Publishing details
Changelog
curl (7.35.0-1ubuntu2) trusty; urgency=medium
* SECURITY UPDATE: wrong re-use of connections
- debian/patches/CVE-2014-0138.patch: fix possible issues with NTLM
HTTP logic, and extend new connection logic to other protocols in
lib/http.c, lib/url.c, lib/urldata.h, add new tests to
tests/data/Makefile.am, tests/data/test1418, tests/data/test1419.
- CVE-2014-0138
* SECURITY UPDATE: incorrect wildcard SSL certificate validation with
literal IP addresses
- debian/patches/CVE-2014-0139.patch: fix wildcard logic in
lib/hostcheck.c, added tests to tests/data/Makefile.am,
tests/data/test1397, tests/unit/Makefile.inc, tests/unit/unit1397.c.
- CVE-2014-0139
* debian/patches/fix_test172.path: fix expired cookie causing test to
fail.
-- Marc Deslauriers <email address hidden> Tue, 01 Apr 2014 09:25:23 -0400
Builds
Built packages
-
curl
command line tool for transferring data with URL syntax
-
curl-udeb
Get a file from an HTTP, HTTPS or FTP server
-
libcurl3
easy-to-use client-side URL transfer library (OpenSSL flavour)
-
libcurl3-dbg
debugging symbols for libcurl (OpenSSL, GnuTLS and NSS flavours)
-
libcurl3-gnutls
easy-to-use client-side URL transfer library (GnuTLS flavour)
-
libcurl3-nss
easy-to-use client-side URL transfer library (NSS flavour)
-
libcurl3-udeb
Multi-protocol file transfer library (OpenSSL)
-
libcurl4-doc
documentation for libcurl
-
libcurl4-gnutls-dev
development files and documentation for libcurl (GnuTLS flavour)
-
libcurl4-nss-dev
development files and documentation for libcurl (NSS flavour)
-
libcurl4-openssl-dev
development files and documentation for libcurl (OpenSSL flavour)
Package files