[ubuntu/artful-proposed] curl 7.55.1-1ubuntu2 (Accepted)
Marc Deslauriers
marc.deslauriers at ubuntu.com
Thu Oct 5 12:18:52 UTC 2017
curl (7.55.1-1ubuntu2) artful; urgency=medium
* SECURITY UPDATE: FTP PWD response parser out of bounds read
- debian/patches/CVE-2017-1000254.patch: zero terminate the entry path
even on bad input in lib/ftp.c, added test to
tests/data/Makefile.inc, tests/data/test1152.
- CVE-2017-1000254
Date: Wed, 04 Oct 2017 08:35:10 -0400
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/+source/curl/7.55.1-1ubuntu2
-------------- next part --------------
Format: 1.8
Date: Wed, 04 Oct 2017 08:35:10 -0400
Source: curl
Binary: curl libcurl3 libcurl3-gnutls libcurl3-nss libcurl4-openssl-dev libcurl4-gnutls-dev libcurl4-nss-dev libcurl4-doc
Architecture: source
Version: 7.55.1-1ubuntu2
Distribution: artful
Urgency: medium
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Description:
curl - command line tool for transferring data with URL syntax
libcurl3 - easy-to-use client-side URL transfer library (OpenSSL flavour)
libcurl3-gnutls - easy-to-use client-side URL transfer library (GnuTLS flavour)
libcurl3-nss - easy-to-use client-side URL transfer library (NSS flavour)
libcurl4-doc - documentation for libcurl
libcurl4-gnutls-dev - development files and documentation for libcurl (GnuTLS flavour)
libcurl4-nss-dev - development files and documentation for libcurl (NSS flavour)
libcurl4-openssl-dev - development files and documentation for libcurl (OpenSSL flavour)
Changes:
curl (7.55.1-1ubuntu2) artful; urgency=medium
.
* SECURITY UPDATE: FTP PWD response parser out of bounds read
- debian/patches/CVE-2017-1000254.patch: zero terminate the entry path
even on bad input in lib/ftp.c, added test to
tests/data/Makefile.inc, tests/data/test1152.
- CVE-2017-1000254
Checksums-Sha1:
7ac1ed8a139d5043e8601847244e89cd619535b4 2774 curl_7.55.1-1ubuntu2.dsc
eefc8093b4c992efef02da6c6ef709553e5c7b00 33016 curl_7.55.1-1ubuntu2.debian.tar.xz
1a1f42522cd01358fa91a268991b9073028bc63e 8770 curl_7.55.1-1ubuntu2_source.buildinfo
Checksums-Sha256:
ad35822cd453e8d8d0d089a63a1454005dd7a445b869754f1e683afb46fb98ee 2774 curl_7.55.1-1ubuntu2.dsc
f51f583c9fa19f80d35e8b47ef8ebdd62e02b3f11d1a8319f5a0c83385c85226 33016 curl_7.55.1-1ubuntu2.debian.tar.xz
a00ccd76c077d2264501e5289fce4b9464cf03419986e1cea60a4a96c3db4152 8770 curl_7.55.1-1ubuntu2_source.buildinfo
Files:
c0a747140a79cf6ba84d03d0e5e2dffe 2774 web optional curl_7.55.1-1ubuntu2.dsc
e08a7a4c319e96ce6c31ff0d61271e2c 33016 web optional curl_7.55.1-1ubuntu2.debian.tar.xz
97dc0014c27035ac67e01f04bf7b8187 8770 web optional curl_7.55.1-1ubuntu2_source.buildinfo
Original-Maintainer: Alessandro Ghedini <ghedo at debian.org>
More information about the Artful-changes
mailing list