curl 7.64.0-2ubuntu1.2 source package in Ubuntu

Changelog

curl (7.64.0-2ubuntu1.2) disco-security; urgency=medium

  * SECURITY UPDATE: double-free when using kerberos over FTP may cause
    denial-of-service
    - debian/patches/CVE-2019-5481.patch: update lib/security.c to avoid
      double-free on large memory allocation failures
    - CVE-2019-5481
  * SECURITY UPDATE: heap buffer overflow when receiving TFTP data may
    cause denial-of-service or remote code-execution
    - debian/patches/CVE-2019-5482.patch: ensure to use the correct block
      size when calling recvfrom() if the server returns an OACK without
      specifying a block size in lib/tftp.c
    - CVE-2019-5482

 -- Alex Murray <email address hidden>  Fri, 06 Sep 2019 14:50:00 +0930

Upload details

Uploaded by:
Alex Murray on 2019-09-10
Uploaded to:
Disco
Original maintainer:
Ubuntu Developers
Architectures:
any all
Section:
web
Urgency:
Medium Urgency

See full publishing history Publishing

Series Pocket Published Component Section
Disco updates on 2019-09-11 main web
Disco security on 2019-09-11 main web

Downloads

File Size SHA-256 Checksum
curl_7.64.0.orig.tar.gz 3.8 MiB cb90d2eb74d4e358c1ed1489f8e3af96b50ea4374ad71f143fa4595e998d81b5
curl_7.64.0-2ubuntu1.2.debian.tar.xz 32.8 KiB 29be0221b8a46778ac412d981cfd47691ac307b8ef6bea34e3422ae22cea3cd4
curl_7.64.0-2ubuntu1.2.dsc 2.4 KiB 71659f82a2dc4ad111be16db7bff5aa916e8d15369bafba33326f8d3e1f2b9f3

View changes file

Binary packages built by this source

curl: command line tool for transferring data with URL syntax

 curl is a command line tool for transferring data with URL syntax, supporting
 DICT, FILE, FTP, FTPS, GOPHER, HTTP, HTTPS, IMAP, IMAPS, LDAP, LDAPS, POP3,
 POP3S, RTMP, RTSP, SCP, SFTP, SMTP, SMTPS, TELNET and TFTP.
 .
 curl supports SSL certificates, HTTP POST, HTTP PUT, FTP uploading, HTTP form
 based upload, proxies, cookies, user+password authentication (Basic, Digest,
 NTLM, Negotiate, kerberos...), file transfer resume, proxy tunneling and a
 busload of other useful tricks.

curl-dbgsym: debug symbols for curl
libcurl3-gnutls: easy-to-use client-side URL transfer library (GnuTLS flavour)

 libcurl is an easy-to-use client-side URL transfer library, supporting DICT,
 FILE, FTP, FTPS, GOPHER, HTTP, HTTPS, IMAP, IMAPS, LDAP, LDAPS, POP3, POP3S,
 RTMP, RTSP, SCP, SFTP, SMTP, SMTPS, TELNET and TFTP.
 .
 libcurl supports SSL certificates, HTTP POST, HTTP PUT, FTP uploading, HTTP
 form based upload, proxies, cookies, user+password authentication (Basic,
 Digest, NTLM, Negotiate, Kerberos), file transfer resume, http proxy tunneling
 and more!
 .
 libcurl is free, thread-safe, IPv6 compatible, feature rich, well supported,
 fast, thoroughly documented and is already used by many known, big and
 successful companies and numerous applications.
 .
 SSL support is provided by GnuTLS.

libcurl3-gnutls-dbgsym: debug symbols for libcurl3-gnutls
libcurl3-nss: easy-to-use client-side URL transfer library (NSS flavour)

 libcurl is an easy-to-use client-side URL transfer library, supporting DICT,
 FILE, FTP, FTPS, GOPHER, HTTP, HTTPS, IMAP, IMAPS, LDAP, LDAPS, POP3, POP3S,
 RTMP, RTSP, SCP, SFTP, SMTP, SMTPS, TELNET and TFTP.
 .
 libcurl supports SSL certificates, HTTP POST, HTTP PUT, FTP uploading, HTTP
 form based upload, proxies, cookies, user+password authentication (Basic,
 Digest, NTLM, Negotiate, Kerberos), file transfer resume, http proxy tunneling
 and more!
 .
 libcurl is free, thread-safe, IPv6 compatible, feature rich, well supported,
 fast, thoroughly documented and is already used by many known, big and
 successful companies and numerous applications.
 .
 SSL support is provided by NSS.

