Univention Bugzilla – Bug 55760
curl: Multiple issues (5.0)
Last modified: 2023-03-01 14:55:26 CET
New Debian curl 7.64.0-4+deb10u5 fixes: This update addresses the following issue: * HTTP multi-header compression denial of service (CVE-2023-23916)
--- mirror/ftp/pool/main/c/curl/curl_7.64.0-4+deb10u4.dsc +++ apt/ucs_5.0-0-errata5.0-3/source/curl_7.64.0-4+deb10u5.dsc @@ -1,3 +1,8 @@ +7.64.0-4+deb10u5 [Fri, 24 Feb 2023 09:25:01 +0200] Adrian Bunk <bunk@debian.org>: + + * Non-maintainer upload by the LTS Team. + * CVE-2023-23916: HTTP multi-header compression denial of service + 7.64.0-4+deb10u4 [Thu, 26 Jan 2023 08:47:05 -0500] Roberto C. Sánchez <roberto@debian.org>: * Non-maintainer upload by the LTS Team. <http://piuparts.knut.univention.de/5.0-3/#358382355046960382>
OK: bug OK: yaml OK: announce_errata OK: patch OK: piuparts [5.0-3] 6729464c59 Bug #55760: curl 7.64.0-4+deb10u5 doc/errata/staging/curl.yaml | 12 ++++++++++++ 1 file changed, 12 insertions(+)
<https://errata.software-univention.de/#/?erratum=5.0x596>