-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian LTS Advisory DLA-2734-1 debian-...@lists.debian.org https://www.debian.org/lts/security/ Adrian Bunk August 09, 2021 https://wiki.debian.org/LTS - -------------------------------------------------------------------------
Package : curl Version : 7.52.1-5+deb9u15 CVE ID : CVE-2021-22898 CVE-2021-22924 Debian Bug : 989228 991492 Several vulnerabilities were fixed in curl, a client-side URL transfer library. CVE-2021-22898 Information disclosure in connection to telnet servers. CVE-2021-22924 Bad connection reuse due to flawed path name checks. For Debian 9 stretch, these problems have been fixed in version 7.52.1-5+deb9u15. We recommend that you upgrade your curl packages. For the detailed security status of curl please refer to its security tracker page at: https://security-tracker.debian.org/tracker/curl Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEOvp1f6xuoR0v9F3wiNJCh6LYmLEFAmEV9c8ACgkQiNJCh6LY mLFELQ/+OjSngsdTi3UaNHxt94qCdCUhfSCtiN5650n5do1kouZgMYPESuwxcCoc b8w1nYwoABjYICY0H1ogDHSpi0svdEDqXlHVAVIQLRGt4Ms7uG60/mSOFWcDsEJM 7onA/bCwTL1bPSvBciA5ESbB+Me2Wf7WkyBjtR2UBTCno/mgqHPM/H1UIthir3Al Z/mp1E1PvxknKAX3kGuRz61P8Qn8/2YGuEtuBjZ0L7OPNZcVyIdjR8ikeZZIduEG XOdx04rF0maaSn8KPzFXMLrd7X04SA3/5RuTjLGiS0PRfMjfi8VwlIhe42h2f+mv RtHyRaegGL/AO6eBN/H/LcbFfPKw0TSqRAP0MOh9wLSPx1/vu8icl4qLwUxAReQX sm/qpI2RFJgHg6N6H0ksEwtkYwNqWrSZZ0Dc3aNsYb1plRcEppAV+qyiOgJyxSMJ MH6GvWNxG1tsWESeNmHQ9bFHQ08uZTN7j3zd6Q5P/eGwwM/JiVaX+HI5GRY9rlO7 v5d/R4F7phtLBrJ6+dOWZP2xEY4l0TFktCflX9FI+X95QL7ilWs7YKoB765roW3c dSx7xFs2qfd9PTETStOPYiqHRFUD4aqrIP8j/2IqFkWL7YP4ffx3N3tu/FfPK14G zR+vFWXVlMkaZ6yFS2c4l5n6+VJY1h/VeLff/ivoXABOIzZpsKA= =ZKWS -----END PGP SIGNATURE-----