curl 7.85.0-1ubuntu0.3 source package in Ubuntu
Changelog
curl (7.85.0-1ubuntu0.3) kinetic-security; urgency=medium * SECURITY UPDATE: multiple HSTS issues - debian/patches/CVE-2023-23914_5-1.patch: add sharing of HSTS cache among handles in docs/libcurl/opts/CURLSHOPT_SHARE.3, docs/libcurl/symbols-in-versions, include/curl/curl.h, lib/hsts.c, lib/hsts.h, lib/setopt.c, lib/share.c, lib/share.h, lib/transfer.c, lib/url.c, lib/urldata.h. - debian/patches/CVE-2023-23914_5-2.patch: share HSTS between handles in src/tool_operate.c. - debian/patches/CVE-2023-23914_5-3.patch: handle adding the same host name again in lib/hsts.c. - debian/patches/CVE-2023-23914_5-4.patch: support crlf="yes" for verify/proxy in tests/FILEFORMAT.md, tests/runtests.pl. - debian/patches/CVE-2023-23914_5-5.patch: verify hsts with two URLs in tests/data/Makefile.inc, tests/data/test446. - CVE-2023-23914 - CVE-2023-23915 * SECURITY UPDATE: HTTP multi-header compression denial of service - debian/patches/CVE-2023-23916-pre1.patch: do CRLF replacements in tests/FILEFORMAT.md, tests/data/test1, tests/runtests.pl. - debian/patches/CVE-2023-23916.patch: do not reset stage counter for each header in lib/content_encoding.c, lib/urldata.h, tests/data/Makefile.inc, tests/data/test387, tests/data/test418. - CVE-2023-23916 -- Marc Deslauriers <email address hidden> Wed, 15 Feb 2023 08:12:14 -0500
Upload details
- Uploaded by:
- Marc Deslauriers
- Uploaded to:
- Kinetic
- Original maintainer:
- Ubuntu Developers
- Architectures:
- any all
- Section:
- web
- Urgency:
- Medium Urgency
See full publishing history Publishing
Series | Published | Component | Section |
---|
Downloads
File | Size | SHA-256 Checksum |
---|---|---|
curl_7.85.0.orig.tar.gz | 4.0 MiB | 78a06f918bd5fde3c4573ef4f9806f56372b32ec1829c9ec474799eeee641c27 |
curl_7.85.0.orig.tar.gz.asc | 488 bytes | 6794e4b59dea9dee2c6373be4e1b1cded5c8a9aea8bbf58c3e97f3adfe8d8474 |
curl_7.85.0-1ubuntu0.3.debian.tar.xz | 47.8 KiB | 61db32e4cb0b0e306fc1581b80fb57dd5d2822c791f6105523bab813b0f55f6f |
curl_7.85.0-1ubuntu0.3.dsc | 3.0 KiB | b138dab1f89873267f18e16d246a7f4549c61bc7e893ed0bbf9c80dd06cfa7ab |
Available diffs
Binary packages built by this source
- curl: No summary available for curl in ubuntu kinetic.
No description available for curl in ubuntu kinetic.
- curl-dbgsym: No summary available for curl-dbgsym in ubuntu kinetic.
No description available for curl-dbgsym in ubuntu kinetic.
- libcurl3-gnutls: No summary available for libcurl3-gnutls in ubuntu kinetic.
No description available for libcurl3-gnutls in ubuntu kinetic.
- libcurl3-gnutls-dbgsym: No summary available for libcurl3-gnutls-dbgsym in ubuntu kinetic.
No description available for libcurl3-
gnutls- dbgsym in ubuntu kinetic.
- libcurl3-nss: No summary available for libcurl3-nss in ubuntu kinetic.
No description available for libcurl3-nss in ubuntu kinetic.
- libcurl3-nss-dbgsym: No summary available for libcurl3-nss-dbgsym in ubuntu kinetic.
No description available for libcurl3-nss-dbgsym in ubuntu kinetic.
- libcurl4: No summary available for libcurl4 in ubuntu kinetic.
No description available for libcurl4 in ubuntu kinetic.
- libcurl4-dbgsym: No summary available for libcurl4-dbgsym in ubuntu kinetic.
No description available for libcurl4-dbgsym in ubuntu kinetic.
- libcurl4-doc: No summary available for libcurl4-doc in ubuntu kinetic.
No description available for libcurl4-doc in ubuntu kinetic.
- libcurl4-gnutls-dev: No summary available for libcurl4-gnutls-dev in ubuntu kinetic.
No description available for libcurl4-gnutls-dev in ubuntu kinetic.
- libcurl4-nss-dev: No summary available for libcurl4-nss-dev in ubuntu kinetic.
No description available for libcurl4-nss-dev in ubuntu kinetic.
- libcurl4-openssl-dev: No summary available for libcurl4-openssl-dev in ubuntu kinetic.
No description available for libcurl4-
openssl- dev in ubuntu kinetic.