Curl is vulnerable to a denial-of-service (DoS) issue

Curl is vulnerable to a denial-of-service DoS issue due to how some HTTPs servers handle cookies that contain 'control-bytes' / 'control codes' byte values below 32. When curl sends cookies that contain these bytes to an HTTPs server, it may return a 400 response which effectively allows a "siste...

CLSA-2022-1663184487 Fix CVE(s): CVE-2022-35252

SECURITY UPDATE: When curl sends back to an HTTPS server cookies with control bytes, it might make the server return a 400 response - debian/patches/CVE-2022-35252.patch: reject cookies with control bytes 0x01-0x1f except 0x09 plus 0x7f - CVE-2022-35252...