Summary: | <net-misc/curl-8.6.0: OCSP verification bypass with TLS session reuse | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Sam James <sam> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | IN_PROGRESS --- | ||
Severity: | normal | CC: | base-system, kangie |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | https://curl.se/docs/CVE-2024-0853.html | ||
Whiteboard: | B4 [stable?] | ||
Package list: | Runtime testing required: | --- |
Description
Sam James
2024-01-31 10:29:24 UTC
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=37801e438b1b11c3ec8c06678b647aea906c2d93 commit 37801e438b1b11c3ec8c06678b647aea906c2d93 Author: Matt Jolly <Matt.Jolly@footclan.ninja> AuthorDate: 2024-01-31 10:14:03 +0000 Commit: Sam James <sam@gentoo.org> CommitDate: 2024-01-31 10:29:52 +0000 net-misc/curl: add 8.6.0 Bug: https://bugs.gentoo.org/923413 Signed-off-by: Matt Jolly <Matt.Jolly@footclan.ninja> Signed-off-by: Sam James <sam@gentoo.org> net-misc/curl/Manifest | 2 + net-misc/curl/curl-8.6.0.ebuild | 365 ++++++++++++++++++++++++++++++++++++++++ 2 files changed, 367 insertions(+) |