[ubuntu/zesty-proposed] curl 7.50.1-1ubuntu2 (Accepted)

Marc Deslauriers marc.deslauriers at ubuntu.com
Thu Nov 3 18:42:21 UTC 2016 

curl (7.50.1-1ubuntu2) zesty; urgency=medium

  * SECURITY UPDATE: Incorrect reuse of client certificates with NSS
    - debian/patches/CVE-2016-7141.patch: refuse previously loaded
      certificate from file in lib/vtls/nss.c.
    - CVE-2016-7141
  * SECURITY UPDATE: curl escape and unescape integer overflows
    - debian/patches/CVE-2016-7167.patch: deny negative string length
      inputs in lib/escape.c.
    - CVE-2016-7167
  * SECURITY UPDATE: cookie injection for other servers
    - debian/patches/CVE-2016-8615.patch: ignore lines that are too long in
      lib/cookie.c.
    - CVE-2016-8615
  * SECURITY UPDATE: case insensitive password comparison
    - debian/patches/CVE-2016-8616.patch: use case sensitive user/password
      comparisons in lib/url.c.
    - CVE-2016-8616
  * SECURITY UPDATE: OOB write via unchecked multiplication
    - debian/patches/CVE-2016-8617.patch: check for integer overflow on
      large input in lib/base64.c.
    - CVE-2016-8617
  * SECURITY UPDATE: double-free in curl_maprintf
    - debian/patches/CVE-2016-8618.patch: detect wrap-around when growing
      allocation in lib/mprintf.c.
    - CVE-2016-8618
  * SECURITY UPDATE: double-free in krb5 code
    - debian/patches/CVE-2016-8619.patch: avoid realloc in lib/security.c.
    - CVE-2016-8619
  * SECURITY UPDATE: glob parser write/read out of bounds
    - debian/patches/CVE-2016-8620.patch: stay within bounds in
      src/tool_urlglob.c.
    - CVE-2016-8620
  * SECURITY UPDATE: curl_getdate read out of bounds
    - debian/patches/CVE-2016-8621.patch: handle cut off numbers better in
      lib/parsedate.c, added tests to tests/data/test517,
      tests/libtest/lib517.c.
    - CVE-2016-8621
  * SECURITY UPDATE: URL unescape heap overflow via integer truncation
    - debian/patches/CVE-2016-8622.patch: avoid integer overflow in
      lib/dict.c, lib/escape.c, update docs/libcurl/curl_easy_unescape.3.
    - CVE-2016-8622
  * SECURITY UPDATE: Use-after-free via shared cookies
    - debian/patches/CVE-2016-8623.patch: hold deep copies of all cookies
      in lib/cookie.c, lib/cookie.h, lib/http.c.
    - CVE-2016-8623
  * SECURITY UPDATE: invalid URL parsing with #
    - debian/patches/CVE-2016-8624.patch: accept # as end of host name in
      lib/url.c.
    - CVE-2016-8624

