Abhijith PA pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
5b9d6872 by Abhijith PA at 2024-11-14T15:12:06+05:30
Reserve DLA-3951-1 for curl
- - - - -
2 changed files:
- data/CVE/list
- data/DLA/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -16975,7 +16975,6 @@ CVE-2024-1656 (Affected versions of Octopus Server had
a weak content security p
CVE-2024-8096 (When curl is told to use the Certificate Status Request TLS
extension, ...)
- curl 8.10.0-1
[bookworm] - curl 7.88.1-10+deb12u8
- [bullseye] - curl <postponed> (Minor issue)
NOTE: https://curl.se/docs/CVE-2024-8096.html
NOTE: Introduced with:
https://github.com/curl/curl/commit/f13669a375f5bfd14797bda91642cabe076974fa
(curl-7_41_0)
NOTE: Fixed by:
https://github.com/curl/curl/commit/aeb1a281cab13c7ba791cb104e556b20e713941f
(curl-8_10_0)
=====================================
data/DLA/list
=====================================
@@ -1,3 +1,6 @@
+[14 Nov 2024] DLA-3951-1 curl - security update
+ {CVE-2024-8096}
+ [bullseye] - curl 7.74.0-1.3+deb11u14
[11 Nov 2024] DLA-3950-1 libarchive - security update
{CVE-2021-36976 CVE-2022-26280 CVE-2022-36227 CVE-2024-20696}
[bullseye] - libarchive 3.4.3-2+deb11u2
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5b9d68727680c5b678d61b88bd3fb7beb894fb67
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5b9d68727680c5b678d61b88bd3fb7beb894fb67
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
