~ubuntu-branches/ubuntu/utopic/curl/utopic-updates

Viewing all changes in revision 82.

  • Committer: Package Import Robot
  • Author(s): Marc Deslauriers
  • Date: 2014-09-11 08:15:47 UTC
  • Revision ID: package-import@ubuntu.com-20140911081547-kvwvsrk4yadi7ghl
Tags: 7.37.1-1ubuntu2
* SECURITY UPDATE: incorrect cookie handling via partial literal IP
  addresses
  - debian/patches/CVE-2014-3613.patch: only use full host matches for
    hosts used as IP address in lib/cookie.c, added tests to
    tests/data/test1105, tests/data/test31, tests/data/test8.
  - CVE-2014-3613
* SECURITY UPDATE: incorrect cookie handling for TLDs
  - debian/patches/CVE-2014-3620.patch: reject incoming cookies set for
    TLDs in lib/cookie.c, added test to tests/data/test61.
  - CVE-2014-3620

expand all expand all

Show diffs side-by-side

added added

removed removed

Lines of Context: