curl 7.52.1-4ubuntu1.2 source package in Ubuntu
Changelog
curl (7.52.1-4ubuntu1.2) zesty-security; urgency=medium
* SECURITY UPDATE: TFTP sends more than buffer size
- debian/patches/CVE-2017-1000100.patch: reject file name lengths that
don't fit in lib/tftp.c.
- CVE-2017-1000100
* SECURITY UPDATE: URL globbing out of bounds read
- debian/patches/CVE-2017-1000101.patch: do not continue parsing after
a strtoul() overflow range in src/tool_urlglob.c, added test to
tests/data/Makefile.inc, tests/data/test1289.
- CVE-2017-1000101
* SECURITY UPDATE: FTP PWD response parser out of bounds read
- debian/patches/CVE-2017-1000254.patch: zero terminate the entry path
even on bad input in lib/ftp.c, added test to
tests/data/Makefile.inc, tests/data/test1152.
- CVE-2017-1000254
* SECURITY UPDATE: --write-out out of buffer read
- debian/patches/CVE-2017-7407-2.patch: check for end of input in
src/tool_writeout.c added test to tests/data/Makefile.inc,
tests/data/test1442.
- CVE-2017-7407
-- Marc Deslauriers <email address hidden> Wed, 04 Oct 2017 08:38:54 -0400
Upload details
- Uploaded by:
- Marc Deslauriers
- Uploaded to:
- Zesty
- Original maintainer:
- Ubuntu Developers
- Architectures:
- any all
- Section:
- web
- Urgency:
- Medium Urgency
See full publishing history Publishing
| Series | Published | Component | Section |
|---|
Downloads
| File | Size | SHA-256 Checksum |
|---|---|---|
| curl_7.52.1.orig.tar.gz | 3.3 MiB | a8984e8b20880b621f61a62d95ff3c0763a3152093a9f9ce4287cfd614add6ae |
| curl_7.52.1-4ubuntu1.2.debian.tar.xz | 39.2 KiB | 47abb9e98b70282accf3f08f4c5d59aa9b998234ae1c3ffd5305f91092f1238b |
| curl_7.52.1-4ubuntu1.2.dsc | 2.8 KiB | 32e3aeca35ff87f06590634194cd6bd624079d2dfc77281aa94fe22a67ceb6e0 |
Available diffs
Binary packages built by this source
- curl: No summary available for curl in ubuntu zesty.
No description available for curl in ubuntu zesty.
- curl-dbgsym: No summary available for curl-dbgsym in ubuntu zesty.
No description available for curl-dbgsym in ubuntu zesty.
- libcurl3: No summary available for libcurl3 in ubuntu zesty.
No description available for libcurl3 in ubuntu zesty.
- libcurl3-dbg: No summary available for libcurl3-dbg in ubuntu zesty.
No description available for libcurl3-dbg in ubuntu zesty.
- libcurl3-dbgsym: No summary available for libcurl3-dbgsym in ubuntu zesty.
No description available for libcurl3-dbgsym in ubuntu zesty.
- libcurl3-gnutls: No summary available for libcurl3-gnutls in ubuntu zesty.
No description available for libcurl3-gnutls in ubuntu zesty.
- libcurl3-gnutls-dbgsym: No summary available for libcurl3-gnutls-dbgsym in ubuntu zesty.
No description available for libcurl3-
gnutls- dbgsym in ubuntu zesty.
- libcurl3-nss: No summary available for libcurl3-nss in ubuntu zesty.
No description available for libcurl3-nss in ubuntu zesty.
- libcurl3-nss-dbgsym: No summary available for libcurl3-nss-dbgsym in ubuntu zesty.
No description available for libcurl3-nss-dbgsym in ubuntu zesty.
- libcurl4-doc: No summary available for libcurl4-doc in ubuntu zesty.
No description available for libcurl4-doc in ubuntu zesty.
- libcurl4-gnutls-dev: No summary available for libcurl4-gnutls-dev in ubuntu zesty.
No description available for libcurl4-gnutls-dev in ubuntu zesty.
- libcurl4-gnutls-dev-dbgsym: No summary available for libcurl4-gnutls-dev-dbgsym in ubuntu zesty.
No description available for libcurl4-
gnutls- dev-dbgsym in ubuntu zesty.
- libcurl4-nss-dev: No summary available for libcurl4-nss-dev in ubuntu zesty.
No description available for libcurl4-nss-dev in ubuntu zesty.
- libcurl4-nss-dev-dbgsym: No summary available for libcurl4-nss-dev-dbgsym in ubuntu zesty.
No description available for libcurl4-
nss-dev- dbgsym in ubuntu zesty.
- libcurl4-openssl-dev: No summary available for libcurl4-openssl-dev in ubuntu zesty.
No description available for libcurl4-
openssl- dev in ubuntu zesty.
- libcurl4-openssl-dev-dbgsym: No summary available for libcurl4-openssl-dev-dbgsym in ubuntu zesty.
No description available for libcurl4-
openssl- dev-dbgsym in ubuntu zesty.
