[ubuntu/disco-proposed] curl 7.62.0-1 (Accepted)
Steve Langasek
steve.langasek at canonical.com
Mon Jan 14 12:42:46 UTC 2019
curl (7.62.0-1) unstable; urgency=medium
* New upstream release
+ Fix NTLM password overflow via integer overflow as per CVE-2018-14618
(Closes: #908327) https://curl.haxx.se/docs/CVE-2018-14618.html
+ Fix SASL password overflow via integer overflow as per CVE-2018-16839
https://curl.haxx.se/docs/CVE-2018-16839.html
+ Fix use-after-free in handle close as per CVE-2018-16840
https://curl.haxx.se/docs/CVE-2018-16840.html
+ Fix warning message out-of-buffer read as per CVE-2018-16842
https://curl.haxx.se/docs/CVE-2018-16842.html
+ Fix broken terminal output (closes: #911333)
* Refresh patches
* Add 12_fix-runtests-curl.patch to fix running curl in tests
Date: 2018-11-01 04:29:34.185445+00:00
Changed-By: Alessandro Ghedini <alessandro at ghedini.me>
Signed-By: Steve Langasek <steve.langasek at canonical.com>
https://launchpad.net/ubuntu/+source/curl/7.62.0-1
-------------- next part --------------
Sorry, changesfile not available.
More information about the Disco-changes
mailing list