"When curl retrieves and parses cookies from an HTTP(S) server, it accepts cookies using control codes (byte values below 32). When cookies that contain such control codes are later sent back to an HTTP(S) server, it might make the server return a 400 response. Effectively allowing a "sister site" to deny service to siblings. We are not aware of any exploit of this flaw." Please bump to 7.85.0.
Please cleanup
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/data/glsa.git/commit/?id=d4066956acc3f238eef20bbbad18f982301dd80b commit d4066956acc3f238eef20bbbad18f982301dd80b Author: GLSAMaker <glsamaker@gentoo.org> AuthorDate: 2022-12-19 01:59:44 +0000 Commit: John Helmert III <ajak@gentoo.org> CommitDate: 2022-12-19 02:04:27 +0000 [ GLSA 202212-01 ] curl: Multiple Vulnerabilities Bug: https://bugs.gentoo.org/803308 Bug: https://bugs.gentoo.org/813270 Bug: https://bugs.gentoo.org/841302 Bug: https://bugs.gentoo.org/843824 Bug: https://bugs.gentoo.org/854708 Bug: https://bugs.gentoo.org/867679 Bug: https://bugs.gentoo.org/878365 Signed-off-by: GLSAMaker <glsamaker@gentoo.org> Signed-off-by: John Helmert III <ajak@gentoo.org> glsa-202212-01.xml | 72 ++++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 72 insertions(+)
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=f92fca8369ead410f65536b53ab6f7c83c1d9c35 commit f92fca8369ead410f65536b53ab6f7c83c1d9c35 Author: John Helmert III <ajak@gentoo.org> AuthorDate: 2022-12-19 02:47:48 +0000 Commit: John Helmert III <ajak@gentoo.org> CommitDate: 2022-12-19 02:48:01 +0000 net-misc/curl: drop 7.84.0, 7.85.0-r2, 7.86.0-r2 Bug: https://bugs.gentoo.org/867679 Bug: https://bugs.gentoo.org/878365 Signed-off-by: John Helmert III <ajak@gentoo.org> net-misc/curl/Manifest | 4 - net-misc/curl/curl-7.84.0.ebuild | 290 ----------------------------------- net-misc/curl/curl-7.85.0-r2.ebuild | 287 ----------------------------------- net-misc/curl/curl-7.86.0-r2.ebuild | 291 ------------------------------------ 4 files changed, 872 deletions(-)
Tree is clean, all done.