Overview

File _patchinfo of Package patchinfo.24877

<patchinfo incident="24877">
  <issue tracker="bnc" id="1200736">VUL-0: CVE-2022-32207: curl: Unpreserved file permissions</issue>
  <issue tracker="bnc" id="1200735">VUL-0: CVE-2022-32206: curl: HTTP compression denial of service</issue>
  <issue tracker="bnc" id="1200734">VUL-0: CVE-2022-32205: curl: Set-Cookie denial of service</issue>
  <issue tracker="bnc" id="1200737">VUL-0: CVE-2022-32208: curl: FTP-KRB bad message verification</issue>
  <issue tracker="cve" id="2022-32208"/>
  <issue tracker="cve" id="2022-32207"/>
  <issue tracker="cve" id="2022-32205"/>
  <issue tracker="cve" id="2022-32206"/>
  <packager>david.anes</packager>
  <rating>important</rating>
  <category>security</category>
  <summary>Security update for curl</summary>
  <description>This update for curl fixes the following issues:

- CVE-2022-32205: Set-Cookie denial of service (bsc#1200734)
- CVE-2022-32206: HTTP compression denial of service (bsc#1200735)
- CVE-2022-32207: Unpreserved file permissions (bsc#1200736)
- CVE-2022-32208: FTP-KRB bad message verification (bsc#1200737)
</description>
</patchinfo>
openSUSE Build Service is sponsored by
Places