Wed Apr 27 21:43:51 UTC 202220220427214351_15.0

patches/packages/curl-7.83.0-x86_64-1_slack15.0.txz:  Upgraded.
  This update fixes security issues:
  OAUTH2 bearer bypass in connection re-use.
  Credential leak on redirect.
  Bad local IPv6 connection reuse.
  Auth/cookie leak on redirect.
  For more information, see:
    https://curl.se/docs/CVE-2022-22576.html
    https://curl.se/docs/CVE-2022-27774.html
    https://curl.se/docs/CVE-2022-27775.html
    https://curl.se/docs/CVE-2022-27776.html
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22576
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27774
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27775
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27776
  (* Security fix *)

1 files changed, 19 insertions, 0 deletions

diff --git a/patches/source/curl/slack-desc b/patches/source/curl/slack-desc
new file mode 100644
index 000000000..27c6abb70
--- /dev/null
+++ b/patches/source/curl/slack-desc
@@ -0,0 +1,19 @@
+# HOW TO EDIT THIS FILE:
+# The "handy ruler" below makes it easier to edit a package description. Line
+# up the first '|' above the ':' following the base package name, and the '|'
+# on the right side marks the last column you can put a character in. You must
+# make exactly 11 lines for the formatting to be correct. It's also
+# customary to leave one space after the ':'.
+
+    |-----handy-ruler------------------------------------------------------|
+curl: curl (command line URL data transfer tool)
+curl:
+curl: Curl is a command line tool for transferring data specified with URL
+curl: syntax. The command is designed to work without user interaction or
+curl: any kind of interactivity. Curl offers a busload of useful tricks
+curl: like proxy support, user authentication, ftp upload, HTTP post,  SSL
+curl: (https:) connections, cookies, file transfer resume and more.
+curl:
+curl: libcurl is a library that Curl uses to do its job. It is readily
+curl: available to be used by your software, too.
+curl: