Two security issues were discovered in Curl: Cookies were incorrectly validated against the public suffix list of domains and in same cases HSTS data could fail to save to disk. For the oldstable distribution (bullseye), these problems have been fixed in version 7.74.0-1.3+deb11u11. For the stable distribution (bookworm), these problems have been fixed in version 7.88.1-10+deb12u5. We recommend that you upgrade your curl packages. For the detailed security status of curl please refer to its security tracker page at: https://security-tracker.debian.org/tracker/curl
Two security issues were discovered in Curl: Cookies were incorrectly validated against the public suffix list of domains and in same cases HSTS data could fail to save to disk.
For the oldstable distribution (bullseye), these problems have been fixed in version 7.74.0-1.3+deb11u11.
For the stable distribution (bookworm), these problems have been fixed in version 7.88.1-10+deb12u5.
We recommend that you upgrade your curl packages.
For the detailed security status of curl please refer to its security tracker page at: https://security-tracker.debian.org/tracker/curl