Source: curl Version: 8.4.0-2 Severity: important Tags: security upstream X-Debbugs-Cc: [email protected], Debian Security Team <[email protected]> Control: found -1 7.88.1-10+deb12u4 Control: found -1 7.88.1-1
Hi, The following vulnerability was published for curl. CVE-2023-46219[0]: | curl: HSTS long file name clears contents For bullseye it can be ignored. For one we do not yet built there with HSTS support (although it was introduced codewise in upstrema later, the issue is introduced due to the fix for CVE-2022-32207). If you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2023-46219 https://www.cve.org/CVERecord?id=CVE-2023-46219 [1] https://curl.se/docs/CVE-2023-46219.html [2] https://github.com/curl/curl/commit/73b65e94f3531179de45c6f3c836a610e3d0a846 Regards, Salvatore
