Debian 10260 Published by

A curl security update has been released for Debian GNU/Linux 8 and 9 Extended LTS to address an issue that could lead to cookie injection from a file named none under certain circumstances.



ELA-982-1 curl security update

Package : curl
Version : 7.38.0-4+deb8u27 (jessie), 7.52.1-5+deb9u20 (stretch)

Related CVEs :
CVE-2023-38546

An issue was found in Curl, an easy-to-use client-side URL transfer library
and command line tool, which could lead to cookie injection from a file
named none under certain circumstances.

ELA-982-1 curl security update