Publishing details

Published on 2023-03-20
Copied from ubuntu bionic in Private PPA for Ubuntu Security Team by Marc Deslauriers

Changelog

curl (7.58.0-2ubuntu3.24) bionic-security; urgency=medium

  * SECURITY UPDATE: TELNET option IAC injection
    - debian/patches/CVE-2023-27533.patch: only accept option arguments in
      ascii in lib/telnet.c.
    - CVE-2023-27533
  * SECURITY UPDATE: SFTP path ~ resolving discrepancy
    - debian/patches/CVE-2023-27534-pre1.patch: do not add '/' if homedir
      ends with one in lib/curl_path.c.
    - debian/patches/CVE-2023-27534.patch: properly handle tilde character
      in lib/curl_path.c.
    - CVE-2023-27534
  * SECURITY UPDATE: FTP too eager connection reuse
    - debian/patches/CVE-2023-27535.patch: add more conditions for
      connection reuse in lib/ftp.c, lib/ftp.h, lib/url.c, lib/urldata.h.
    - CVE-2023-27535
  * SECURITY UPDATE: GSS delegation too eager connection re-use
    - debian/patches/CVE-2023-27536.patch: only reuse connections with same
      GSS delegation in lib/url.c, lib/urldata.h.
    - CVE-2023-27536
  * SECURITY UPDATE: SSH connection too eager reuse still
    - debian/patches/CVE-2023-27538.patch: fix the SSH connection reuse
      check in lib/url.c.
    - CVE-2023-27538

 -- Marc Deslauriers <email address hidden>  Wed, 15 Mar 2023 08:58:03 -0400

Available diffs

Builds

Built packages

curl command line tool for transferring data with URL syntax

curl-dbgsym debug symbols for curl

libcurl3-gnutls easy-to-use client-side URL transfer library (GnuTLS flavour)

libcurl3-gnutls-dbgsym debug symbols for libcurl3-gnutls

libcurl3-nss easy-to-use client-side URL transfer library (NSS flavour)

libcurl3-nss-dbgsym debug symbols for libcurl3-nss

libcurl4 easy-to-use client-side URL transfer library (OpenSSL flavour)

libcurl4-dbgsym debug symbols for libcurl4

libcurl4-doc documentation for libcurl

libcurl4-gnutls-dev development files and documentation for libcurl (GnuTLS flavour)

libcurl4-nss-dev development files and documentation for libcurl (NSS flavour)

libcurl4-openssl-dev development files and documentation for libcurl (OpenSSL flavour)

