package release.debian.org
tags 1136033 = trixie pending
thanks

Hi,

The upload referenced by this bug report has been flagged for acceptance into 
the proposed-updates queue for Debian trixie.

Thanks for your contribution!

Upload details
==============

Package: curl
Version: 8.14.1-2+deb13u4

Explanation: fix bearer token redirect leaks [CVE-2025-14524 CVE-2026-3783]; 
correct OpenSSL CA cache reuse [CVE-2025-14819]; fix HTTP Negotiate and proxy 
connection reuse [CVE-2026-1965 CVE-2026-3784 CVE-2026-5545]; prevent 
clear-text STARTTLS connection reuse [CVE-2026-4873]; fix SMB use-after-free 
and wrong share reuse [CVE-2026-3805 CVE-2026-5773]; clear redirected 
host/proxy/netrc credentials [CVE-2026-6253 CVE-2026-6429]; prevent stale 
cookie leaks [CVE-2026-6276]; clear proxy Digest state when switching proxies 
[CVE-2026-7168]

Reply via email to