libcurl3-nss-dbgsym: debug symbols for libcurl3-nss
libcurl4: easy-to-use client-side URL transfer library (OpenSSL flavour)

 libcurl is an easy-to-use client-side URL transfer library, supporting DICT,
 FILE, FTP, FTPS, GOPHER, HTTP, HTTPS, IMAP, IMAPS, LDAP, LDAPS, POP3, POP3S,
 RTMP, RTSP, SCP, SFTP, SMTP, SMTPS, TELNET and TFTP.
 .
 libcurl supports SSL certificates, HTTP POST, HTTP PUT, FTP uploading, HTTP
 form based upload, proxies, cookies, user+password authentication (Basic,
 Digest, NTLM, Negotiate, Kerberos), file transfer resume, http proxy tunneling
 and more!
 .
 libcurl is free, thread-safe, IPv6 compatible, feature rich, well supported,
 fast, thoroughly documented and is already used by many known, big and
 successful companies and numerous applications.
 .
 SSL support is provided by OpenSSL.

libcurl4-dbgsym: debug symbols for libcurl4
libcurl4-doc: documentation for libcurl

 libcurl is an easy-to-use client-side URL transfer library, supporting DICT,
 FILE, FTP, FTPS, GOPHER, HTTP, HTTPS, IMAP, IMAPS, LDAP, LDAPS, POP3, POP3S,
 RTMP, RTSP, SCP, SFTP, SMTP, SMTPS, TELNET and TFTP.
 .
 libcurl supports SSL certificates, HTTP POST, HTTP PUT, FTP uploading, HTTP
 form based upload, proxies, cookies, user+password authentication (Basic,
 Digest, NTLM, Negotiate, Kerberos), file transfer resume, http proxy tunneling
 and more!
 .
 libcurl is free, thread-safe, IPv6 compatible, feature rich, well supported,
 fast, thoroughly documented and is already used by many known, big and
 successful companies and numerous applications.
 .
 This package provides the documentation files for libcurl.

libcurl4-gnutls-dev: development files and documentation for libcurl (GnuTLS flavour)

 libcurl is an easy-to-use client-side URL transfer library, supporting DICT,
 FILE, FTP, FTPS, GOPHER, HTTP, HTTPS, IMAP, IMAPS, LDAP, LDAPS, POP3, POP3S,
 RTMP, RTSP, SCP, SFTP, SMTP, SMTPS, TELNET and TFTP.
 .
 libcurl supports SSL certificates, HTTP POST, HTTP PUT, FTP uploading, HTTP
 form based upload, proxies, cookies, user+password authentication (Basic,
 Digest, NTLM, Negotiate, Kerberos), file transfer resume, http proxy tunneling
 and more!
 .
 libcurl is free, thread-safe, IPv6 compatible, feature rich, well supported,
 fast, thoroughly documented and is already used by many known, big and
 successful companies and numerous applications.
 .
 This package provides the development files (ie. includes, static library,
 manual pages) that allow one to build software which uses libcurl.
 .
 SSL support is provided by GnuTLS.

libcurl4-nss-dev: development files and documentation for libcurl (NSS flavour)

 libcurl is an easy-to-use client-side URL transfer library, supporting DICT,
 FILE, FTP, FTPS, GOPHER, HTTP, HTTPS, IMAP, IMAPS, LDAP, LDAPS, POP3, POP3S,
 RTMP, RTSP, SCP, SFTP, SMTP, SMTPS, TELNET and TFTP.
 .
 libcurl supports SSL certificates, HTTP POST, HTTP PUT, FTP uploading, HTTP
 form based upload, proxies, cookies, user+password authentication (Basic,
 Digest, NTLM, Negotiate, Kerberos), file transfer resume, http proxy tunneling
 and more!
 .
 libcurl is free, thread-safe, IPv6 compatible, feature rich, well supported,
 fast, thoroughly documented and is already used by many known, big and
 successful companies and numerous applications.
 .
 This package provides the development files (ie. includes, static library,
 manual pages) that allow one to build software which uses libcurl.
 .
 SSL support is provided by NSS.

libcurl4-openssl-dev: development files and documentation for libcurl (OpenSSL flavour)

 libcurl is an easy-to-use client-side URL transfer library, supporting DICT,
 FILE, FTP, FTPS, GOPHER, HTTP, HTTPS, IMAP, IMAPS, LDAP, LDAPS, POP3, POP3S,
 RTMP, RTSP, SCP, SFTP, SMTP, SMTPS, TELNET and TFTP.
 .
 libcurl supports SSL certificates, HTTP POST, HTTP PUT, FTP uploading, HTTP
 form based upload, proxies, cookies, user+password authentication (Basic,
 Digest, NTLM, Negotiate, Kerberos), file transfer resume, http proxy tunneling
 and more!
 .
 libcurl is free, thread-safe, IPv6 compatible, feature rich, well supported,
 fast, thoroughly documented and is already used by many known, big and
 successful companies and numerous applications.
 .
 This package provides the development files (ie. includes, static library,
 manual pages) that allow one to build software which uses libcurl.
 .
 SSL support is provided by OpenSSL.