Publishing details

• Removed from disk on 2019-05-23.
• Removal requested on 2019-05-23.
• Superseded on 2019-05-22 by curl - 7.58.0-2ubuntu3.7
• Published on 2019-02-06
• Copied from ubuntu bionic in Private PPA for Ubuntu Security Team by Ubuntu Archive Robot

Changelog

curl (7.58.0-2ubuntu3.6) bionic-security; urgency=medium

  * SECURITY UPDATE: NTLM type-2 out-of-bounds buffer read
    - debian/patches/CVE-2018-16890.patch: fix size check condition for
      type2 received data in lib/vauth/ntlm.c.
    - CVE-2018-16890
  * SECURITY UPDATE: NTLMv2 type-3 header stack buffer overflow
    - debian/patches/CVE-2019-3822.patch: ix *_type3_message size check to
      avoid buffer overflow in lib/vauth/ntlm.c.
    - CVE-2019-3822
  * SECURITY UPDATE: SMTP end-of-response out-of-bounds read
    - debian/patches/CVE-2019-3823.patch: avoid risk of buffer overflow in
      strtol in lib/smtp.c.
    - CVE-2019-3823

 -- Marc Deslauriers <email address hidden>  Tue, 29 Jan 2019 08:48:30 -0500

Builds

• amd64
• arm64
• armhf
• i386
• ppc64el
• s390x

Package files

• curl-dbgsym_7.58.0-2ubuntu3.6_amd64.ddeb (138.6 KiB)
• curl-dbgsym_7.58.0-2ubuntu3.6_arm64.ddeb (141.6 KiB)
• curl-dbgsym_7.58.0-2ubuntu3.6_armhf.ddeb (135.6 KiB)
• curl-dbgsym_7.58.0-2ubuntu3.6_i386.ddeb (125.1 KiB)
• curl-dbgsym_7.58.0-2ubuntu3.6_ppc64el.ddeb (143.8 KiB)
• curl-dbgsym_7.58.0-2ubuntu3.6_s390x.ddeb (146.8 KiB)
• curl_7.58.0-2ubuntu3.6.debian.tar.xz (38.1 KiB)
• curl_7.58.0-2ubuntu3.6.dsc (2.7 KiB)
• curl_7.58.0-2ubuntu3.6_amd64.deb (155.0 KiB)
• curl_7.58.0-2ubuntu3.6_arm64.deb (148.6 KiB)
• curl_7.58.0-2ubuntu3.6_armhf.deb (148.9 KiB)
• curl_7.58.0-2ubuntu3.6_i386.deb (158.3 KiB)
• curl_7.58.0-2ubuntu3.6_ppc64el.deb (154.5 KiB)
• curl_7.58.0-2ubuntu3.6_s390x.deb (151.6 KiB)
• curl_7.58.0.orig.tar.gz (3.7 MiB)
• libcurl3-gnutls-dbgsym_7.58.0-2ubuntu3.6_amd64.ddeb (1.2 MiB)
• libcurl3-gnutls-dbgsym_7.58.0-2ubuntu3.6_arm64.ddeb (1.3 MiB)
• libcurl3-gnutls-dbgsym_7.58.0-2ubuntu3.6_armhf.ddeb (1.2 MiB)
• libcurl3-gnutls-dbgsym_7.58.0-2ubuntu3.6_i386.ddeb (1.1 MiB)
• libcurl3-gnutls-dbgsym_7.58.0-2ubuntu3.6_ppc64el.ddeb (1.3 MiB)
• libcurl3-gnutls-dbgsym_7.58.0-2ubuntu3.6_s390x.ddeb (1.3 MiB)
• libcurl3-gnutls_7.58.0-2ubuntu3.6_amd64.deb (207.3 KiB)
• libcurl3-gnutls_7.58.0-2ubuntu3.6_arm64.deb (174.4 KiB)
• libcurl3-gnutls_7.58.0-2ubuntu3.6_armhf.deb (177.6 KiB)
• libcurl3-gnutls_7.58.0-2ubuntu3.6_i386.deb (230.3 KiB)
• libcurl3-gnutls_7.58.0-2ubuntu3.6_ppc64el.deb (212.3 KiB)
• libcurl3-gnutls_7.58.0-2ubuntu3.6_s390x.deb (190.2 KiB)
