issues
search
alexcrichton
/
curl-rust
Rust bindings to libcurl
MIT License
1k
stars
234
forks
source link
Update bundled curl to 7.83.1
#448
Closed
sagebind
closed
2 years ago
sagebind
commented
2 years ago
This version contains patches for six new CVEs just published:
CVE-2022-27778: curl removes wrong file on error
CVE-2022-27779: cookie for trailing dot TLD
CVE-2022-27780: percent-encoded path separator in URL host
CVE-2022-27781: CERTINFO never-ending busy-loop
CVE-2022-27782: TLS and SSH connection too eager reuse
CVE-2022-30115: HSTS bypass via trailing dot
This version contains patches for six new CVEs just published: