-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3341-1 debian-...@lists.debian.org https://www.debian.org/lts/security/ Adrian Bunk February 24, 2023 https://wiki.debian.org/LTS - -------------------------------------------------------------------------
Package : curl Version : 7.64.0-4+deb10u5 CVE ID : CVE-2023-23916 Debian Bug : 1031371 HTTP multi-header compression denial of service has been fixed in curl, a command line tool and library for transferring data with URLs. For Debian 10 buster, this problem has been fixed in version 7.64.0-4+deb10u5. We recommend that you upgrade your curl packages. For the detailed security status of curl please refer to its security tracker page at: https://security-tracker.debian.org/tracker/curl Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEOvp1f6xuoR0v9F3wiNJCh6LYmLEFAmP4nKwACgkQiNJCh6LY mLHRPhAArz0793ekL6VwFNcpFbPfRmM0YracDoKoF/6p3zrJ5QVNiFEGuAn1p5gB Gx8dk718Jdu4Ph+sMed48a5B1k1z8Qp4v9xNlt2B+aHFFQez5fkyP8ZyUAyhUaiu nzEbm2eAT5LsoI8URdwRpjDYnZj0IBYJu1jt38tqQoBzUikWV6eC3yeh9NYFUNYB ZYFqJi+bOOpsptLvUAfRXHXToC+7nmsBLQdWr3lrELWfwhhJD+HAU/YI5FaP6Fa5 f8AiVgvYAugoF1IQHuPpBepUwZOynYgTBTBffG3ca4NRsbfDt1Z9GL7Z0/q4rNNB J53eihMmPRzxVoODsuHtwRjGkMQXO/7YeVAfHbYCUwGut2haWRcW3SDf82kI36cF mFojO6cV7n37ylZ2C1XHFM23599DnTvGtVESBY5mpKkhrI7redTWl+BC8n8vuwfW 7bdvXr/0iO0UKBpdnPTyEqEhZ/y9gFnBTk1f0LezpJxa7DHvXmSSJ1c2FJWzRPsn fEPB16KG8x1qMoiDQgzp8KMDH1QCbRbO1phSnOGkDQH5eFmLdiOHADvIi0OwFttO kfupn4rhurXdaB8DHpkRfhlzOyFLGoPZ08FFoJcPBbqDm+IcSr3RSyiYN+FJD+SE PBv582qxKfboCkW99jcHIWfYg0P2rC12HkNpP2hemXhpzsQjI/s= =JgEq -----END PGP SIGNATURE-----