Univention Bugzilla – Bug 56941
curl: Multiple issues (5.0)
Last modified: 2023-12-27 15:44:12 CET
New Debian curl 7.64.0-4+deb10u8 fixes: This update addresses the following issues: 7.64.0-4+deb10u8 (Sun, 17 Dec 2023 23:18:25 +0200) * Non-maintainer upload by the LTS Team. * CVE-2023-28322: POST-after-PUT confusion. * CVE-2023-46218: Cookie mixed case PSL bypass. [ Boyuan Yang ] * Reduce verbose "Expire in" ... messages. [ Samuel Henrique ] * Set CURL_PATCHSTAMP to package's version, so it shows up in "--version" output. * Add debian/salsa-ci.yml
--- mirror/ftp/pool/main/c/curl/curl_7.64.0-4+deb10u7.dsc +++ apt/ucs_5.0-0-errata5.0-6/source/curl_7.64.0-4+deb10u8.dsc @@ -1,3 +1,17 @@ +7.64.0-4+deb10u8 [Sun, 17 Dec 2023 23:18:25 +0200] Adrian Bunk <bunk@debian.org>: + + * Non-maintainer upload by the LTS Team. + * CVE-2023-28322: POST-after-PUT confusion. + * CVE-2023-46218: Cookie mixed case PSL bypass. + + [ Boyuan Yang ] + * Reduce verbose "Expire in" ... messages. (Closes: #926148) + + [ Samuel Henrique ] + * Set CURL_PATCHSTAMP to package's version, + so it shows up in "--version" output. + * Add debian/salsa-ci.yml + 7.64.0-4+deb10u7 [Wed, 11 Oct 2023 12:40:37 +0200] Emilio Pozuelo Monfort <pochu@debian.org>: * Non-maintainer upload by the LTS team. <http://piuparts.knut.univention.de/5.0-6/#5370874879876902198>
OK: bug OK: yaml OK: piuparts Verified
<https://errata.software-univention.de/#/?erratum=5.0x905>