curl 7.38.0-4+deb8u5 source package in Debian

Changelog

curl (7.38.0-4+deb8u5) jessie-security; urgency=high

  * Fix cookie injection for other servers as per CVE-2016-8615
    https://curl.haxx.se/docs/adv_20161102A.html
  * Fix case insensitive password comparison as per CVE-2016-8616
    https://curl.haxx.se/docs/adv_20161102B.html
  * Fix OOB write via unchecked multiplication as per CVE-2016-8617
    https://curl.haxx.se/docs/adv_20161102C.html
  * Fix double-free in curl_maprintf as per CVE-2016-8618
    https://curl.haxx.se/docs/adv_20161102D.html
  * Fix double-free in krb5 code as per CVE-2016-8619
    https://curl.haxx.se/docs/adv_20161102E.html
  * Fix glob parser write/read out of bounds as per CVE-2016-8620
    https://curl.haxx.se/docs/adv_20161102F.html
  * Fix curl_getdate read out of bounds as per CVE-2016-8621
    https://curl.haxx.se/docs/adv_20161102G.html
  * Fix URL unescape heap overflow via integer truncation as per CVE-2016-8622
    https://curl.haxx.se/docs/adv_20161102H.html
  * Fix use-after-free via shared cookies as per CVE-2016-8623
    https://curl.haxx.se/docs/adv_20161102I.html
  * Fix invalid URL parsing with '#' as per CVE-2016-8624
    https://curl.haxx.se/docs/adv_20161102J.html

 -- Alessandro Ghedini <email address hidden>  Tue, 01 Nov 2016 21:38:10 +0000

Upload details

Uploaded by:
Alessandro Ghedini on 2017-01-14
Uploaded to:
Jessie
Original maintainer:
Alessandro Ghedini
Architectures:
any all
Section:
libs
Urgency:
Very Urgent

See full publishing history Publishing

Series Pocket Published Component Section

Builds

Downloads

File Size SHA-256 Checksum
curl_7.38.0-4+deb8u5.dsc 2.6 KiB 2b5e0bf7ea27efaa23d3274a487227436a8b6777dc571c957ae1c9fb4e455d8d
curl_7.38.0.orig.tar.gz 3.9 MiB 5661028aa6532882fa228cd23c99ddbb8b87643dbb1a7ea55c068d34a943dff1
curl_7.38.0-4+deb8u5.debian.tar.xz 39.3 KiB 3f917091d1694a77852fe05293dafff079382e70d93f62f7de5c61f1812cf69d

No changes file available.

Binary packages built by this source