Resolves: CVE-2022-32205 - fix Set-Cookie denial of service
This commit is contained in:
parent
c76b2a1a9f
commit
45b18a48b4
740
0012-curl-7.82.0-CVE-2022-32205.patch
Normal file
740
0012-curl-7.82.0-CVE-2022-32205.patch
Normal file
File diff suppressed because one or more lines are too long
@ -43,6 +43,9 @@ Patch10: 0010-curl-7.82.0-CVE-2022-32208.patch
|
||||
# fix HTTP compression denial of service (CVE-2022-32206)
|
||||
Patch11: 0011-curl-7.82.0-CVE-2022-32206.patch
|
||||
|
||||
# fix Set-Cookie denial of service (CVE-2022-32205)
|
||||
Patch12: 0012-curl-7.82.0-CVE-2022-32205.patch
|
||||
|
||||
# patch making libcurl multilib ready
|
||||
Patch101: 0101-curl-7.32.0-multilib.patch
|
||||
|
||||
@ -228,6 +231,7 @@ be installed.
|
||||
%patch9 -p1
|
||||
%patch10 -p1
|
||||
%patch11 -p1
|
||||
%patch12 -p1
|
||||
|
||||
# Fedora patches
|
||||
%patch101 -p1
|
||||
@ -456,6 +460,7 @@ rm -f ${RPM_BUILD_ROOT}%{_libdir}/libcurl.la
|
||||
|
||||
%changelog
|
||||
* Wed Jun 29 2022 Kamil Dudka <kdudka@redhat.com> - 7.82.0-6
|
||||
- fix Set-Cookie denial of service (CVE-2022-32205)
|
||||
- fix HTTP compression denial of service (CVE-2022-32206)
|
||||
- fix FTP-KRB bad message verification (CVE-2022-32208)
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user