[ubuntu/jaunty] curl 7.18.2-8ubuntu2 (Accepted)
Marc Deslauriers
marc.deslauriers at ubuntu.com
Tue Mar 3 23:15:13 GMT 2009
curl (7.18.2-8ubuntu2) jaunty; urgency=low
* SECURITY UPDATE: Local file exposure via redirect
- debian/patches/security_CVE-2009-0037.patch: add logic to lib/url.c and
lib/urldata.h to limit what protocols curl will automatically follow via a
redirect. By default, it now follows all protocols except FILE and SCP.
- CVE-2009-0037
Date: Tue, 03 Mar 2009 16:27:30 -0500
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Maintainer: Ubuntu Core Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Signed-By: Jamie Strandboge <jamie at ubuntu.com>
https://launchpad.net/ubuntu/jaunty/+source/curl/7.18.2-8ubuntu2
-------------- next part --------------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.8
Date: Tue, 03 Mar 2009 16:27:30 -0500
Source: curl
Binary: curl libcurl3 libcurl3-gnutls libcurl4-openssl-dev libcurl4-gnutls-dev libcurl3-dbg
Architecture: source
Version: 7.18.2-8ubuntu2
Distribution: jaunty
Urgency: low
Maintainer: Ubuntu Core Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Description:
curl - Get a file from an HTTP, HTTPS or FTP server
libcurl3 - Multi-protocol file transfer library (OpenSSL)
libcurl3-dbg - libcurl compiled with debug symbols
libcurl3-gnutls - Multi-protocol file transfer library (GnuTLS)
libcurl4-gnutls-dev - Development files and documentation for libcurl (GnuTLS)
libcurl4-openssl-dev - Development files and documentation for libcurl (OpenSSL)
Changes:
curl (7.18.2-8ubuntu2) jaunty; urgency=low
.
* SECURITY UPDATE: Local file exposure via redirect
- debian/patches/security_CVE-2009-0037.patch: add logic to lib/url.c and
lib/urldata.h to limit what protocols curl will automatically follow via a
redirect. By default, it now follows all protocols except FILE and SCP.
- CVE-2009-0037
Checksums-Sha1:
d060c766725941324352c00b14747a350ae55daa 1483 curl_7.18.2-8ubuntu2.dsc
063d7c13fea509251096151b712b819f605906aa 27354 curl_7.18.2-8ubuntu2.diff.gz
Checksums-Sha256:
010d1f4d2fa07caec36440e685ced9112e6eff7dec111dd31e4b0b155cf07136 1483 curl_7.18.2-8ubuntu2.dsc
c17ae875276b8681c025f0015a25c5356d88dd60eade19c958c1fda98a912d73 27354 curl_7.18.2-8ubuntu2.diff.gz
Files:
4b1b8cfe7d7fcf482cc723a6437aaf8f 1483 web optional curl_7.18.2-8ubuntu2.dsc
171f9c07a270ca6741cc1ffeda59567d 27354 web optional curl_7.18.2-8ubuntu2.diff.gz
Original-Maintainer: Domenico Andreoli <cavok at debian.org>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
iEYEARECAAYFAkmtuK0ACgkQW0JvuRdL8BqMtwCdE3W0Vopb9dvOpzryi7Ks86ji
UnIAn28OjILTIaZpS7eoFUqjxNJPA3X9
=Egnc
-----END PGP SIGNATURE-----
More information about the Jaunty-changes
mailing list