[ubuntu/impish-proposed] curl 7.74.0-1.3ubuntu1 (Accepted)
Dan Bungert
daniel.bungert at canonical.com
Wed Aug 18 19:22:13 UTC 2021
curl (7.74.0-1.3ubuntu1) impish; urgency=low
* Merge from Debian unstable. Remaining changes:
+ SECURITY UPDATE: TELNET stack contents disclosure
- debian/patches/CVE-2021-22898.patch: check sscanf() for correct
number of matches in lib/telnet.c.
- CVE-2021-22898
+ SECURITY UPDATE: Bad connection reuse due to flawed path name checks
- debian/patches/CVE-2021-22924.patch: fix connection reuse checks for
issuer cert and case sensitivity in lib/url.c, lib/urldata.h,
lib/vtls/gtls.c, lib/vtls/nss.c, lib/vtls/openssl.c, lib/vtls/vtls.c.
- CVE-2021-22924
+ SECURITY UPDATE: TELNET stack contents disclosure again
- debian/patches/CVE-2021-22925.patch: fix option parser to not send
uninitialized contents in lib/telnet.c.
- CVE-2021-22925
+ d/p/openldap-replace-ldap_-prefix-on-private-functions.patch:
Fix FTBFS with OpenLDAP 2.5. Patch renamed to reduce likelihood of
numbering overlap in patches with Debian upstream.
curl (7.74.0-1.3) unstable; urgency=medium
* Non-maintainer upload.
* Add upstream patch bc7ecc7 so curl -w times shown as seconds with
fractions (Closes: #989064)
Date: Wed, 11 Aug 2021 17:39:44 -0600
Changed-By: Dan Bungert <daniel.bungert at canonical.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Signed-By: Brian Murray <brian at ubuntu.com>
https://launchpad.net/ubuntu/+source/curl/7.74.0-1.3ubuntu1
-------------- next part --------------
Format: 1.8
Date: Wed, 11 Aug 2021 17:39:44 -0600
Source: curl
Built-For-Profiles: noudeb
Architecture: source
Version: 7.74.0-1.3ubuntu1
Distribution: impish
Urgency: medium
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Dan Bungert <daniel.bungert at canonical.com>
Closes: 989064
Changes:
curl (7.74.0-1.3ubuntu1) impish; urgency=low
.
* Merge from Debian unstable. Remaining changes:
+ SECURITY UPDATE: TELNET stack contents disclosure
- debian/patches/CVE-2021-22898.patch: check sscanf() for correct
number of matches in lib/telnet.c.
- CVE-2021-22898
+ SECURITY UPDATE: Bad connection reuse due to flawed path name checks
- debian/patches/CVE-2021-22924.patch: fix connection reuse checks for
issuer cert and case sensitivity in lib/url.c, lib/urldata.h,
lib/vtls/gtls.c, lib/vtls/nss.c, lib/vtls/openssl.c, lib/vtls/vtls.c.
- CVE-2021-22924
+ SECURITY UPDATE: TELNET stack contents disclosure again
- debian/patches/CVE-2021-22925.patch: fix option parser to not send
uninitialized contents in lib/telnet.c.
- CVE-2021-22925
+ d/p/openldap-replace-ldap_-prefix-on-private-functions.patch:
Fix FTBFS with OpenLDAP 2.5. Patch renamed to reduce likelihood of
numbering overlap in patches with Debian upstream.
.
curl (7.74.0-1.3) unstable; urgency=medium
.
* Non-maintainer upload.
* Add upstream patch bc7ecc7 so curl -w times shown as seconds with
fractions (Closes: #989064)
Checksums-Sha1:
325bb018c24720ab65e66064a31206c0ccb47d07 2771 curl_7.74.0-1.3ubuntu1.dsc
855be1bb05b55d0017bf626add3522c56725f5c8 42688 curl_7.74.0-1.3ubuntu1.debian.tar.xz
3c4d51184407a831f391223101a4aece87231c8b 8674 curl_7.74.0-1.3ubuntu1_source.buildinfo
Checksums-Sha256:
ff18b5a3aeb6c9c4f2fb647e522315c5c806fcf5961075df66982bacbf8fba6a 2771 curl_7.74.0-1.3ubuntu1.dsc
f636ed8ebc62dde520c0797a0f380f4d547018717c1aed3e857c5c2da4dc1b51 42688 curl_7.74.0-1.3ubuntu1.debian.tar.xz
29618a58c2080ab92793b3682c7b3ee7eaa9c38f40279be133a66cc4db34d84f 8674 curl_7.74.0-1.3ubuntu1_source.buildinfo
Files:
e447859211c56c0e3e9f6cd4cdd8dbbe 2771 web optional curl_7.74.0-1.3ubuntu1.dsc
168a790dc9fae396b524f7fff74e7d84 42688 web optional curl_7.74.0-1.3ubuntu1.debian.tar.xz
6b3272ff319239ef4f977505868407ae 8674 web optional curl_7.74.0-1.3ubuntu1_source.buildinfo
Original-Maintainer: Alessandro Ghedini <ghedo at debian.org>
More information about the impish-changes
mailing list