package release.debian.org tags 1136033 = trixie pending thanks Hi,
The upload referenced by this bug report has been flagged for acceptance into the proposed-updates queue for Debian trixie. Thanks for your contribution! Upload details ============== Package: curl Version: 8.14.1-2+deb13u4 Explanation: fix bearer token redirect leaks [CVE-2025-14524 CVE-2026-3783]; correct OpenSSL CA cache reuse [CVE-2025-14819]; fix HTTP Negotiate and proxy connection reuse [CVE-2026-1965 CVE-2026-3784 CVE-2026-5545]; prevent clear-text STARTTLS connection reuse [CVE-2026-4873]; fix SMB use-after-free and wrong share reuse [CVE-2026-3805 CVE-2026-5773]; clear redirected host/proxy/netrc credentials [CVE-2026-6253 CVE-2026-6429]; prevent stale cookie leaks [CVE-2026-6276]; clear proxy Digest state when switching proxies [CVE-2026-7168]

