Publishing details

Removed from disk on 2018-05-17.
Removal requested on 2018-05-17.
Superseded on 2018-05-16 by curl - 7.47.0-1ubuntu2.8
Published on 2018-03-15
Copied from ubuntu xenial in PPA for Ubuntu Security Proposed by Ubuntu Archive Robot

Changelog

curl (7.47.0-1ubuntu2.7) xenial-security; urgency=medium

  * SECURITY UPDATE: FTP path trickery leads to NIL byte OOB write
    - debian/patches/CVE-2018-1000120-pre1.patch: avoid using
      curl_easy_unescape() internally in lib/ftp.c.
    - debian/patches/CVE-2018-1000120-pre2.patch: URL decode path for dir
      listing in nocwd mode in lib/ftp.c, add test to tests/*.
    - debian/patches/CVE-2018-1000120-pre3.patch: remove dead code in
      ftp_done in lib/ftp.c.
    - debian/patches/CVE-2018-1000120-pre4.patch: don't clobber the passed
      in error code in lib/ftp.c.
    - debian/patches/CVE-2018-1000120.patch: reject path components with
      control codes in lib/ftp.c, add test to tests/*.
    - CVE-2018-1000120
  * SECURITY UPDATE: LDAP NULL pointer dereference
    - debian/patches/CVE-2018-1000121.patch: check ldap_get_attribute_ber()
      results for NULL before using in lib/openldap.c.
    - CVE-2018-1000121
  * SECURITY UPDATE: RTSP RTP buffer over-read
    - debian/patches/CVE-2018-1000122.patch: make sure excess reads don't
      go beyond buffer end in lib/transfer.c.
    - CVE-2018-1000122

 -- Marc Deslauriers <email address hidden>  Wed, 14 Mar 2018 09:04:46 -0400

Available diffs

diff from 7.47.0-1ubuntu2.6 (in ~ubuntu-security/ubuntu/ppa) to 7.47.0-1ubuntu2.7 (5.9 KiB)
diff from 7.47.0-1ubuntu2.5 to 7.47.0-1ubuntu2.7 (pending)

