curl 7.85.0-1ubuntu0.6 source package in Ubuntu
Changelog
curl (7.85.0-1ubuntu0.6) kinetic-security; urgency=medium
* SECURITY UPDATE: improper certificate validation vulnerability
- debian/patches/CVE-2023-28321.patch: fix host name wildcard checking
in lib/vtls/hostcheck.c, tests/data/test1397, tests/unit/unit1397.c.
- CVE-2023-28321
* SECURITY UPDATE: information disclosure vulnerability
- debian/patches/CVE-2023-28322.patch: unify the upload/method handling
in lib/curl_rtmp.c, lib/file.c, lib/ftp.c, lib/http.c, lib/imap.c,
lib/rtsp.c, lib/setopt.c, lib/smb.c, lib/smtp.c, lib/tftp.c,
lib/transfer.c, lib/urldata.h, lib/vssh/libssh.c, lib/vssh/libssh2.c,
lib/vssh/wolfssh.c.
- CVE-2023-28322
* SECURITY UPDATE: fopen race condition
- debian/patches/CVE-2023-32001.patch: fix race in lib/fopen.c.
- CVE-2023-32001
-- Marc Deslauriers <email address hidden> Mon, 17 Jul 2023 08:03:23 -0400
Upload details
- Uploaded by:
- Marc Deslauriers
- Uploaded to:
- Kinetic
- Original maintainer:
- Ubuntu Developers
- Architectures:
- any all
- Section:
- web
- Urgency:
- Medium Urgency
See full publishing history Publishing
| Series | Published | Component | Section |
|---|
Downloads
| File | Size | SHA-256 Checksum |
|---|---|---|
| curl_7.85.0.orig.tar.gz | 4.0 MiB | 78a06f918bd5fde3c4573ef4f9806f56372b32ec1829c9ec474799eeee641c27 |
| curl_7.85.0.orig.tar.gz.asc | 488 bytes | 6794e4b59dea9dee2c6373be4e1b1cded5c8a9aea8bbf58c3e97f3adfe8d8474 |
| curl_7.85.0-1ubuntu0.6.debian.tar.xz | 59.0 KiB | 420fc654ba642d0b300b62969a6ea2e53988328d211e76ec4d26b23c67f4c61b |
| curl_7.85.0-1ubuntu0.6.dsc | 3.0 KiB | 4a6ceb6949e9b52919601458602994dfb81e8654966da7f502abca366ff9c797 |
Available diffs
Binary packages built by this source
- curl: No summary available for curl in ubuntu kinetic.
No description available for curl in ubuntu kinetic.
- curl-dbgsym: No summary available for curl-dbgsym in ubuntu kinetic.
No description available for curl-dbgsym in ubuntu kinetic.
- libcurl3-gnutls: No summary available for libcurl3-gnutls in ubuntu kinetic.
No description available for libcurl3-gnutls in ubuntu kinetic.
- libcurl3-gnutls-dbgsym: No summary available for libcurl3-gnutls-dbgsym in ubuntu kinetic.
No description available for libcurl3-
gnutls- dbgsym in ubuntu kinetic.
- libcurl3-nss: No summary available for libcurl3-nss in ubuntu kinetic.
No description available for libcurl3-nss in ubuntu kinetic.
- libcurl3-nss-dbgsym: No summary available for libcurl3-nss-dbgsym in ubuntu kinetic.
No description available for libcurl3-nss-dbgsym in ubuntu kinetic.
- libcurl4: No summary available for libcurl4 in ubuntu kinetic.
No description available for libcurl4 in ubuntu kinetic.
- libcurl4-dbgsym: No summary available for libcurl4-dbgsym in ubuntu kinetic.
No description available for libcurl4-dbgsym in ubuntu kinetic.
- libcurl4-doc: No summary available for libcurl4-doc in ubuntu kinetic.
No description available for libcurl4-doc in ubuntu kinetic.
- libcurl4-gnutls-dev: No summary available for libcurl4-gnutls-dev in ubuntu kinetic.
No description available for libcurl4-gnutls-dev in ubuntu kinetic.
- libcurl4-nss-dev: No summary available for libcurl4-nss-dev in ubuntu kinetic.
No description available for libcurl4-nss-dev in ubuntu kinetic.
- libcurl4-openssl-dev: No summary available for libcurl4-openssl-dev in ubuntu kinetic.
No description available for libcurl4-
openssl- dev in ubuntu kinetic.
