diff options
| author | Moritz Mühlenhoff <jmm@debian.org> | 2023-12-23 19:59:24 +0100 |
|---|---|---|
| committer | Moritz Mühlenhoff <jmm@debian.org> | 2023-12-23 19:59:24 +0100 |
| commit | cc0388946ba384dfb0abc225b6148a867a1e0613 (patch) | |
| tree | d9eb6b4920b84c9970f66ddb201da70a06f5e0d2 /data | |
| parent | 1983db926d8b1bfd38474d49382ae49b8544b45b (diff) | |
curl DSA
Diffstat (limited to 'data')
| -rw-r--r-- | data/CVE/list | 1 | ||||
| -rw-r--r-- | data/DSA/list | 4 | ||||
| -rw-r--r-- | data/dsa-needed.txt | 3 |
3 files changed, 5 insertions, 3 deletions
diff --git a/data/CVE/list b/data/CVE/list index 4859750531..bc9c6f54de 100644 --- a/data/CVE/list +++ b/data/CVE/list @@ -3777,6 +3777,7 @@ CVE-2023-46218 (This flaw allows a malicious HTTP server to set "super cookies" NOTE: https://curl.se/docs/CVE-2023-46218.html CVE-2023-46219 (When saving HSTS data to an excessively long file name, curl could end ...) - curl 8.5.0-1 (bug #1057645) + [bookworm] - curl 7.88.1-10+deb12u5 [bullseye] - curl <ignored> (curl is not built with HSTS support) [buster] - curl <not-affected> (Not affected by CVE-2022-32207) NOTE: Introduced by: https://github.com/curl/curl/commit/20f9dd6bae50b7223171b17ba7798946e74f877f (curl-7_84_0) diff --git a/data/DSA/list b/data/DSA/list index 1f1bb3b3f0..ce6423b79d 100644 --- a/data/DSA/list +++ b/data/DSA/list @@ -1,3 +1,7 @@ +[23 Dec 2023] DSA-5587-1 curl - security update + {CVE-2023-46218} + [bullseye] - curl 7.74.0-1.3+deb11u11 + [bookworm] - curl 7.88.1-10+deb12u5 [22 Dec 2023] DSA-5586-1 openssh - security update {CVE-2023-48795 CVE-2023-51385} [bullseye] - openssh 1:8.4p1-5+deb11u3 diff --git a/data/dsa-needed.txt b/data/dsa-needed.txt index f7bb2a800b..6bbf62e385 100644 --- a/data/dsa-needed.txt +++ b/data/dsa-needed.txt @@ -16,9 +16,6 @@ asterisk -- cryptojs -- -curl (jmm) - Samuel Henrique provided debdiffs for review --- dnsdist (jmm) -- frr |