Builds

Package files

curl-dbgsym_7.47.0-1ubuntu2.7_amd64.ddeb (1.1 KiB)
curl-dbgsym_7.47.0-1ubuntu2.7_arm64.ddeb (1.1 KiB)
curl-dbgsym_7.47.0-1ubuntu2.7_armhf.ddeb (1.1 KiB)
curl-dbgsym_7.47.0-1ubuntu2.7_i386.ddeb (1.1 KiB)
curl-dbgsym_7.47.0-1ubuntu2.7_powerpc.ddeb (1.1 KiB)
curl-dbgsym_7.47.0-1ubuntu2.7_ppc64el.ddeb (1.1 KiB)
curl-dbgsym_7.47.0-1ubuntu2.7_s390x.ddeb (1.1 KiB)
curl_7.47.0-1ubuntu2.7.debian.tar.xz (49.9 KiB)
curl_7.47.0-1ubuntu2.7.dsc (2.6 KiB)
curl_7.47.0-1ubuntu2.7_amd64.deb (135.2 KiB)
curl_7.47.0-1ubuntu2.7_arm64.deb (129.7 KiB)
curl_7.47.0-1ubuntu2.7_armhf.deb (131.7 KiB)
curl_7.47.0-1ubuntu2.7_i386.deb (138.3 KiB)
curl_7.47.0-1ubuntu2.7_powerpc.deb (132.1 KiB)
curl_7.47.0-1ubuntu2.7_ppc64el.deb (133.1 KiB)
curl_7.47.0-1ubuntu2.7_s390x.deb (133.6 KiB)
curl_7.47.0.orig.tar.gz (4.4 MiB)
libcurl3-dbg_7.47.0-1ubuntu2.7_amd64.deb (3.3 MiB)
libcurl3-dbg_7.47.0-1ubuntu2.7_arm64.deb (3.4 MiB)
libcurl3-dbg_7.47.0-1ubuntu2.7_armhf.deb (3.3 MiB)
libcurl3-dbg_7.47.0-1ubuntu2.7_i386.deb (3.1 MiB)
libcurl3-dbg_7.47.0-1ubuntu2.7_powerpc.deb (3.4 MiB)
libcurl3-dbg_7.47.0-1ubuntu2.7_ppc64el.deb (3.5 MiB)
libcurl3-dbg_7.47.0-1ubuntu2.7_s390x.deb (3.4 MiB)
libcurl3-dbgsym_7.47.0-1ubuntu2.7_amd64.ddeb (1.2 KiB)
libcurl3-dbgsym_7.47.0-1ubuntu2.7_arm64.ddeb (1.2 KiB)
libcurl3-dbgsym_7.47.0-1ubuntu2.7_armhf.ddeb (1.2 KiB)
libcurl3-dbgsym_7.47.0-1ubuntu2.7_i386.ddeb (1.2 KiB)
libcurl3-dbgsym_7.47.0-1ubuntu2.7_powerpc.ddeb (1.2 KiB)
libcurl3-dbgsym_7.47.0-1ubuntu2.7_ppc64el.ddeb (1.2 KiB)
libcurl3-dbgsym_7.47.0-1ubuntu2.7_s390x.ddeb (1.2 KiB)
libcurl3-gnutls-dbgsym_7.47.0-1ubuntu2.7_amd64.ddeb (1.2 KiB)
libcurl3-gnutls-dbgsym_7.47.0-1ubuntu2.7_arm64.ddeb (1.2 KiB)
libcurl3-gnutls-dbgsym_7.47.0-1ubuntu2.7_armhf.ddeb (1.2 KiB)
libcurl3-gnutls-dbgsym_7.47.0-1ubuntu2.7_i386.ddeb (1.2 KiB)
libcurl3-gnutls-dbgsym_7.47.0-1ubuntu2.7_powerpc.ddeb (1.2 KiB)
libcurl3-gnutls-dbgsym_7.47.0-1ubuntu2.7_ppc64el.ddeb (1.2 KiB)
libcurl3-gnutls-dbgsym_7.47.0-1ubuntu2.7_s390x.ddeb (1.2 KiB)
libcurl3-gnutls_7.47.0-1ubuntu2.7_amd64.deb (180.5 KiB)
libcurl3-gnutls_7.47.0-1ubuntu2.7_arm64.deb (149.5 KiB)
libcurl3-gnutls_7.47.0-1ubuntu2.7_armhf.deb (156.5 KiB)
libcurl3-gnutls_7.47.0-1ubuntu2.7_i386.deb (200.9 KiB)
libcurl3-gnutls_7.47.0-1ubuntu2.7_powerpc.deb (164.3 KiB)
libcurl3-gnutls_7.47.0-1ubuntu2.7_ppc64el.deb (173.4 KiB)
libcurl3-gnutls_7.47.0-1ubuntu2.7_s390x.deb (170.4 KiB)
libcurl3-nss-dbgsym_7.47.0-1ubuntu2.7_amd64.ddeb (1.2 KiB)
libcurl3-nss-dbgsym_7.47.0-1ubuntu2.7_arm64.ddeb (1.2 KiB)
libcurl3-nss-dbgsym_7.47.0-1ubuntu2.7_armhf.ddeb (1.2 KiB)
libcurl3-nss-dbgsym_7.47.0-1ubuntu2.7_i386.ddeb (1.2 KiB)
libcurl3-nss-dbgsym_7.47.0-1ubuntu2.7_powerpc.ddeb (1.2 KiB)
libcurl3-nss-dbgsym_7.47.0-1ubuntu2.7_ppc64el.ddeb (1.2 KiB)
libcurl3-nss-dbgsym_7.47.0-1ubuntu2.7_s390x.ddeb (1.2 KiB)
libcurl3-nss_7.47.0-1ubuntu2.7_amd64.deb (186.8 KiB)
libcurl3-nss_7.47.0-1ubuntu2.7_arm64.deb (155.2 KiB)
libcurl3-nss_7.47.0-1ubuntu2.7_armhf.deb (162.4 KiB)
libcurl3-nss_7.47.0-1ubuntu2.7_i386.deb (207.2 KiB)
libcurl3-nss_7.47.0-1ubuntu2.7_powerpc.deb (170.1 KiB)
libcurl3-nss_7.47.0-1ubuntu2.7_ppc64el.deb (179.0 KiB)