Date: Thu, 03 Nov 2016 14:04:47 -0400
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/+source/curl/7.50.1-1ubuntu2
-------------- next part --------------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Thu, 03 Nov 2016 14:04:47 -0400
Source: curl
Binary: curl libcurl3 libcurl3-gnutls libcurl3-nss libcurl4-openssl-dev libcurl4-gnutls-dev libcurl4-nss-dev libcurl3-dbg libcurl4-doc
Architecture: source
Version: 7.50.1-1ubuntu2
Distribution: zesty
Urgency: medium
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Description:
 curl       - command line tool for transferring data with URL syntax
 libcurl3   - easy-to-use client-side URL transfer library (OpenSSL flavour)
 libcurl3-dbg - debugging symbols for libcurl (OpenSSL, GnuTLS and NSS flavours)
 libcurl3-gnutls - easy-to-use client-side URL transfer library (GnuTLS flavour)
 libcurl3-nss - easy-to-use client-side URL transfer library (NSS flavour)
 libcurl4-doc - documentation for libcurl
 libcurl4-gnutls-dev - development files and documentation for libcurl (GnuTLS flavour)
 libcurl4-nss-dev - development files and documentation for libcurl (NSS flavour)
 libcurl4-openssl-dev - development files and documentation for libcurl (OpenSSL flavour)
Changes:
 curl (7.50.1-1ubuntu2) zesty; urgency=medium
 .
   * SECURITY UPDATE: Incorrect reuse of client certificates with NSS
     - debian/patches/CVE-2016-7141.patch: refuse previously loaded
       certificate from file in lib/vtls/nss.c.
     - CVE-2016-7141
   * SECURITY UPDATE: curl escape and unescape integer overflows
     - debian/patches/CVE-2016-7167.patch: deny negative string length
       inputs in lib/escape.c.
     - CVE-2016-7167
   * SECURITY UPDATE: cookie injection for other servers
     - debian/patches/CVE-2016-8615.patch: ignore lines that are too long in
       lib/cookie.c.
     - CVE-2016-8615
   * SECURITY UPDATE: case insensitive password comparison
     - debian/patches/CVE-2016-8616.patch: use case sensitive user/password
       comparisons in lib/url.c.
     - CVE-2016-8616
   * SECURITY UPDATE: OOB write via unchecked multiplication
     - debian/patches/CVE-2016-8617.patch: check for integer overflow on
       large input in lib/base64.c.
     - CVE-2016-8617
   * SECURITY UPDATE: double-free in curl_maprintf
     - debian/patches/CVE-2016-8618.patch: detect wrap-around when growing
       allocation in lib/mprintf.c.
     - CVE-2016-8618
   * SECURITY UPDATE: double-free in krb5 code
     - debian/patches/CVE-2016-8619.patch: avoid realloc in lib/security.c.
     - CVE-2016-8619
   * SECURITY UPDATE: glob parser write/read out of bounds
     - debian/patches/CVE-2016-8620.patch: stay within bounds in
       src/tool_urlglob.c.
     - CVE-2016-8620
   * SECURITY UPDATE: curl_getdate read out of bounds
     - debian/patches/CVE-2016-8621.patch: handle cut off numbers better in
       lib/parsedate.c, added tests to tests/data/test517,
       tests/libtest/lib517.c.
     - CVE-2016-8621
   * SECURITY UPDATE: URL unescape heap overflow via integer truncation
     - debian/patches/CVE-2016-8622.patch: avoid integer overflow in
       lib/dict.c, lib/escape.c, update docs/libcurl/curl_easy_unescape.3.
     - CVE-2016-8622
   * SECURITY UPDATE: Use-after-free via shared cookies
     - debian/patches/CVE-2016-8623.patch: hold deep copies of all cookies
       in lib/cookie.c, lib/cookie.h, lib/http.c.
     - CVE-2016-8623
   * SECURITY UPDATE: invalid URL parsing with #
     - debian/patches/CVE-2016-8624.patch: accept # as end of host name in
       lib/url.c.
     - CVE-2016-8624
Checksums-Sha1:
 e031c2c07f48d7ccdcfd0ed2bb9a5b4b15944582 2789 curl_7.50.1-1ubuntu2.dsc
 c3647580115f6f26b0a7a38ec16a45caf750d4c0 38460 curl_7.50.1-1ubuntu2.debian.tar.xz
Checksums-Sha256:
 c088cd763475132dfee5637aaba678a55e56e292d5d99dc11ecceb7223d64617 2789 curl_7.50.1-1ubuntu2.dsc
 d56a72fca3a2e6233dd63ff94e53b9450a81f9ca541aa6c58e0a722b9d042934 38460 curl_7.50.1-1ubuntu2.debian.tar.xz
Files:
 da9713fa9eea12b2e88f12523ab58879 2789 web optional curl_7.50.1-1ubuntu2.dsc
 53bbaab31ef2a17bb5a4a821b9eec852 38460 web optional curl_7.50.1-1ubuntu2.debian.tar.xz
Original-Maintainer: Alessandro Ghedini <ghedo at debian.org>

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCgAGBQJYG4SHAAoJEGVp2FWnRL6TFl4QALOPGm3OGjvO/vMz8Fa/bMkm
npezBbm5sZIwasJ9gb5abwkuVcYlloVqIMjEFw5Hbk0JTsRau1ZvgbZNGvobfRFM
sd5UsasgGBlQqWTNBqHTEg7TADlQAMf/P2FaZqNceRrFhiXIr+JwTUev7cTp+K8W
DLVhM2QefOnx5/A9m1obhYazr0QFw4R/yAcwgO1vmrNKL1PFzP/I35Cwe1O6MklM
IIWItD9EkQ5YwdCY1b2CGvDHoBsWMTiGvBz/Vjrjl8H2qwD9ljGGA5w5IhIFDTLS
qAdVeJTTKssr4WHF8sYXLR+/jZS2okpG1RYZqLQlLTAOteXMrJaun7wK1XeKFMq5
xkEYH5ekBznrcCqlXqqdzXV3UF4p0uI82IMKexoP8++o3ymCPO9yaEV5ym0O8LOA
EBt3QVj7/F9KUiXBUk7QVkqJRFF4wC9OsVzttL8jkwPY9pomNYlojRdymXPcB5+Y
bgof7vNFcso1PfeaFnEhMHGlxnc8CQCyZdhUun0HzA6z2N8oa9ZMpiXJtzGrqkr1
ozrH96rOd/rXT3AINcW0M74B1Rrmf6DYnBwzU8vcF6mhSzJkG2tYXpUmLTMLSVAQ
FbuLHgUn7/GqiB7Q3lcTJ7llpGNqDZO/DaDIOkMGQQvNxXWnWy50qDywGIVB3yob
FF+qo36lvGGV6K35snjd
=XB91
-----END PGP SIGNATURE-----

More information about the Zesty-changes mailing list