Package files

curl-dbgsym_7.58.0-2ubuntu3.24_amd64.ddeb (138.5 KiB)
curl-dbgsym_7.58.0-2ubuntu3.24_arm64.ddeb (141.4 KiB)
curl-dbgsym_7.58.0-2ubuntu3.24_armhf.ddeb (135.5 KiB)
curl-dbgsym_7.58.0-2ubuntu3.24_i386.ddeb (125.1 KiB)
curl-dbgsym_7.58.0-2ubuntu3.24_ppc64el.ddeb (143.9 KiB)
curl-dbgsym_7.58.0-2ubuntu3.24_s390x.ddeb (146.9 KiB)
curl_7.58.0-2ubuntu3.24.debian.tar.xz (75.7 KiB)
curl_7.58.0-2ubuntu3.24.dsc (2.7 KiB)
curl_7.58.0-2ubuntu3.24_amd64.deb (155.0 KiB)
curl_7.58.0-2ubuntu3.24_arm64.deb (148.4 KiB)
curl_7.58.0-2ubuntu3.24_armhf.deb (148.8 KiB)
curl_7.58.0-2ubuntu3.24_i386.deb (158.4 KiB)
curl_7.58.0-2ubuntu3.24_ppc64el.deb (154.7 KiB)
curl_7.58.0-2ubuntu3.24_s390x.deb (151.6 KiB)
curl_7.58.0.orig.tar.gz (3.7 MiB)
libcurl3-gnutls-dbgsym_7.58.0-2ubuntu3.24_amd64.ddeb (1.2 MiB)
libcurl3-gnutls-dbgsym_7.58.0-2ubuntu3.24_arm64.ddeb (1.3 MiB)
libcurl3-gnutls-dbgsym_7.58.0-2ubuntu3.24_armhf.ddeb (1.2 MiB)
libcurl3-gnutls-dbgsym_7.58.0-2ubuntu3.24_i386.ddeb (1.1 MiB)
libcurl3-gnutls-dbgsym_7.58.0-2ubuntu3.24_ppc64el.ddeb (1.4 MiB)
libcurl3-gnutls-dbgsym_7.58.0-2ubuntu3.24_s390x.ddeb (1.3 MiB)
libcurl3-gnutls_7.58.0-2ubuntu3.24_amd64.deb (213.6 KiB)
libcurl3-gnutls_7.58.0-2ubuntu3.24_arm64.deb (179.6 KiB)
libcurl3-gnutls_7.58.0-2ubuntu3.24_armhf.deb (182.7 KiB)
libcurl3-gnutls_7.58.0-2ubuntu3.24_i386.deb (237.5 KiB)
libcurl3-gnutls_7.58.0-2ubuntu3.24_ppc64el.deb (219.0 KiB)
libcurl3-gnutls_7.58.0-2ubuntu3.24_s390x.deb (195.8 KiB)
libcurl3-nss-dbgsym_7.58.0-2ubuntu3.24_amd64.ddeb (1.3 MiB)
libcurl3-nss-dbgsym_7.58.0-2ubuntu3.24_arm64.ddeb (1.3 MiB)
libcurl3-nss-dbgsym_7.58.0-2ubuntu3.24_armhf.ddeb (1.2 MiB)
libcurl3-nss-dbgsym_7.58.0-2ubuntu3.24_i386.ddeb (1.2 MiB)
libcurl3-nss-dbgsym_7.58.0-2ubuntu3.24_ppc64el.ddeb (1.4 MiB)
libcurl3-nss-dbgsym_7.58.0-2ubuntu3.24_s390x.ddeb (1.3 MiB)
libcurl3-nss_7.58.0-2ubuntu3.24_amd64.deb (219.8 KiB)
libcurl3-nss_7.58.0-2ubuntu3.24_arm64.deb (185.8 KiB)
libcurl3-nss_7.58.0-2ubuntu3.24_armhf.deb (188.4 KiB)
libcurl3-nss_7.58.0-2ubuntu3.24_i386.deb (243.3 KiB)
libcurl3-nss_7.58.0-2ubuntu3.24_ppc64el.deb (226.1 KiB)
libcurl3-nss_7.58.0-2ubuntu3.24_s390x.deb (202.2 KiB)
libcurl4-dbgsym_7.58.0-2ubuntu3.24_amd64.ddeb (1.3 MiB)
libcurl4-dbgsym_7.58.0-2ubuntu3.24_arm64.ddeb (1.3 MiB)
libcurl4-dbgsym_7.58.0-2ubuntu3.24_armhf.ddeb (1.2 MiB)
libcurl4-dbgsym_7.58.0-2ubuntu3.24_i386.ddeb (1.2 MiB)
libcurl4-dbgsym_7.58.0-2ubuntu3.24_ppc64el.ddeb (1.4 MiB)
libcurl4-dbgsym_7.58.0-2ubuntu3.24_s390x.ddeb (1.3 MiB)
libcurl4-doc_7.58.0-2ubuntu3.24_all.deb (815.5 KiB)
libcurl4-gnutls-dev_7.58.0-2ubuntu3.24_amd64.deb (294.4 KiB)
libcurl4-gnutls-dev_7.58.0-2ubuntu3.24_arm64.deb (268.7 KiB)
libcurl4-gnutls-dev_7.58.0-2ubuntu3.24_armhf.deb (270.1 KiB)
libcurl4-gnutls-dev_7.58.0-2ubuntu3.24_i386.deb (327.9 KiB)
libcurl4-gnutls-dev_7.58.0-2ubuntu3.24_ppc64el.deb (315.3 KiB)
libcurl4-gnutls-dev_7.58.0-2ubuntu3.24_s390x.deb (281.3 KiB)
libcurl4-nss-dev_7.58.0-2ubuntu3.24_amd64.deb (300.6 KiB)
libcurl4-nss-dev_7.58.0-2ubuntu3.24_arm64.deb (274.8 KiB)
libcurl4-nss-dev_7.58.0-2ubuntu3.24_armhf.deb (275.9 KiB)
libcurl4-nss-dev_7.58.0-2ubuntu3.24_i386.deb (334.4 KiB)
libcurl4-nss-dev_7.58.0-2ubuntu3.24_ppc64el.deb (323.2 KiB)
libcurl4-nss-dev_7.58.0-2ubuntu3.24_s390x.deb (287.7 KiB)
libcurl4-openssl-dev_7.58.0-2ubuntu3.24_amd64.deb (295.6 KiB)
libcurl4-openssl-dev_7.58.0-2ubuntu3.24_arm64.deb (269.3 KiB)
libcurl4-openssl-dev_7.58.0-2ubuntu3.24_armhf.deb (271.4 KiB)
libcurl4-openssl-dev_7.58.0-2ubuntu3.24_i386.deb (329.9 KiB)
libcurl4-openssl-dev_7.58.0-2ubuntu3.24_ppc64el.deb (312.6 KiB)
libcurl4-openssl-dev_7.58.0-2ubuntu3.24_s390x.deb (282.1 KiB)
libcurl4_7.58.0-2ubuntu3.24_amd64.deb (215.3 KiB)
libcurl4_7.58.0-2ubuntu3.24_arm64.deb (180.5 KiB)
libcurl4_7.58.0-2ubuntu3.24_armhf.deb (183.9 KiB)
libcurl4_7.58.0-2ubuntu3.24_i386.deb (240.1 KiB)
libcurl4_7.58.0-2ubuntu3.24_ppc64el.deb (218.3 KiB)
libcurl4_7.58.0-2ubuntu3.24_s390x.deb (197.1 KiB)