[ubuntu/precise] curl 7.22.0-3ubuntu2 (Accepted)
Marc Deslauriers
marc.deslauriers at ubuntu.com
Tue Jan 24 21:45:19 UTC 2012
curl (7.22.0-3ubuntu2) precise; urgency=low
* SECURITY UPDATE: URL sanitization vulnerability
- debian/patches/CVE-2012-0036.patch: reject URLs with embedded control
codes in lib/{escape.h,escape.c,imap.c,pop3.c,smtp.c}.
- CVE-2012-0036
Date: Tue, 24 Jan 2012 08:26:50 -0500
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/precise/+source/curl/7.22.0-3ubuntu2
-------------- next part --------------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Tue, 24 Jan 2012 08:26:50 -0500
Source: curl
Binary: curl libcurl3 libcurl3-udeb libcurl3-gnutls libcurl3-nss libcurl4-openssl-dev libcurl4-gnutls-dev libcurl4-nss-dev libcurl3-dbg
Architecture: source
Version: 7.22.0-3ubuntu2
Distribution: precise
Urgency: low
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Description:
curl - Get a file from an HTTP, HTTPS or FTP server
libcurl3 - Multi-protocol file transfer library (OpenSSL)
libcurl3-dbg - libcurl compiled with debug symbols
libcurl3-gnutls - Multi-protocol file transfer library (GnuTLS)
libcurl3-nss - Multi-protocol file transfer library (NSS)
libcurl3-udeb - Multi-protocol file transfer library (OpenSSL) (udeb)
libcurl4-gnutls-dev - Development files and documentation for libcurl (GnuTLS)
libcurl4-nss-dev - Development files and documentation for libcurl (NSS)
libcurl4-openssl-dev - Development files and documentation for libcurl (OpenSSL)
Changes:
curl (7.22.0-3ubuntu2) precise; urgency=low
.
* SECURITY UPDATE: URL sanitization vulnerability
- debian/patches/CVE-2012-0036.patch: reject URLs with embedded control
codes in lib/{escape.h,escape.c,imap.c,pop3.c,smtp.c}.
- CVE-2012-0036
Checksums-Sha1:
977bfcb0be653ea9fca3afafdbad2e5449453c50 2697 curl_7.22.0-3ubuntu2.dsc
3439c0de8afe794b687d91fd8b0fdbcfc7023194 31133 curl_7.22.0-3ubuntu2.debian.tar.gz
Checksums-Sha256:
9d858c4c27a91bb10cbee411a35172ba6ee563496a3e602a56db789b788d1469 2697 curl_7.22.0-3ubuntu2.dsc
ae36d05ebf36850020413805795413294611508f22f39881ffcf2b8a0b7cb074 31133 curl_7.22.0-3ubuntu2.debian.tar.gz
Files:
1dc3274a3af3486ae576f216f23b3568 2697 web optional curl_7.22.0-3ubuntu2.dsc
c88b508277fc097dba4a37117515d9e0 31133 web optional curl_7.22.0-3ubuntu2.debian.tar.gz
Original-Maintainer: Ramakrishnan Muthukrishnan <rkrishnan at debian.org>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
iQIcBAEBCgAGBQJPHxz+AAoJEGVp2FWnRL6TYNIP/j0ZEov6WVe/mE15B9iyMbLf
LdBPhsm2uUQdYp6C2tkMbD9krz+OXssnaJf+fbtY5ll9sPUXWbfwQnJvERhme/Pf
6dawbdg43e4bilVdawt5Zn1dbzddczHShpxgy63B8amXy1G03pfWbiJy7JxjmIPZ
mlstqrTifsvSWsfbg+iBNnx1fWwStmziQcRt5XaDdq1bC9lrYUbqD+YGuK2ITZdw
WLEozjs6VKQ96ScGIrtwL/9vA+si18G0PKajX2Ntd9XNIdtlqL+arAchDNEoako2
MDpBvpSjozlfgEIAy7oSyDIYbPlQFWFM1EPxp3+cPn9PBOhwJdOPXauYvMif64wc
Ycg2uoz/L0XXEBZega2yNLfMj/V5STmJjqM3k3AR+502TsiZ2AROhU201BzqFZkP
Uz3nQxiKP8d4bC4a8W+G4ip64//MUSbLIkxeBuqqybAh2OCBcW8cTdPDAaF+SMEj
mSBgTSE43LZ+zyN++WWxQYo7N3mGS1F7BfrJwFmNjAOxHe/I3Jv1LZx7nLxfAbXi
38/XRiJRqCINRIM3QyTkm73yYRXmg3mfwq43zbMBSsupQqtp26VT0iHL4hJxiK1u
IGIXDV8q/O69d4PutW3aWx2PNPUqb2xLk/pvED/lcmJTp5KEwxT2h8CaqiBY6kTr
EUZJ5nOn23j0DNQyJGjt
=TjK9
-----END PGP SIGNATURE-----
More information about the Precise-changes
mailing list