Debian Security Advisory 5587-1

Debian Security Advisory 5587-1: Posted Dec 26, 2023; Authored by Debian | Site debian.org; Debian Linux Security Advisory 5587-1 - Two security issues were discovered in Curl: Cookies were incorrectly validated against the public suffix list of domains and in same cases HSTS data could fail to save to disk.; tags | advisory; systems | linux, debian; advisories | CVE-2023-46218, CVE-2023-46219; SHA-256 | ee8b5da3ccedc4ad611c77989a7b82094859da7f9354c5d153f42704a855a11a; Download | Favorite | View

Debian Security Advisory 5587-1

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-5587-1                   security@debian.org
https://www.debian.org/security/                       Moritz Muehlenhoff
December 23, 2023                     https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : curl
CVE ID         : CVE-2023-46218 CVE-2023-46219

Two security issues were discovered in Curl: Cookies were incorrectly
validated against the public suffix list of domains and in same cases
HSTS data could fail to save to disk.

For the oldstable distribution (bullseye), these problems have been fixed
in version 7.74.0-1.3+deb11u11.

For the stable distribution (bookworm), these problems have been fixed in
version 7.88.1-10+deb12u5.

We recommend that you upgrade your curl packages.

For the detailed security status of curl please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/curl

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmWHL5wACgkQEMKTtsN8
TjZQ6g//Vkn19s5W4JDyQToH46D/GS8HU0yFFxl2FCTaQNVwipu0/o7MXJhn/bGP
SvSJUXXszXOrYNQXNLxnAb5HLkG98FZD+SNMLhz329ggYnUa3yOYjFnU5xbacRQV
tw7UN79ouX8bPCE6zJMuGqC6aA6JC7/RDTw15E3nqHeUtZagRK/y6Pp6lOXBveo0
+fRb3opi+hMeSMr4QC+zw2pAxCYn2mRaZl7a42vxZ4iiuEfjTxMzYdJZSqosmd4a
PIMcYtl8e1AmyDxD154rOzIVMobokcgx1CCmpPYbipiCuY2mp1Srm9GttSQSRTR0
buk0GJxjcsk+QU6HNJ58UHHSGiVhWlMr370kT3cotO0YDvtVBeF8vSdrP8zmNoKQ
IyBW9WP56XHgUvd+t7YN7tlUH11r9yZBZ04DAgGmW/QzLu6JHzmwKJx9JxxDr34y
Y+mimCp9wI/ft3C0i/uarT1q6AsXA/LNXc1pqdU8QuXrJg2lAaMqqU8YT8l6iVi5
i169oP0oezvOii5R/vw3cd/zzpKsNVwLyZfUWATYLRqzpbUbr94MsPCS+7fKOawY
hCnAhUxx6/aDIWZmlVXkFtxbkskkBe9TTgc4nD0WVev7gPyImzSKzoaWYRMnsGMV
DbdJgai96T4lXYI2PM2Gh4mZDdjqC4jubvSKJaM4MNF5Pq6VHf0=rARX
-----END PGP SIGNATURE-----

Top Authors In Last 30 Days

Red Hat 292 files
Ubuntu 66 files
Debian 33 files
Gentoo 28 files
LiquidWorm 10 files
nu11secur1ty 7 files
Adam Gowdiak 4 files
kai6u 3 files
liquidsky 3 files
malvuln 3 files

File Archives

Systems

AIX (429)
Apple (2,078)
BSD (376)
CentOS (58)
Cisco (1,927)
Debian (7,036)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,495)
HPUX (880)
iOS (373)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (49,555)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (488)
RedHat (15,729)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,487)
UNIX (9,397)
UnixWare (187)
Windows (6,656)
Other

Debian Security Advisory 5587-1

Debian Security Advisory 5587-1

File Archive:

May 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems

Debian Security Advisory 5587-1

Share This

Debian Security Advisory 5587-1

File Archive:

May 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems