Release date:
2024-03-18 18:29:24 UTC
Description:
* SECURITY UPDATE: Improper cookie domain verification allows malicious HTTP
server to set 'super cookies' in package
- debian/control: Build-Depends: add libpsl-dev
- debian/patches/CVE-2023-46218.patch: Lowercase domain names before PSL
checks to ensure proper comparison
- CVE-2023-46218
Updated packages:
-
curl_7.47.0-1ubuntu2.23+tuxcare.els11_amd64.deb
sha:c7c972aedb292425640c93768cf065266080ec62
-
libcurl3_7.47.0-1ubuntu2.23+tuxcare.els11_amd64.deb
sha:ad308ff5cc6606f7b95610bf63293442553c9478
-
libcurl3-gnutls_7.47.0-1ubuntu2.23+tuxcare.els11_amd64.deb
sha:d2fa39051c32f2eb69f3ad85628dd979232a47f4
-
libcurl3-nss_7.47.0-1ubuntu2.23+tuxcare.els11_amd64.deb
sha:a955bbeced9dd0a716c01d790a3a42d3b3837fcd
-
libcurl4-doc_7.47.0-1ubuntu2.23+tuxcare.els11_all.deb
sha:c188fa5d15bb93fd73bf013ef4d97b6a7e5421c9
-
libcurl4-gnutls-dev_7.47.0-1ubuntu2.23+tuxcare.els11_amd64.deb
sha:8a3442036ff25f9b5c8b7a698e877eafe4b2385a
-
libcurl4-nss-dev_7.47.0-1ubuntu2.23+tuxcare.els11_amd64.deb
sha:311ca09d4e2f4f7943c9e7b244b8841c7d573dec
-
libcurl4-openssl-dev_7.47.0-1ubuntu2.23+tuxcare.els11_amd64.deb
sha:1432a7ef72e6ce8b9ff12507a0df7677df7be53f
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.
