1. Forum
  2. USENET
  3. comp.sys.tandem

  • ITUGLIB Update: Curl 7.84.0

    From Randall@rsbecker@nexbridge.com to comp.sys.tandem on Wed Jun 29 15:52:47 2022
    From Newsgroup: comp.sys.tandem

    Hi Everyone,

    I am pleased to announce that Curl 7.84.0 is now available on the ITUGLIB website. This addresses the following CVEs:

    CVE-2022-32205 (low) described at https://curl.se/docs/CVE-2022-32205.html : Set-Cookie denial of service.
    CVE-2022-32206 (medium) https://curl.se/docs/CVE-2022-32206.html: HTTP compression denial of service.
    CVE-2022-32207 (medium) https://curl.se/docs/CVE-2022-32207.html: Unpreserved file permissions.
    CVE-2022-32208 (low) https://curl.se/docs/CVE-2022-32208.html: FTP-KRB bad message verification.

    As usual, this is built for OpenSSL 3.0, 1.1.1, and 1.0.2.

    Regards,
    Randall Becker
    On behalf of the ITUGLIB Technical Committee
    --- Synchronet 3.21d-Linux NewsLink 1.2