Request 816919 (declined)

Overview

Request 816919 declined

- Security fix: [bsc#1173027, CVE-2020-8177]
* curl can be tricked my a malicious server to overwrite a local
file when using '-J' ('--remote-header-name') and '-i' ('--head')
in the same command line.
- Add curl-CVE-2020-8177.patch

- Security fix: [bsc#1173026, CVE-2020-8169]
* Partial password leak over DNS on HTTP redirect
- Add curl-CVE-2020-8169.patch

Created by msmeissn almost 4 years ago
In state declined
Open review for SUSE:SLE-15-SP2:Update / curl.15495
Open review for factory-staging
Open review for origin-reviewers

Submit curl.15495

Comments for request 816919 0

Request History

msmeissn created request almost 4 years ago

- Security fix: [bsc#1173026, CVE-2020-8169]
* Partial password leak over DNS on HTTP redirect
- Add curl-CVE-2020-8169.patch

licensedigger accepted review almost 4 years ago

factory-auto accepted review almost 4 years ago

Check script succeeded

origin-manager added origin-reviewers as a reviewer almost 4 years ago

Changing to a lower priority origin.

origin: SUSE:SLE-15-SP2:GA~
origin_old: SUSE:SLE-15-SP2:GA

origin-manager added opensuse-review-team as a reviewer almost 4 years ago

Additional review required based on origin.

origin-manager accepted review almost 4 years ago

origin: SUSE:SLE-15-SP2:GA~
origin_old: SUSE:SLE-15-SP2:GA

namtrac accepted review almost 4 years ago

lkocman-factory declined request almost 4 years ago

Hello openSUSE contributor

this submission didn't make it to the openSUSE Leap 15.2 Gold Master
Please submit it as a maintenance update instead.

https://en.opensuse.org/openSUSE:Maintenance_update_process

Thank you for your understanding

openSUSE Release team

Places

Overview