[ubuntu/jammy-security] curl 7.81.0-1ubuntu1.6 (Accepted)
Marc Deslauriers
marc.deslauriers at canonical.com
Wed Oct 26 17:16:01 UTC 2022
curl (7.81.0-1ubuntu1.6) jammy-security; urgency=medium
* SECURITY UPDATE: POST following PUT confusion
- debian/patches/CVE-2022-32221.patch: when POST is set, reset the
'upload' field in lib/setopt.c.
- CVE-2022-32221
* SECURITY UPDATE: HTTP proxy double-free
- debian/patches/CVE-2022-42915.patch: restore the protocol pointer on
error in lib/http_proxy.c, lib/url.c.
- CVE-2022-42915
* SECURITY UPDATE: HSTS bypass via IDN
- debian/patches/CVE-2022-42916.patch: use IDN decoded names for HSTS
checks in lib/url.c.
- CVE-2022-42916
Date: 2022-10-25 15:26:08.829318+00:00
Changed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
https://launchpad.net/ubuntu/+source/curl/7.81.0-1ubuntu1.6
-------------- next part --------------
Sorry, changesfile not available.
More information about the jammy-changes
mailing list