[ubuntu/plucky-proposed] curl 8.9.1-2ubuntu3 (Accepted)

Hlib Korzhynskyy hlib.korzhynskyy at canonical.com
Tue Nov 12 17:46:15 UTC 2024 

curl (8.9.1-2ubuntu3) plucky; urgency=medium

  * SECURITY UPDATE: HSTS expiry overwrites parent cache entry.
    - debian/patches/CVE-2024-9681.patch: Add bestsub, blen, and hostname
      comparison in lib/hsts.c.
    - CVE-2024-9681

Date: Wed, 06 Nov 2024 09:10:08 -0330
Changed-By: Hlib Korzhynskyy <hlib.korzhynskyy at canonical.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Signed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
https://launchpad.net/ubuntu/+source/curl/8.9.1-2ubuntu3
-------------- next part --------------
Format: 1.8
Date: Wed, 06 Nov 2024 09:10:08 -0330
Source: curl
Built-For-Profiles: noudeb
Architecture: source
Version: 8.9.1-2ubuntu3
Distribution: plucky
Urgency: medium
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Hlib Korzhynskyy <hlib.korzhynskyy at canonical.com>
Changes:
 curl (8.9.1-2ubuntu3) plucky; urgency=medium
 .
   * SECURITY UPDATE: HSTS expiry overwrites parent cache entry.
     - debian/patches/CVE-2024-9681.patch: Add bestsub, blen, and hostname
       comparison in lib/hsts.c.
     - CVE-2024-9681
Checksums-Sha1:
 b332b5103616128ab55edaa9069f90d99b132cc9 3035 curl_8.9.1-2ubuntu3.dsc
 b3cf2d2a62f66c6604e49f1099980164a4dff26d 55952 curl_8.9.1-2ubuntu3.debian.tar.xz
 381a088bd4586b224ff8937882d7b0f00563de3d 10270 curl_8.9.1-2ubuntu3_source.buildinfo
Checksums-Sha256:
 ac27bb9425741ae2c5b8191a11158f9bd17d6c0f955854a6ea54849d5189b344 3035 curl_8.9.1-2ubuntu3.dsc
 9c6c1d9701755a84d0f02dc9803ee6808176daf9596b07867c07606b628bb83c 55952 curl_8.9.1-2ubuntu3.debian.tar.xz
 0fbea7c3b3d563ea1a99d4ff0e14570ca071490d2fa856a6fbb1f6f2b3ad112b 10270 curl_8.9.1-2ubuntu3_source.buildinfo
Files:
 204e3bd7c5d07ff38c8b582538ccc9ca 3035 web optional curl_8.9.1-2ubuntu3.dsc
 7e9997bf25718178ce0a684b3c57ed18 55952 web optional curl_8.9.1-2ubuntu3.debian.tar.xz
 6718e95ce632eaf6111829235ce9dfb9 10270 web optional curl_8.9.1-2ubuntu3_source.buildinfo
Original-Maintainer: Debian Curl Maintainers <team+curl at tracker.debian.org>

More information about the plucky-changes mailing list