diff options
| author | Thorsten Alteholz <debian@alteholz.de> | 2020-07-29 13:51:03 +0200 |
|---|---|---|
| committer | Thorsten Alteholz <debian@alteholz.de> | 2020-07-29 13:52:14 +0200 |
| commit | 5408f20ddd87b2b7613e417ac92c3c534716da84 (patch) | |
| tree | 1ce761a7541232893b1363c2e2839a339b9337a5 /english | |
| parent | 064e482835518b7d8f25be9c5d2f158f558fe4c5 (diff) | |
dla-2295
Diffstat (limited to 'english')
| -rw-r--r-- | english/lts/security/2020/dla-2295.data | 10 | ||||
| -rw-r--r-- | english/lts/security/2020/dla-2295.wml | 28 |
2 files changed, 38 insertions, 0 deletions
diff --git a/english/lts/security/2020/dla-2295.data b/english/lts/security/2020/dla-2295.data new file mode 100644 index 00000000000..57864ee1303 --- /dev/null +++ b/english/lts/security/2020/dla-2295.data @@ -0,0 +1,10 @@ +<define-tag pagetitle>DLA-2295-1 curl</define-tag> +<define-tag report_date>2020-7-28</define-tag> +<define-tag secrefs>CVE-2020-8177</define-tag> +<define-tag packages>curl</define-tag> +<define-tag isvulnerable>yes</define-tag> +<define-tag fixed>yes</define-tag> +<define-tag fixed-section>no</define-tag> + +#use wml::debian::security + diff --git a/english/lts/security/2020/dla-2295.wml b/english/lts/security/2020/dla-2295.wml new file mode 100644 index 00000000000..f3144e80432 --- /dev/null +++ b/english/lts/security/2020/dla-2295.wml @@ -0,0 +1,28 @@ +<define-tag description>LTS security update</define-tag> +<define-tag moreinfo> + +<p>A vulnerbailty was found in curl, a command line tool for transferring +data with URL syntax.</p> + +<p>When using when using -J (--remote-header-name) and -i (--include) in +the same command line, a malicious server could force curl to overwrite +the contents of local files with incoming HTTP headers.</p> + + +<p>For Debian 9 stretch, this problem has been fixed in version +7.52.1-5+deb9u11.</p> + +<p>We recommend that you upgrade your curl packages.</p> + +<p>For the detailed security status of curl please refer to +its security tracker page at: +<a href="https://security-tracker.debian.org/tracker/curl">https://security-tracker.debian.org/tracker/curl</a></p> + +<p>Further information about Debian LTS security advisories, how to apply +these updates to your system and frequently asked questions can be +found at: <a href="https://wiki.debian.org/LTS">https://wiki.debian.org/LTS</a></p> +</define-tag> + +# do not modify the following line +#include "$(ENGLISHDIR)/lts/security/2020/dla-2295.data" +# $Id: $ |