[ubuntu/maverick-security] curl 7.21.0-1ubuntu1.1 (Accepted)

Steve Beattie sbeattie at ubuntu.com
Thu Jun 23 23:03:40 UTC 2011


curl (7.21.0-1ubuntu1.1) maverick-security; urgency=low

  * SECURITY UPDATE: libcurl unconditional credential delegation during
    GSSAPI authentication vulnerability.
    - debian/patches/0001-Curl_input_negotiate-do-not-delegate-credentials.patch:
      do not delegate credentials when doing GSSAPI authentication
    - CVE-2011-2192

Date: Wed, 08 Jun 2011 14:03:34 -0700
Changed-By: Steve Beattie <sbeattie at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/maverick/+source/curl/7.21.0-1ubuntu1.1
-------------- next part --------------
Format: 1.8
Date: Wed, 08 Jun 2011 14:03:34 -0700
Source: curl
Binary: curl libcurl3 libcurl3-gnutls libcurl4-openssl-dev libcurl4-gnutls-dev libcurl3-dbg
Architecture: source
Version: 7.21.0-1ubuntu1.1
Distribution: maverick-security
Urgency: low
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Steve Beattie <sbeattie at ubuntu.com>
Description: 
 curl       - Get a file from an HTTP, HTTPS or FTP server
 libcurl3   - Multi-protocol file transfer library (OpenSSL)
 libcurl3-dbg - libcurl compiled with debug symbols
 libcurl3-gnutls - Multi-protocol file transfer library (GnuTLS)
 libcurl4-gnutls-dev - Development files and documentation for libcurl (GnuTLS)
 libcurl4-openssl-dev - Development files and documentation for libcurl (OpenSSL)
Changes: 
 curl (7.21.0-1ubuntu1.1) maverick-security; urgency=low
 .
   * SECURITY UPDATE: libcurl unconditional credential delegation during
     GSSAPI authentication vulnerability.
     - debian/patches/0001-Curl_input_negotiate-do-not-delegate-credentials.patch:
       do not delegate credentials when doing GSSAPI authentication
     - CVE-2011-2192
Checksums-Sha1: 
 d7c6b04cf5f7905c25c4555ca37c9c2b55b8ee62 2221 curl_7.21.0-1ubuntu1.1.dsc
 0301569dd1412032c270576761a9b72dcd5d5c75 94329 curl_7.21.0-1ubuntu1.1.debian.tar.gz
Checksums-Sha256: 
 f05f740806f5ee829e2d01ffd015aa2e47bf0e91d1dc0e870a9c4e7645848adf 2221 curl_7.21.0-1ubuntu1.1.dsc
 9844fc8433b0c2e78e9e0f0280027a790a6a9dcbdc1af7af0119013bba18ce53 94329 curl_7.21.0-1ubuntu1.1.debian.tar.gz
Files: 
 2265b03f7cdeb53ec8856530013ce309 2221 web optional curl_7.21.0-1ubuntu1.1.dsc
 4f311480f323491e4eeafcec816cacdf 94329 web optional curl_7.21.0-1ubuntu1.1.debian.tar.gz
Original-Maintainer: Ramakrishnan Muthukrishnan <rkrishnan at debian.org>


More information about the Maverick-changes mailing list