[ubuntu/bionic-updates] curl 7.58.0-2ubuntu3.20 (Accepted)
Ubuntu Archive Robot
ubuntu-archive-robot at lists.canonical.com
Thu Sep 1 20:28:20 UTC 2022
curl (7.58.0-2ubuntu3.20) bionic-security; urgency=medium
* SECURITY UPDATE: when curl sends back cookies with control bytes a
HTTP(S) server may return a 400 response
- debian/patches/CVE-2022-35252.patch: adds invalid_octets function
to lib/cookie.c to reject cookies with control bytes
- CVE-2022-35252
Date: 2022-09-01 03:08:36.732686+00:00
Changed-By: Mark Esler <mark.esler at canonical.com>
Signed-By: Ubuntu Archive Robot <ubuntu-archive-robot at lists.canonical.com>
https://launchpad.net/ubuntu/+source/curl/7.58.0-2ubuntu3.20
-------------- next part --------------
Sorry, changesfile not available.
More information about the Bionic-changes
mailing list