Bug 6784 - [Anolis OS 7] Bugfix for CVE-2023-38546
Summary: [Anolis OS 7] Bugfix for CVE-2023-38546
Status: NEW
Alias: None
Product: Anolis OS 7
Classification: Anolis OS
Component: BaseOS Packages (show other bugs) BaseOS Packages
Version: 7.7
Hardware: All Linux
: P4-Low S4-trivial
Target Milestone: ---
Assignee: 杨晓旋
QA Contact: 杨晓旋
URL:
Whiteboard:
Keywords: CVE
Depends on:
Blocks:
 
Reported: 2023-10-12 09:40 UTC by 小龙
Modified: 2023-10-12 09:40 UTC (History)
1 user (show)

See Also:


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description 小龙 admin 2023-10-12 09:40:43 UTC
Description:
VUL-0: CVE-2023-38546: curl: cookie injection with none file

Broken commit info:
https://github.com/curl/curl/commit/74d5a6fb3b9a96d9f

Bugfix commit info:
https://github.com/curl/curl/commit/3ee79c1674fd6f9
https://github.com/curl/curl/commit/61275672b46d9abb32857404