On Wed, 2025-02-19 at 21:57 -0300, Matheus Polkorny wrote:
> The reason is to fix CVE-2024-11053 [1], when both a `.netrc` file
> for credentials and HTTP redirects are used, curl could leak the
> password from the first host to the redirect target in certain cases.
I'm not sure if either of the s
Control: tags -1 + confirmed
On Wed, 2025-02-19 at 21:57 -0300, Matheus Polkorny wrote:
> The reason is to fix CVE-2024-11053 [1], when both a `.netrc` file
> for credentials and HTTP redirects are used, curl could leak the
> password from the first host to the redirect target in certain cases.
P
Processing control commands:
> tags -1 + confirmed
Bug #1098397 [release.debian.org] bookworm-pu: package curl/7.88.1-10+deb12u10
Added tag(s) confirmed.
--
1098397: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098397
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
Package: release.debian.org
Severity: normal
Tags: bookworm
X-Debbugs-Cc: c...@packages.debian.org
Control: affects -1 + src:curl
User: release.debian@packages.debian.org
Usertags: pu
[ Reason ]
The reason is to fix CVE-2024-11053 [1], when both a `.netrc` file for
credentials and HTTP redirec
4 matches
Mail list logo