libcurl3-nss_7.47.0-1ubuntu2.7_s390x.deb (177.1 KiB)
libcurl3_7.47.0-1ubuntu2.7_amd64.deb (182.5 KiB)
libcurl3_7.47.0-1ubuntu2.7_arm64.deb (151.6 KiB)
libcurl3_7.47.0-1ubuntu2.7_armhf.deb (158.6 KiB)
libcurl3_7.47.0-1ubuntu2.7_i386.deb (203.9 KiB)
libcurl3_7.47.0-1ubuntu2.7_powerpc.deb (166.5 KiB)
libcurl3_7.47.0-1ubuntu2.7_ppc64el.deb (174.2 KiB)
libcurl3_7.47.0-1ubuntu2.7_s390x.deb (172.7 KiB)
libcurl4-doc_7.47.0-1ubuntu2.7_all.deb (1.1 MiB)
libcurl4-gnutls-dev-dbgsym_7.47.0-1ubuntu2.7_amd64.ddeb (1.3 KiB)
libcurl4-gnutls-dev-dbgsym_7.47.0-1ubuntu2.7_arm64.ddeb (1.3 KiB)
libcurl4-gnutls-dev-dbgsym_7.47.0-1ubuntu2.7_armhf.ddeb (1.3 KiB)
libcurl4-gnutls-dev-dbgsym_7.47.0-1ubuntu2.7_i386.ddeb (1.3 KiB)
libcurl4-gnutls-dev-dbgsym_7.47.0-1ubuntu2.7_powerpc.ddeb (1.3 KiB)
libcurl4-gnutls-dev-dbgsym_7.47.0-1ubuntu2.7_ppc64el.ddeb (1.3 KiB)
libcurl4-gnutls-dev-dbgsym_7.47.0-1ubuntu2.7_s390x.ddeb (1.3 KiB)
libcurl4-gnutls-dev_7.47.0-1ubuntu2.7_amd64.deb (254.1 KiB)
libcurl4-gnutls-dev_7.47.0-1ubuntu2.7_arm64.deb (227.9 KiB)
libcurl4-gnutls-dev_7.47.0-1ubuntu2.7_armhf.deb (232.3 KiB)
libcurl4-gnutls-dev_7.47.0-1ubuntu2.7_i386.deb (281.8 KiB)
libcurl4-gnutls-dev_7.47.0-1ubuntu2.7_powerpc.deb (229.2 KiB)
libcurl4-gnutls-dev_7.47.0-1ubuntu2.7_ppc64el.deb (255.4 KiB)
libcurl4-gnutls-dev_7.47.0-1ubuntu2.7_s390x.deb (246.8 KiB)
libcurl4-nss-dev-dbgsym_7.47.0-1ubuntu2.7_amd64.ddeb (1.3 KiB)
libcurl4-nss-dev-dbgsym_7.47.0-1ubuntu2.7_arm64.ddeb (1.3 KiB)
libcurl4-nss-dev-dbgsym_7.47.0-1ubuntu2.7_armhf.ddeb (1.3 KiB)
libcurl4-nss-dev-dbgsym_7.47.0-1ubuntu2.7_i386.ddeb (1.3 KiB)
libcurl4-nss-dev-dbgsym_7.47.0-1ubuntu2.7_powerpc.ddeb (1.3 KiB)
libcurl4-nss-dev-dbgsym_7.47.0-1ubuntu2.7_ppc64el.ddeb (1.3 KiB)
libcurl4-nss-dev-dbgsym_7.47.0-1ubuntu2.7_s390x.ddeb (1.3 KiB)
libcurl4-nss-dev_7.47.0-1ubuntu2.7_amd64.deb (260.7 KiB)
libcurl4-nss-dev_7.47.0-1ubuntu2.7_arm64.deb (234.0 KiB)
libcurl4-nss-dev_7.47.0-1ubuntu2.7_armhf.deb (238.5 KiB)
libcurl4-nss-dev_7.47.0-1ubuntu2.7_i386.deb (288.2 KiB)
libcurl4-nss-dev_7.47.0-1ubuntu2.7_powerpc.deb (235.1 KiB)
libcurl4-nss-dev_7.47.0-1ubuntu2.7_ppc64el.deb (261.2 KiB)
libcurl4-nss-dev_7.47.0-1ubuntu2.7_s390x.deb (253.3 KiB)
libcurl4-openssl-dev-dbgsym_7.47.0-1ubuntu2.7_amd64.ddeb (1.3 KiB)
libcurl4-openssl-dev-dbgsym_7.47.0-1ubuntu2.7_arm64.ddeb (1.3 KiB)
libcurl4-openssl-dev-dbgsym_7.47.0-1ubuntu2.7_armhf.ddeb (1.3 KiB)
libcurl4-openssl-dev-dbgsym_7.47.0-1ubuntu2.7_i386.ddeb (1.3 KiB)
libcurl4-openssl-dev-dbgsym_7.47.0-1ubuntu2.7_powerpc.ddeb (1.3 KiB)
libcurl4-openssl-dev-dbgsym_7.47.0-1ubuntu2.7_ppc64el.ddeb (1.3 KiB)
libcurl4-openssl-dev-dbgsym_7.47.0-1ubuntu2.7_s390x.ddeb (1.3 KiB)
libcurl4-openssl-dev_7.47.0-1ubuntu2.7_amd64.deb (256.0 KiB)
libcurl4-openssl-dev_7.47.0-1ubuntu2.7_arm64.deb (229.6 KiB)
libcurl4-openssl-dev_7.47.0-1ubuntu2.7_armhf.deb (234.4 KiB)
libcurl4-openssl-dev_7.47.0-1ubuntu2.7_i386.deb (284.1 KiB)
libcurl4-openssl-dev_7.47.0-1ubuntu2.7_powerpc.deb (230.3 KiB)
libcurl4-openssl-dev_7.47.0-1ubuntu2.7_ppc64el.deb (254.1 KiB)
libcurl4-openssl-dev_7.47.0-1ubuntu2.7_s390x.deb (248.8 KiB)