Samuel Henrique pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
5ca2fcff by Samuel Henrique at 2022-12-23T21:52:59+00:00
curl: Set fixed versions for CVE-2021-22923 and CVE-2021-22922
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -142347,14 +142347,14 @@ CVE-2021-22924 (libcurl keeps previously used
connections in a connection pool f
NOTE: Fixed by:
https://github.com/curl/curl/commit/5ea3145850ebff1dc2b13d17440300a01ca38161
(curl-7_78_0)
NOTE: https://www.openwall.com/lists/oss-security/2021/07/21/3
CVE-2021-22923 (When curl is instructed to get content using the metalink
feature, and ...)
- - curl <unfixed> (unimportant)
+ - curl 7.79.1-1 (unimportant)
NOTE: https://curl.se/docs/CVE-2021-22923.html
NOTE: https://www.openwall.com/lists/oss-security/2021/07/21/2
NOTE: The fix for earlier versions is to rebuild curl with the metalink
support
NOTE: switched off.
NOTE: Metalink support not enabled in Debian builds.
CVE-2021-22922 (When curl is instructed to download content using the metalink
feature ...)
- - curl <unfixed> (unimportant)
+ - curl 7.79.1-1 (unimportant)
NOTE: https://curl.se/docs/CVE-2021-22922.html
NOTE: https://www.openwall.com/lists/oss-security/2021/07/21/1
NOTE: The fix for earlier versions is to rebuild curl with the metalink
support
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5ca2fcffbd4bbcac85355927a42cc11791461f0c
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5ca2fcffbd4bbcac85355927a42cc11791461f0c
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
