-errata4.4-8/source/curl_7.52.1-5+deb9u15.dsc @@ -1,3 +1,9 @@ +7.52.1-5+deb9u15 [Sun, 08 Aug 2021 22:57:19 +0300] Adrian Bunk <bunk@debian.org>: + + * Non-maintainer upload by the LTS team. + * CVE-2021-22898: Information disclosure in connection to telnet servers. + * CVE-2021-22924: Bad connection reuse due to flawed path name checks. + 7.52.1-5+deb9u14 [Sat, 15 May 2021 18:11:21 +0200] Sylvain Beucler <beuc@debian.org>: * Non-maintainer upload by the LTS Security Team. <http://piuparts.knut.univention.de/4.4-8/#8640689909868493472>
OK: yaml OK: announce_errata OK: patch OK: piuparts [4.4-8] a3302e39be Bug #53658: curl 7.52.1-5+deb9u15 doc/errata/staging/curl.yaml | 14 ++++++++++++++ 1 file changed, 14 insertions(+)
<https://errata.software-univention.de/#/?erratum=4.4x1027>