[ubuntu/focal-updates] curl 7.68.0-1ubuntu2.1 (Accepted)
Ubuntu Archive Robot
cjwatson+ubuntu-archive-robot at chiark.greenend.org.uk
Wed Jun 24 12:28:18 UTC 2020
curl (7.68.0-1ubuntu2.1) focal-security; urgency=medium
* SECURITY UPDATE: Partial password leak over DNS on HTTP redirect
- debian/patches/CVE-2020-8169.patch: make the updated credentials
URL-encoded in the URL in lib/url.c, tests/data/test1168,
tests/data/Makefile.inc.
- CVE-2020-8169
* SECURITY UPDATE: curl overwrite local file with -J
- debian/patches/CVE-2020-8177.patch: -i is not OK if -J is used in
src/tool_cb_hdr.c, src/tool_getparam.c.
- CVE-2020-8177
Date: 2020-06-17 18:02:14.366353+00:00
Changed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
Signed-By: Ubuntu Archive Robot <cjwatson+ubuntu-archive-robot at chiark.greenend.org.uk>
https://launchpad.net/ubuntu/+source/curl/7.68.0-1ubuntu2.1
-------------- next part --------------
Sorry, changesfile not available.
More information about the Focal-changes
mailing list