[ubuntu/karmic] curl 7.19.5-1ubuntu2 (Accepted)
Kees Cook
kees at ubuntu.com
Thu Aug 13 23:00:13 BST 2009
curl (7.19.5-1ubuntu2) karmic; urgency=low
* SECURITY UPDATE: SSL cert hostname checking bypass with NULL byte.
- add debian/patches/cert-null-cn: backported upstream changes.
- CVE-2009-2417
Date: Thu, 13 Aug 2009 14:32:50 -0700
Changed-By: Kees Cook <kees at ubuntu.com>
Maintainer: Ubuntu Core Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/karmic/+source/curl/7.19.5-1ubuntu2
-------------- next part --------------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.8
Date: Thu, 13 Aug 2009 14:32:50 -0700
Source: curl
Binary: curl libcurl3 libcurl3-gnutls libcurl4-openssl-dev libcurl4-gnutls-dev libcurl3-dbg
Architecture: source
Version: 7.19.5-1ubuntu2
Distribution: karmic
Urgency: low
Maintainer: Ubuntu Core Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Kees Cook <kees at ubuntu.com>
Description:
curl - Get a file from an HTTP, HTTPS or FTP server
libcurl3 - Multi-protocol file transfer library (OpenSSL)
libcurl3-dbg - libcurl compiled with debug symbols
libcurl3-gnutls - Multi-protocol file transfer library (GnuTLS)
libcurl4-gnutls-dev - Development files and documentation for libcurl (GnuTLS)
libcurl4-openssl-dev - Development files and documentation for libcurl (OpenSSL)
Changes:
curl (7.19.5-1ubuntu2) karmic; urgency=low
.
* SECURITY UPDATE: SSL cert hostname checking bypass with NULL byte.
- add debian/patches/cert-null-cn: backported upstream changes.
- CVE-2009-2417
Checksums-Sha1:
323d7d0cadb3d10796df29cab01862230b93c119 1538 curl_7.19.5-1ubuntu2.dsc
1f77a42bc34e43eabc744a02dd16a5950ac0fc13 88944 curl_7.19.5-1ubuntu2.diff.gz
Checksums-Sha256:
99f768cec1c2dcc8563892cb3cd815eab3c3c2d97672da201d996a2d69b9db09 1538 curl_7.19.5-1ubuntu2.dsc
4a89c2e5e6505575b10276d17f16cd8e9b0797a29bae5230a0b27ffb017a1e76 88944 curl_7.19.5-1ubuntu2.diff.gz
Files:
b2256e034139b782d3adc483a8ebcd6f 1538 web optional curl_7.19.5-1ubuntu2.dsc
eb0d37351ceb4b1964986a1733f8cc20 88944 web optional curl_7.19.5-1ubuntu2.diff.gz
Original-Maintainer: Domenico Andreoli <cavok at debian.org>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Kees Cook <kees at outflux.net>
iEYEARECAAYFAkqEivQACgkQH/9LqRcGPm2eGQCeIoU/C9HPk6FKKPN+KwQ+L74H
k6UAoIctwYQ3uXQjPu2tMZgkB7RrZb25
=Tslq
-----END PGP SIGNATURE-----
More information about the Karmic-changes
mailing list