[ubuntu/disco-updates] curl 7.64.0-2ubuntu1.1 (Accepted)
Ubuntu Archive Robot
cjwatson+ubuntu-archive-robot at chiark.greenend.org.uk
Wed May 22 12:58:27 UTC 2019
curl (7.64.0-2ubuntu1.1) disco-security; urgency=medium
* SECURITY UPDATE: Integer overflows in curl_url_set()
- debian/patches/CVE-2019-5345.patch: limit sizes in lib/setopt.c,
lib/urlapi.c, lib/urldata.h, tests/data/Makefile.inc,
tests/data/test1559, tests/libtest/Makefile.inc,
tests/libtest/lib1559.c.
- CVE-2019-5345
* SECURITY UPDATE: TFTP receive buffer overflow
- debian/patches/CVE-2019-5346.patch: use the current blksize in
lib/tftp.c.
- CVE-2019-5346
Date: 2019-05-16 14:48:13.564195+00:00
Changed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
Signed-By: Ubuntu Archive Robot <cjwatson+ubuntu-archive-robot at chiark.greenend.org.uk>
https://launchpad.net/ubuntu/+source/curl/7.64.0-2ubuntu1.1
-------------- next part --------------
Sorry, changesfile not available.
More information about the Disco-changes
mailing list