CLSA-2022-1663184487 Fix CVE(s): CVE-2022-35252

SECURITY UPDATE: When curl sends back to an HTTPS server cookies with control bytes, it might make the server return a 400 response - debian/patches/CVE-2022-35252.patch: reject cookies with control bytes 0x01-0x1f except 0x09 plus 0x7f - CVE-2022-35252...

curl 安全漏洞

curl is a tool for transferring data from or to a server. A security vulnerability exists in curl versions 4.9 through 7.84, which stems from the fact that when curl retrieves and parses a cookie from an HTTPS server, it accepts the cookie using a control code a value of less than 32 bytes, which...