Ubuntu
curl package

curl 7.85.0-1ubuntu0.1 source package in Ubuntu

Changelog

curl (7.85.0-1ubuntu0.1) kinetic-security; urgency=medium

  * SECURITY UPDATE: POST following PUT confusion
    - debian/patches/CVE-2022-32221.patch: when POST is set, reset the
      'upload' field in lib/setopt.c.
    - CVE-2022-32221
  * SECURITY UPDATE: .netrc parser out-of-bounds access
    - debian/patches/CVE-2022-35260.patch: replace fgets with Curl_get_line
      in lib/curl_get_line.c, lib/netrc.c.
    - CVE-2022-35260
  * SECURITY UPDATE: HTTP proxy double-free
    - debian/patches/CVE-2022-42915.patch: restore the protocol pointer on
      error in lib/http_proxy.c, lib/url.c.
    - CVE-2022-42915
  * SECURITY UPDATE: HSTS bypass via IDN
    - debian/patches/CVE-2022-42916.patch: use IDN decoded names for HSTS
      checks in lib/url.c.
    - CVE-2022-42916

 -- Marc Deslauriers <email address hidden>  Wed, 26 Oct 2022 06:47:08 -0400

Upload details

Uploaded by:
Marc Deslauriers
Uploaded to:
Kinetic
Original maintainer:
Ubuntu Developers
Architectures:
any all
Section:
web
Urgency:
Medium Urgency

See full publishing history Publishing

Series Pocket Published Component Section

Downloads

File Size SHA-256 Checksum
curl_7.85.0.orig.tar.gz 4.0 MiB 78a06f918bd5fde3c4573ef4f9806f56372b32ec1829c9ec474799eeee641c27
curl_7.85.0.orig.tar.gz.asc 488 bytes 6794e4b59dea9dee2c6373be4e1b1cded5c8a9aea8bbf58c3e97f3adfe8d8474
curl_7.85.0-1ubuntu0.1.debian.tar.xz 39.8 KiB 176af43a15d9e9a5da1683ff8f1a2f2e207afdb537ea9941587e14035a7672da
curl_7.85.0-1ubuntu0.1.dsc 3.0 KiB 0e99154540f477dc4d3641357a89d36ba720767caaa2c62fbb5504be686885fe

View changes file

Binary packages built by this source

curl: No summary available for curl in ubuntu kinetic.

No description available for curl in ubuntu kinetic.

curl-dbgsym: debug symbols for curl
libcurl3-gnutls: easy-to-use client-side URL transfer library (GnuTLS flavour)

 libcurl is an easy-to-use client-side URL transfer library, supporting DICT,
 FILE, FTP, FTPS, GOPHER, HTTP, HTTPS, IMAP, IMAPS, LDAP, LDAPS, POP3, POP3S,
 RTMP, RTSP, SCP, SFTP, SMTP, SMTPS, TELNET and TFTP.
 .
 libcurl supports SSL certificates, HTTP POST, HTTP PUT, FTP uploading, HTTP
 form based upload, proxies, cookies, user+password authentication (Basic,
 Digest, NTLM, Negotiate, Kerberos), file transfer resume, http proxy tunneling
 and more!
 .
 libcurl is free, thread-safe, IPv6 compatible, feature rich, well supported,
 fast, thoroughly documented and is already used by many known, big and
 successful companies and numerous applications.
 .
 SSL support is provided by GnuTLS.

libcurl3-gnutls-dbgsym: debug symbols for libcurl3-gnutls
libcurl3-nss: easy-to-use client-side URL transfer library (NSS flavour)

 libcurl is an easy-to-use client-side URL transfer library, supporting DICT,
 FILE, FTP, FTPS, GOPHER, HTTP, HTTPS, IMAP, IMAPS, LDAP, LDAPS, POP3, POP3S,
 RTMP, RTSP, SCP, SFTP, SMTP, SMTPS, TELNET and TFTP.
 .
 libcurl supports SSL certificates, HTTP POST, HTTP PUT, FTP uploading, HTTP
 form based upload, proxies, cookies, user+password authentication (Basic,
 Digest, NTLM, Negotiate, Kerberos), file transfer resume, http proxy tunneling
 and more!
 .
 libcurl is free, thread-safe, IPv6 compatible, feature rich, well supported,
 fast, thoroughly documented and is already used by many known, big and
 successful companies and numerous applications.
 .
 SSL support is provided by NSS.

libcurl3-nss-dbgsym: No summary available for libcurl3-nss-dbgsym in ubuntu kinetic.

