From 96bf53e55d898cd6e2090476ee0f9066138d9ea3 Mon Sep 17 00:00:00 2001
From: Patrick J Volkerding <volkerdi@slackware.com>
Date: Wed, 11 May 2022 19:01:59 +0000
Subject: Wed May 11 19:01:59 UTC 2022

patches/packages/curl-7.83.1-x86_64-1_slack15.0.txz:  Upgraded.
  This update fixes security issues:
  HSTS bypass via trailing dot.
  TLS and SSH connection too eager reuse.
  CERTINFO never-ending busy-loop.
  percent-encoded path separator in URL host.
  cookie for trailing dot TLD.
  curl removes wrong file on error.
  For more information, see:
    https://curl.se/docs/CVE-2022-30115.html
    https://curl.se/docs/CVE-2022-27782.html
    https://curl.se/docs/CVE-2022-27781.html
    https://curl.se/docs/CVE-2022-27780.html
    https://curl.se/docs/CVE-2022-27779.html
    https://curl.se/docs/CVE-2022-27778.html
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30115
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27782
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27781
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27780
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27779
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27778
  (* Security fix *)
---
 patches/packages/curl-7.83.1-x86_64-1_slack15.0.txt | 11 +++++++++++
 1 file changed, 11 insertions(+)
 create mode 100644 patches/packages/curl-7.83.1-x86_64-1_slack15.0.txt

(limited to 'patches/packages/curl-7.83.1-x86_64-1_slack15.0.txt')

diff --git a/patches/packages/curl-7.83.1-x86_64-1_slack15.0.txt b/patches/packages/curl-7.83.1-x86_64-1_slack15.0.txt
new file mode 100644
index 000000000..54c4e875d
--- /dev/null
+++ b/patches/packages/curl-7.83.1-x86_64-1_slack15.0.txt
@@ -0,0 +1,11 @@
+curl: curl (command line URL data transfer tool)
+curl:
+curl: Curl is a command line tool for transferring data specified with URL
+curl: syntax. The command is designed to work without user interaction or
+curl: any kind of interactivity. Curl offers a busload of useful tricks
+curl: like proxy support, user authentication, ftp upload, HTTP post,  SSL
+curl: (https:) connections, cookies, file transfer resume and more.
+curl:
+curl: libcurl is a library that Curl uses to do its job. It is readily
+curl: available to be used by your software, too.
+curl:
-- 
cgit v1.2.3-65-gdbad