[Bug 271497] ftp/curl: security update to 8.1.0
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Thu, 18 May 2023 21:21:18 UTC
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=271497 Bug ID: 271497 Summary: ftp/curl: security update to 8.1.0 Product: Ports & Packages Version: Latest Hardware: Any OS: Any Status: New Severity: Affects Many People Priority: --- Component: Individual Port(s) Assignee: sunpoet@FreeBSD.org Reporter: rcm@rcm.sh Flags: maintainer-feedback?(sunpoet@FreeBSD.org) Assignee: sunpoet@FreeBSD.org Created attachment 242259 --> https://bugs.freebsd.org/bugzilla/attachment.cgi?id=242259&action=edit ftp/curl: update to 8.1.0 https://curl.se/docs/security.html This security update addresses 4 CVEs: * CVE-2023-28319: UAF in SSH sha256 fingerprint check * CVE-2023-28320: siglongjmp race condition * CVE-2023-28321: IDN wildcard match * CVE-2023-28322: more POST-after-PUT confusion -- You are receiving this mail because: You are the assignee for the bug.