2 matches found
curl: Shared HSTS cache accessed without lock
This is finding F5 in Andrew's report https://github.com/curl/curl/blob/455bebc2c7/lib/hsts.cL160-L168 https://github.com/curl/curl/blob/455bebc2c7/lib/http.cL3571 https://github.com/curl/curl/blob/455bebc2c7/lib/url.cL1441 https://github.com/curl/curl/blob/455bebc2c7/lib/url.cL265...
OESA-2023-1125 curl security update
cURL is a computer software project providing a library libcurl and command-line tool curl for transferring data using various protocols. Security Fixes: A flaw was found in the Curl package, where the HSTS mechanism could fail when multiple transfers are done in parallel, as the HSTS cache file...