https://curl.se/docs/CVE-2022-43551.html: CVE-2022-43551: Another HSTS bypass via IDN https://curl.se/docs/CVE-2022-43552.html: CVE-2022-43552: HTTP Proxy deny use-after-free Please bump to 7.87.0.
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=dfb0e7f0d149103492b0dd1d687df8c55c6c9fca commit dfb0e7f0d149103492b0dd1d687df8c55c6c9fca Author: Sam James <sam@gentoo.org> AuthorDate: 2022-12-21 23:08:59 +0000 Commit: Sam James <sam@gentoo.org> CommitDate: 2022-12-21 23:09:18 +0000 net-misc/curl: add 7.87.0 Bug: https://bugs.gentoo.org/887745 Signed-off-by: Sam James <sam@gentoo.org> net-misc/curl/Manifest | 2 + net-misc/curl/curl-7.87.0.ebuild | 299 +++++++++++++++++++++++++++++++++++++++ 2 files changed, 301 insertions(+)
The bug has been closed via the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=70e478afca6ee420e77c320a37bbb6045b6a302e commit 70e478afca6ee420e77c320a37bbb6045b6a302e Author: Matt Jolly <Matt.Jolly@footclan.ninja> AuthorDate: 2023-02-01 01:03:02 +0000 Commit: Sam James <sam@gentoo.org> CommitDate: 2023-02-01 07:25:59 +0000 net-misc/curl: drop 7.86.0-r3, 7.87.0-r1 Drop vulnerable and obsolete. Closes: https://bugs.gentoo.org/887745 Closes: https://bugs.gentoo.org/888801 Signed-off-by: Matt Jolly <Matt.Jolly@footclan.ninja> Closes: https://github.com/gentoo/gentoo/pull/29365 Signed-off-by: Sam James <sam@gentoo.org> net-misc/curl/Manifest | 2 - net-misc/curl/curl-7.86.0-r3.ebuild | 302 ------------------------------------ net-misc/curl/curl-7.87.0-r1.ebuild | 301 ----------------------------------- 3 files changed, 605 deletions(-)
Not to be closed!