• libcurl3-nss-dbgsym_7.58.0-2ubuntu3.6_amd64.ddeb (1.2 MiB)
• libcurl3-nss-dbgsym_7.58.0-2ubuntu3.6_arm64.ddeb (1.3 MiB)
• libcurl3-nss-dbgsym_7.58.0-2ubuntu3.6_armhf.ddeb (1.2 MiB)
• libcurl3-nss-dbgsym_7.58.0-2ubuntu3.6_i386.ddeb (1.1 MiB)
• libcurl3-nss-dbgsym_7.58.0-2ubuntu3.6_ppc64el.ddeb (1.3 MiB)
• libcurl3-nss-dbgsym_7.58.0-2ubuntu3.6_s390x.ddeb (1.3 MiB)
• libcurl3-nss_7.58.0-2ubuntu3.6_amd64.deb (213.3 KiB)
• libcurl3-nss_7.58.0-2ubuntu3.6_arm64.deb (180.3 KiB)
• libcurl3-nss_7.58.0-2ubuntu3.6_armhf.deb (183.4 KiB)
• libcurl3-nss_7.58.0-2ubuntu3.6_i386.deb (236.2 KiB)
• libcurl3-nss_7.58.0-2ubuntu3.6_ppc64el.deb (219.1 KiB)
• libcurl3-nss_7.58.0-2ubuntu3.6_s390x.deb (196.4 KiB)
• libcurl4-dbgsym_7.58.0-2ubuntu3.6_amd64.ddeb (1.2 MiB)
• libcurl4-dbgsym_7.58.0-2ubuntu3.6_arm64.ddeb (1.3 MiB)
• libcurl4-dbgsym_7.58.0-2ubuntu3.6_armhf.ddeb (1.2 MiB)
• libcurl4-dbgsym_7.58.0-2ubuntu3.6_i386.ddeb (1.1 MiB)
• libcurl4-dbgsym_7.58.0-2ubuntu3.6_ppc64el.ddeb (1.3 MiB)
• libcurl4-dbgsym_7.58.0-2ubuntu3.6_s390x.ddeb (1.3 MiB)
• libcurl4-doc_7.58.0-2ubuntu3.6_all.deb (815.0 KiB)
• libcurl4-gnutls-dev_7.58.0-2ubuntu3.6_amd64.deb (286.8 KiB)
• libcurl4-gnutls-dev_7.58.0-2ubuntu3.6_arm64.deb (261.7 KiB)
• libcurl4-gnutls-dev_7.58.0-2ubuntu3.6_armhf.deb (263.4 KiB)
• libcurl4-gnutls-dev_7.58.0-2ubuntu3.6_i386.deb (318.8 KiB)
• libcurl4-gnutls-dev_7.58.0-2ubuntu3.6_ppc64el.deb (306.3 KiB)
• libcurl4-gnutls-dev_7.58.0-2ubuntu3.6_s390x.deb (274.0 KiB)
• libcurl4-nss-dev_7.58.0-2ubuntu3.6_amd64.deb (293.3 KiB)
• libcurl4-nss-dev_7.58.0-2ubuntu3.6_arm64.deb (268.0 KiB)
• libcurl4-nss-dev_7.58.0-2ubuntu3.6_armhf.deb (269.3 KiB)
• libcurl4-nss-dev_7.58.0-2ubuntu3.6_i386.deb (325.0 KiB)
• libcurl4-nss-dev_7.58.0-2ubuntu3.6_ppc64el.deb (314.3 KiB)
• libcurl4-nss-dev_7.58.0-2ubuntu3.6_s390x.deb (280.4 KiB)
• libcurl4-openssl-dev_7.58.0-2ubuntu3.6_amd64.deb (287.7 KiB)
• libcurl4-openssl-dev_7.58.0-2ubuntu3.6_arm64.deb (262.4 KiB)
• libcurl4-openssl-dev_7.58.0-2ubuntu3.6_armhf.deb (264.8 KiB)
• libcurl4-openssl-dev_7.58.0-2ubuntu3.6_i386.deb (321.0 KiB)
• libcurl4-openssl-dev_7.58.0-2ubuntu3.6_ppc64el.deb (303.7 KiB)
• libcurl4-openssl-dev_7.58.0-2ubuntu3.6_s390x.deb (273.7 KiB)
• libcurl4_7.58.0-2ubuntu3.6_amd64.deb (209.1 KiB)
• libcurl4_7.58.0-2ubuntu3.6_arm64.deb (175.8 KiB)
• libcurl4_7.58.0-2ubuntu3.6_armhf.deb (178.8 KiB)
• libcurl4_7.58.0-2ubuntu3.6_i386.deb (233.0 KiB)
• libcurl4_7.58.0-2ubuntu3.6_ppc64el.deb (211.5 KiB)
• libcurl4_7.58.0-2ubuntu3.6_s390x.deb (191.5 KiB)