[ubuntu/jammy-security] curl 7.81.0-1ubuntu1.7 (Accepted)
Marc Deslauriers
marc.deslauriers at canonical.com
Thu Jan 5 17:07:16 UTC 2023
curl (7.81.0-1ubuntu1.7) jammy-security; urgency=medium
* SECURITY UPDATE: Another HSTS bypass via IDN
- debian/patches/CVE-2022-43551.patch: use the IDN decoded name in HSTS
checks in lib/http.c.
- CVE-2022-43551
* SECURITY UPDATE: HTTP Proxy deny use-after-free
- debian/patches/CVE-2022-43552.patch: do not free the protocol struct
in *_done() in lib/smb.c, lib/telnet.c.
- CVE-2022-43552
Date: 2023-01-04 17:56:08.999123+00:00
Changed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
https://launchpad.net/ubuntu/+source/curl/7.81.0-1ubuntu1.7
-------------- next part --------------
Sorry, changesfile not available.
More information about the jammy-changes
mailing list