stable

curl-7.85.0-2.fc37

FEDORA-2022-e9d65906c4 created by kdudka 11 months ago for Fedora 37
  • url: use IDN decoded names for HSTS checks (CVE-2022-42916)
  • http_proxy: restore the protocol pointer on error (CVE-2022-42915)
  • netrc: replace fgets with Curl_get_line (CVE-2022-35260)
  • fix POST following PUT confusion (CVE-2022-32221)

How to install

Updates may require up to 24 hours to propagate to mirrors. If the following command doesn't work, please retry later:

sudo dnf upgrade --refresh --advisory=FEDORA-2022-e9d65906c4

This update has been submitted for testing by kdudka.

11 months ago

This update's test gating status has been changed to 'waiting'.

11 months ago

This update's test gating status has been changed to 'passed'.

11 months ago

This update has been pushed to testing.

11 months ago

kdudka edited this update.

11 months ago
User Icon bojan commented & provided feedback 11 months ago
karma

Works.

User Icon jfoster commented & provided feedback 11 months ago
karma

working

This update can be pushed to stable now if the maintainer wishes

11 months ago
karma

This update has been submitted for stable by bodhi.

10 months ago
User Icon kdudka commented & provided feedback 10 months ago

Thank you for testing the update!

User Icon nb provided feedback 10 months ago
karma

This update has been pushed to stable.

10 months ago

Please login to add feedback.

Metadata
Type
security
Severity
medium
Karma
4
Signed
Content Type
RPM
Test Gating
Settings
Unstable by Karma
-3
Stable by Karma
3
Stable by Time
14 days
Dates
submitted
11 months ago
in testing
11 months ago
in stable
10 months ago
modified
11 months ago
BZ#2137769 CVE-2022-42916 curl: HSTS bypass via IDN [fedora-all]
0
0
BZ#2137780 CVE-2022-32221 curl: POST following PUT confusion [fedora-all]
0
0
BZ#2138111 CVE-2022-42915 curl: HTTP proxy double-free [fedora-all]
0
0

Automated Test Results