diff options
author | Patrick Monnerat <patrick@monnerat.net> | 2021-09-07 13:26:42 +0200 |
---|---|---|
committer | Daniel Stenberg <daniel@haxx.se> | 2021-09-13 16:51:31 +0200 |
commit | 8ef147c43646e91fdaad5d0e7b60351f842e5c68 (patch) | |
tree | 61bc65da37b6c6e56a161c3ce841d15a4cc8b786 /tests/data/test529 | |
parent | 364f174724ef115c63d5e5dc1d3342c8a43b1cca (diff) | |
download | curl-8ef147c43646e91fdaad5d0e7b60351f842e5c68.tar.gz |
ftp,imap,pop3,smtp: reject STARTTLS server response pipelining
If a server pipelines future responses within the STARTTLS response, the
former are preserved in the pingpong cache across TLS negotiation and
used as responses to the encrypted commands.
This fix detects pipelined STARTTLS responses and rejects them with an
error.
CVE-2021-22947
Bug: https://curl.se/docs/CVE-2021-22947.html
Diffstat (limited to 'tests/data/test529')
0 files changed, 0 insertions, 0 deletions