[Git][security-tracker-team/security-tracker][master] CVE-2022-27774,curl: postponed in Buster
Markus Koschany (@apo)
apo at debian.org
Sun Aug 28 23:58:40 BST 2022
Markus Koschany pushed to branch master at Debian Security Tracker / security-tracker
Commits:
acf9fd2f by Markus Koschany at 2022-08-29T00:57:55+02:00
CVE-2022-27774,curl: postponed in Buster
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -30503,6 +30503,7 @@ CVE-2022-27775 (An information disclosure vulnerability exists in curl 7.65.0 to
CVE-2022-27774 (An insufficiently protected credentials vulnerability exists in curl 4 ...)
{DSA-5197-1}
- curl 7.83.0-1 (bug #1010254)
+ [buster] - curl <postponed> (Needs further investigation)
NOTE: https://curl.se/docs/CVE-2022-27774.html
NOTE: Fixed by: https://github.com/curl/curl/commit/620ea21410030a9977396b4661806bc187231b79 (curl-7_83_0)
NOTE: Followup: https://github.com/curl/curl/commit/139a54ed0a172adaaf1a78d6f4fff50b2c3f9e08 (curl-7_83_0)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/acf9fd2f1a19e77d33c68b0e8149e0980b358259
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/acf9fd2f1a19e77d33c68b0e8149e0980b358259
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220828/91058a45/attachment.htm>
More information about the debian-security-tracker-commits
mailing list