curl 7.85.0-1ubuntu0.5 source package in Ubuntu
Changelog
curl (7.85.0-1ubuntu0.5) kinetic-security; urgency=medium * SECURITY UPDATE: TELNET option IAC injection - debian/patches/CVE-2023-27533.patch: only accept option arguments in ascii in lib/telnet.c. - CVE-2023-27533 * SECURITY UPDATE: SFTP path ~ resolving discrepancy - debian/patches/CVE-2023-27534-pre1.patch: do not add '/' if homedir ends with one in lib/curl_path.c. - debian/patches/CVE-2023-27534.patch: create the new path with dynbuf in lib/curl_path.c. - CVE-2023-27534 * SECURITY UPDATE: FTP too eager connection reuse - debian/patches/CVE-2023-27535-pre1.patch: add and use Curl_timestrcmp in lib/netrc.c, lib/strcase.c, lib/strcase.h, lib/url.c, lib/vauth/digest_sspi.c, lib/vtls/vtls.c. - debian/patches/CVE-2023-27535.patch: add more conditions for connection reuse in lib/ftp.c, lib/ftp.h, lib/url.c, lib/urldata.h. - CVE-2023-27535 * SECURITY UPDATE: GSS delegation too eager connection re-use - debian/patches/CVE-2023-27536.patch: only reuse connections with same GSS delegation in lib/url.c, lib/urldata.h. - CVE-2023-27536 * SECURITY UPDATE: SSH connection too eager reuse still - debian/patches/CVE-2023-27538.patch: fix the SSH connection reuse check in lib/url.c. - CVE-2023-27538 -- Marc Deslauriers <email address hidden> Tue, 14 Mar 2023 09:55:46 -0400
Upload details
- Uploaded by:
- Marc Deslauriers
- Uploaded to:
- Kinetic
- Original maintainer:
- Ubuntu Developers
- Architectures:
- any all
- Section:
- web
- Urgency:
- Medium Urgency
See full publishing history Publishing
Series | Published | Component | Section |
---|
Downloads
File | Size | SHA-256 Checksum |
---|---|---|
curl_7.85.0.orig.tar.gz | 4.0 MiB | 78a06f918bd5fde3c4573ef4f9806f56372b32ec1829c9ec474799eeee641c27 |
curl_7.85.0.orig.tar.gz.asc | 488 bytes | 6794e4b59dea9dee2c6373be4e1b1cded5c8a9aea8bbf58c3e97f3adfe8d8474 |
curl_7.85.0-1ubuntu0.5.debian.tar.xz | 53.2 KiB | f1f53440d7f57cba87a5d1c6cd43555f30e760445adda0b377efd110070c264f |
curl_7.85.0-1ubuntu0.5.dsc | 3.0 KiB | 457ba5e5ba3202e6f77232563b1de06f9e62b898550382e52c68afc2954feab7 |
Available diffs
Binary packages built by this source
- curl: No summary available for curl in ubuntu kinetic.
No description available for curl in ubuntu kinetic.
- curl-dbgsym: No summary available for curl-dbgsym in ubuntu kinetic.
No description available for curl-dbgsym in ubuntu kinetic.
- libcurl3-gnutls: No summary available for libcurl3-gnutls in ubuntu kinetic.
No description available for libcurl3-gnutls in ubuntu kinetic.
- libcurl3-gnutls-dbgsym: No summary available for libcurl3-gnutls-dbgsym in ubuntu kinetic.
No description available for libcurl3-
gnutls- dbgsym in ubuntu kinetic.
- libcurl3-nss: No summary available for libcurl3-nss in ubuntu kinetic.
No description available for libcurl3-nss in ubuntu kinetic.
- libcurl3-nss-dbgsym: No summary available for libcurl3-nss-dbgsym in ubuntu kinetic.
No description available for libcurl3-nss-dbgsym in ubuntu kinetic.
- libcurl4: No summary available for libcurl4 in ubuntu kinetic.
No description available for libcurl4 in ubuntu kinetic.
- libcurl4-dbgsym: No summary available for libcurl4-dbgsym in ubuntu kinetic.
No description available for libcurl4-dbgsym in ubuntu kinetic.
- libcurl4-doc: No summary available for libcurl4-doc in ubuntu kinetic.
No description available for libcurl4-doc in ubuntu kinetic.
- libcurl4-gnutls-dev: No summary available for libcurl4-gnutls-dev in ubuntu kinetic.
No description available for libcurl4-gnutls-dev in ubuntu kinetic.
- libcurl4-nss-dev: No summary available for libcurl4-nss-dev in ubuntu kinetic.
No description available for libcurl4-nss-dev in ubuntu kinetic.
- libcurl4-openssl-dev: No summary available for libcurl4-openssl-dev in ubuntu kinetic.
No description available for libcurl4-
openssl- dev in ubuntu kinetic.