A curl security update has been released for Debian GNU/Linux 8 and 9 Extended LTS to address several vulnerabilities that could result in denial of service or information disclosure.
ELA-780-1 curl security update
Package : curl
ELA-780-1 curl security update
Version : 7.38.0-4+deb8u24 (jessie), 7.52.1-5+deb9u18 (stretch)
Related CVEs :
CVE-2022-27774
CVE-2022-27782
CVE-2022-32221
CVE-2022-35252
CVE-2022-43552
Several vulnerabilities were discovered in Curl, an easy-to-use client-side URL transfer library, which could result in denial of service or information disclosure. This update also revises the fix for CVE-2022-27782 released for stretch in
ELA-664-1.