CVE*: update 'Not affected versions' lines

curl · May 1, 2023 · c1d037f · c1d037f
1 parent 785f7f2
commit c1d037f
Show file tree

Hide file tree

Showing 11 changed files with 12 additions and 12 deletions.
diff --git a/docs/CVE-2005-3185.md b/docs/CVE-2005-3185.md
@@ -38,8 +38,8 @@ On non-Windows machines, the NTLM support requires the lib to have been built
 with OpenSSL support. Therefore: libcurl builds without SSL support or SSL
 support provided by GnuTLS are NOT affected.
 
-Affected versions: curl and libcurl 7.10.6 to and including 7.14.1
-Not affected versions: curl and libcurl 7.10.5 and earlier, 7.15.0 and later
+- Affected versions: curl and libcurl 7.10.6 to and including 7.14.1
+- Not affected versions: curl < 7.10.5 and curl >= 7.15.0
 
 Also note that (lib)curl is used by many applications, and not always
 advertised as such.

diff --git a/docs/CVE-2005-4077.md b/docs/CVE-2005-4077.md
@@ -40,7 +40,7 @@ AFFECTED VERSIONS
 -----------------
 
 - Affected versions: curl and libcurl 7.11.2 to and including 7.15.0
-- Not affected versions: curl and libcurl 7.11.1 and earlier, 7.15.1 and later
+- Not affected versions: curl and libcurl < 7.11.1 and curl >= 7.15.1
 
 Also note that (lib)curl is used by many applications, and not always
 advertised as such.

diff --git a/docs/CVE-2006-1061.md b/docs/CVE-2006-1061.md
@@ -29,7 +29,7 @@ AFFECTED VERSIONS
 -----------------
 
 - Affected versions: curl and libcurl 7.15.0 to and including 7.15.2
-- Not affected versions: curl and libcurl 7.14.1 and earlier, 7.15.3 and later
+- Not affected versions: curl and libcurl < 7.14.1 and curl >= 7.15.3
 
 libcurl 7.15.1 and 7.15.2 contain code that prevents this code from being
 executed on architectures where a struct is not of the same assumed packed size

diff --git a/docs/CVE-2007-3564.md b/docs/CVE-2007-3564.md
@@ -25,7 +25,7 @@ AFFECTED VERSIONS
 -----------------
 
 - Affected versions: curl and libcurl 7.14.0 to and including 7.16.3
-- Not affected versions: curl and libcurl 7.13.2 and earlier, 7.16.4 and later
+- Not affected versions: curl and libcurl < 7.13.2 and curl >= 7.16.4
 
 Note that libcurl needs to be built to use GnuTLS for this flaw to be in
 effect.

diff --git a/docs/CVE-2009-0037.md b/docs/CVE-2009-0037.md
@@ -42,7 +42,7 @@ AFFECTED VERSIONS
 -----------------
 
 - Affected versions: curl and libcurl 5.11(!) to and including 7.19.3
-- Not affected versions: curl and libcurl 5.10 and earlier, 7.19.4 and later
+- Not affected versions: curl and libcurl < 5.10 and curl >= 7.19.4
 
 Also note that (lib)curl is used by many applications, and not always
 advertised as such.

diff --git a/docs/CVE-2009-2417.md b/docs/CVE-2009-2417.md
@@ -34,7 +34,7 @@ AFFECTED VERSIONS
 -----------------
 
 - Affected versions: curl and libcurl 7.4 to and including 7.19.5
-- Not affected versions: curl and libcurl 7.19.6 and later
+- Not affected versions: curl and libcurl < 7.4 and curl >= 7.19.6
 
 This vulnerability is only present in OpenSSL-specific parts of the code.
 If you build curl or libcurl to use GnuTLS or NSS instead, you must instead

diff --git a/docs/CVE-2019-3823.md b/docs/CVE-2019-3823.md
@@ -34,7 +34,7 @@ AFFECTED VERSIONS
 -----------------
 
 - Affected versions: libcurl 7.34.0 to and including 7.63.0
-- Not affected versions: libcurl < 7.34.0
+- Not affected versions: libcurl < 7.34.0 and curl >= 7.64.0
 
 libcurl is used by many applications, but not always advertised as such.
 

diff --git a/docs/CVE-2019-5481.md b/docs/CVE-2019-5481.md
@@ -44,7 +44,7 @@ AFFECTED VERSIONS
 -----------------
 
 - Affected versions: libcurl >= 7.52.0 to and including 7.65.3
-- Not affected versions: libcurl < 7.52.0
+- Not affected versions: libcurl < 7.52.0 and libcurl >= 7.66.0
 
 libcurl is used by many applications, but not always advertised as such.
 

diff --git a/docs/CVE-2019-5482.md b/docs/CVE-2019-5482.md
@@ -46,7 +46,7 @@ AFFECTED VERSIONS
 -----------------
 
 - Affected versions: libcurl >= 7.19.4 to and including 7.65.3
-- Not affected versions: libcurl < 7.19.4
+- Not affected versions: libcurl < 7.19.4 annd libcurl >= 7.66.0
 
 libcurl is used by many applications, but not always advertised as such.
 

diff --git a/docs/CVE-2020-8169.md b/docs/CVE-2020-8169.md
@@ -103,7 +103,7 @@ AFFECTED VERSIONS
 -----------------
 
 - Affected versions: libcurl 7.62.0 to and including 7.70.0
-- Not affected versions: libcurl < 7.62.0
+- Not affected versions: libcurl < 7.62.0 and libcurl >= 7.71.0
 
 libcurl is used by many applications, but not always advertised as such.
 

diff --git a/docs/CVE-2023-23916.md b/docs/CVE-2023-23916.md
@@ -50,7 +50,7 @@ AFFECTED VERSIONS
 -----------------
 
 - Affected versions: curl 7.57.0 to and including 7.87.0
-- Not affected versions: curl < 7.57.0 and curl > 7.87.0
+- Not affected versions: curl < 7.57.0 and curl >= 7.88.0
 
 libcurl is used by many applications, but not always advertised as such!