[ubuntu/focal-security] curl 7.68.0-1ubuntu2.13 (Accepted)
Mark Esler
mark.esler at canonical.com
Thu Sep 1 20:01:33 UTC 2022
curl (7.68.0-1ubuntu2.13) focal-security; urgency=medium
* SECURITY UPDATE: when curl sends back cookies with control bytes a
HTTP(S) server may return a 400 response
- debian/patches/CVE-2022-35252.patch: adds invalid_octets function
to lib/cookie.c to reject cookies with control bytes
- CVE-2022-35252
Date: 2022-09-01 03:08:34.266438+00:00
Changed-By: Mark Esler <mark.esler at canonical.com>
https://launchpad.net/ubuntu/+source/curl/7.68.0-1ubuntu2.13
-------------- next part --------------
Sorry, changesfile not available.
More information about the Focal-changes
mailing list