-
curl (7.15.4-1ubuntu2.2) edgy-security; urgency=low
* lib/gtls.c: actually perform expiration and activation verifications
(CVE-2007-3564).
-- Kees Cook <email address hidden> Wed, 27 Jun 2007 12:16:00 -0700
-
curl (7.15.4-1ubuntu2.1) edgy-updates; urgency=low
* No-change upload to edgy-updates, thanks to Michael Vogt for verifying!
curl (7.15.4-1ubuntu2.1~proposed1) edgy-proposed; urgency=low
* lib/multi.c: Upstream patch to fix segmentation fault.
(Closes Ubuntu: #68074, SRU bug #73447).
* Reference: http://sourceforge.net/support/tracker.php?aid=1523466.
-- Martin Pitt <email address hidden> Wed, 02 May 2007 17:23:11 +0200
-
curl (7.15.4-1ubuntu2.1~proposed1) edgy-proposed; urgency=low
* lib/multi.c: Upstream patch to fix segmentation fault.
(Closes Ubuntu: #68074, SRU bug #73447).
* Reference: http://sourceforge.net/support/tracker.php?aid=1523466.
-- Cody A.W. Somerville <email address hidden> Mon, 27 Nov 2006 07:12:42 -0400
-
curl (7.15.4-1ubuntu2) edgy; urgency=low
* Bump libgnutls-dev dependency to >= 1.4 to build against gnutls13.
-- Martin Pitt <email address hidden> Tue, 4 Jul 2006 15:23:50 +0200
-
curl (7.15.4-1ubuntu1) edgy; urgency=low
* Synchronize to Debian. Only change left: Removal of stunnel and
libdb4.2-dev build dependencies.
curl (7.15.4-1) unstable; urgency=low
* New upstream release.
* Bumped shlibs version to 7.15.4-1.
curl (7.15.3-2) unstable; urgency=low
* Fixed bug in configure.ac that makes FTBFS (closes: #367954).
curl (7.15.3-1) unstable; urgency=high
* New upstream release:
- fixed TFTP packet buffer overflow vulnerability
[lib/tftp.c, CVE-2006-1061].
- improved curl_getenv.3 manpage grammar (closes: #357388).
curl (7.15.2-3) unstable; urgency=low
* Applied upstream patch to fix multi interface and multi-part formposts
(closes: #355715).
* Build back with -O2, gcc 4.0.2-10 fixed the previously trigged bug.
curl (7.15.2-2) unstable; urgency=low
* Added missing autotools invocation. Re-added versioned symbols
(closes: #355241).
* Bumped shlibs version to 7.15.2-2.
* Build with -O3 to work around sospicious segfaults on tests 253
and 255.
curl (7.15.2-1) unstable; urgency=low
* New upstream release.
* Bumped shlibs version to 7.15.2-1.
* Adopted debhelper's compatibility level 5.
-- Martin Pitt <email address hidden> Thu, 29 Jun 2006 15:04:24 +0200
-
curl (7.15.1-1ubuntu2) dapper; urgency=low
* SECURITY UPDATE: Arbitrary remote code execution with long tftp:// URLs.
* lib/tftp.c: Fix unbounded sprintf() to avoid buffer overflow. Thanks to
Ulf Harnhammar for discovering this.
* CVE-2006-1061
-- Martin Pitt <email address hidden> Thu, 16 Mar 2006 11:30:25 +0100