From af0a59722c8d294fe39530d88693289bef9fc0f2 Mon Sep 17 00:00:00 2001
From: Patrick J Volkerding <volkerdi@slackware.com>
Date: Thu, 27 Oct 2022 02:30:15 +0000
Subject: Thu Oct 27 02:30:15 UTC 2022

patches/packages/curl-7.86.0-x86_64-1_slack15.0.txz:  Upgraded.
  This update fixes security issues:
  HSTS bypass via IDN.
  HTTP proxy double-free.
  .netrc parser out-of-bounds access.
  POST following PUT confusion.
  For more information, see:
    https://curl.se/docs/CVE-2022-42916.html
    https://curl.se/docs/CVE-2022-42915.html
    https://curl.se/docs/CVE-2022-35260.html
    https://curl.se/docs/CVE-2022-32221.html
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42916
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42915
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35260
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32221
  (* Security fix *)
---
 patches/packages/curl-7.86.0-x86_64-1_slack15.0.txt | 11 +++++++++++
 1 file changed, 11 insertions(+)
 create mode 100644 patches/packages/curl-7.86.0-x86_64-1_slack15.0.txt

(limited to 'patches/packages/curl-7.86.0-x86_64-1_slack15.0.txt')

diff --git a/patches/packages/curl-7.86.0-x86_64-1_slack15.0.txt b/patches/packages/curl-7.86.0-x86_64-1_slack15.0.txt
new file mode 100644
index 000000000..54c4e875d
--- /dev/null
+++ b/patches/packages/curl-7.86.0-x86_64-1_slack15.0.txt
@@ -0,0 +1,11 @@
+curl: curl (command line URL data transfer tool)
+curl:
+curl: Curl is a command line tool for transferring data specified with URL
+curl: syntax. The command is designed to work without user interaction or
+curl: any kind of interactivity. Curl offers a busload of useful tricks
+curl: like proxy support, user authentication, ftp upload, HTTP post,  SSL
+curl: (https:) connections, cookies, file transfer resume and more.
+curl:
+curl: libcurl is a library that Curl uses to do its job. It is readily
+curl: available to be used by your software, too.
+curl:
-- 
cgit v1.2.3-80-g2a13