curl 7.51.0-1 source package in Debian

Changelog

curl (7.51.0-1) unstable; urgency=medium

  * New upstream release
    - Fix cookie injection for other servers as per CVE-2016-8615
      https://curl.haxx.se/docs/adv_20161102A.html
    - Fix case insensitive password comparison as per CVE-2016-8616
      https://curl.haxx.se/docs/adv_20161102B.html
    - Fix OOB write via unchecked multiplication as per CVE-2016-8617
      https://curl.haxx.se/docs/adv_20161102C.html
    - Fix double-free in curl_maprintf as per CVE-2016-8618
      https://curl.haxx.se/docs/adv_20161102D.html
    - Fix double-free in krb5 code as per CVE-2016-8619
      https://curl.haxx.se/docs/adv_20161102E.html
    - Fix glob parser write/read out of bounds as per CVE-2016-8620
      https://curl.haxx.se/docs/adv_20161102F.html
    - Fix curl_getdate read out of bounds as per CVE-2016-8621
      https://curl.haxx.se/docs/adv_20161102G.html
    - Fix URL unescape heap overflow via integer truncation as per CVE-2016-8622
      https://curl.haxx.se/docs/adv_20161102H.html
    - Fix use-after-free via shared cookies as per CVE-2016-8623
      https://curl.haxx.se/docs/adv_20161102I.html
    - Fix invalid URL parsing with '#' as per CVE-2016-8624
      https://curl.haxx.se/docs/adv_20161102J.html
    - Fix IDNA 2003 makes curl use wrong host
      https://curl.haxx.se/docs/adv_20161102K.html
    - Fix escape and unescape integer overflows as
      per CVE-2016-7167 (Closes: #837945)
      https://curl.haxx.se/docs/adv_20160914.html
    - Fix incorrect reuse of client certificates (NSS backend)
      as per CVE-2016-7141 (Closes: #836918)
      https://curl.haxx.se/docs/adv_20160907.html
  * Drop 02_art_http_scripting.patch (file not shipped anymore)
  * Refresh patches
  * Temporarily disable IDN support
  * Don't install pdf and html docs (they are not shipped in the tarball anymore)
  * Install markdown docs

 -- Alessandro Ghedini <email address hidden>  Thu, 03 Nov 2016 22:46:14 +0000

Upload details

Uploaded by:
Alessandro Ghedini on 2016-11-04
Uploaded to:
Sid
Original maintainer:
Alessandro Ghedini
Architectures:
any all
Section:
libs
Urgency:
Medium Urgency

See full publishing history Publishing

Series Pocket Published Component Section

Builds

Downloads

File Size SHA-256 Checksum
curl_7.51.0-1.dsc 2.6 KiB e139d0221798b98174533e4219c7841bd1880a85ce776fb44d9d67d3e9c77808
curl_7.51.0.orig.tar.gz 3.3 MiB 65b5216a6fbfa72f547eb7706ca5902d7400db9868269017a8888aa91d87977c
curl_7.51.0-1.debian.tar.xz 26.4 KiB be7ec42a13fc8167a5dd8bd092324594f05632b8eb7faef94128281310cc7e6f

No changes file available.

Binary packages built by this source