No description available for libcurl3-nss-dbgsym in ubuntu kinetic.

libcurl4: easy-to-use client-side URL transfer library (OpenSSL flavour)

 libcurl is an easy-to-use client-side URL transfer library, supporting DICT,
 FILE, FTP, FTPS, GOPHER, HTTP, HTTPS, IMAP, IMAPS, LDAP, LDAPS, POP3, POP3S,
 RTMP, RTSP, SCP, SFTP, SMTP, SMTPS, TELNET and TFTP.
 .
 libcurl supports SSL certificates, HTTP POST, HTTP PUT, FTP uploading, HTTP
 form based upload, proxies, cookies, user+password authentication (Basic,
 Digest, NTLM, Negotiate, Kerberos), file transfer resume, http proxy tunneling
 and more!
 .
 libcurl is free, thread-safe, IPv6 compatible, feature rich, well supported,
 fast, thoroughly documented and is already used by many known, big and
 successful companies and numerous applications.
 .
 SSL support is provided by OpenSSL.

libcurl4-dbgsym: debug symbols for libcurl4
libcurl4-doc: documentation for libcurl

 libcurl is an easy-to-use client-side URL transfer library, supporting DICT,
 FILE, FTP, FTPS, GOPHER, HTTP, HTTPS, IMAP, IMAPS, LDAP, LDAPS, POP3, POP3S,
 RTMP, RTSP, SCP, SFTP, SMTP, SMTPS, TELNET and TFTP.
 .
 libcurl supports SSL certificates, HTTP POST, HTTP PUT, FTP uploading, HTTP
 form based upload, proxies, cookies, user+password authentication (Basic,
 Digest, NTLM, Negotiate, Kerberos), file transfer resume, http proxy tunneling
 and more!
 .
 libcurl is free, thread-safe, IPv6 compatible, feature rich, well supported,
 fast, thoroughly documented and is already used by many known, big and
 successful companies and numerous applications.
 .
 This package provides the documentation files for libcurl.

libcurl4-gnutls-dev: development files and documentation for libcurl (GnuTLS flavour)

 libcurl is an easy-to-use client-side URL transfer library, supporting DICT,
 FILE, FTP, FTPS, GOPHER, HTTP, HTTPS, IMAP, IMAPS, LDAP, LDAPS, POP3, POP3S,
 RTMP, RTSP, SCP, SFTP, SMTP, SMTPS, TELNET and TFTP.
 .
 libcurl supports SSL certificates, HTTP POST, HTTP PUT, FTP uploading, HTTP
 form based upload, proxies, cookies, user+password authentication (Basic,
 Digest, NTLM, Negotiate, Kerberos), file transfer resume, http proxy tunneling
 and more!
 .
 libcurl is free, thread-safe, IPv6 compatible, feature rich, well supported,
 fast, thoroughly documented and is already used by many known, big and
 successful companies and numerous applications.
 .
 This package provides the development files (ie. includes, static library,
 manual pages) that allow one to build software which uses libcurl.
 .
 SSL support is provided by GnuTLS.

libcurl4-nss-dev: development files and documentation for libcurl (NSS flavour)

 libcurl is an easy-to-use client-side URL transfer library, supporting DICT,
 FILE, FTP, FTPS, GOPHER, HTTP, HTTPS, IMAP, IMAPS, LDAP, LDAPS, POP3, POP3S,
 RTMP, RTSP, SCP, SFTP, SMTP, SMTPS, TELNET and TFTP.
 .
 libcurl supports SSL certificates, HTTP POST, HTTP PUT, FTP uploading, HTTP
 form based upload, proxies, cookies, user+password authentication (Basic,
 Digest, NTLM, Negotiate, Kerberos), file transfer resume, http proxy tunneling
 and more!
 .
 libcurl is free, thread-safe, IPv6 compatible, feature rich, well supported,
 fast, thoroughly documented and is already used by many known, big and
 successful companies and numerous applications.
 .
 This package provides the development files (ie. includes, static library,
 manual pages) that allow one to build software which uses libcurl.
 .
 SSL support is provided by NSS.

libcurl4-openssl-dev: No summary available for libcurl4-openssl-dev in ubuntu kinetic.

No description available for libcurl4-openssl-dev in ubuntu kinetic.