Ubuntu

“curl” 7.19.7-1ubuntu1.1 source package in The Lucid Lynx

Publishing history

7.19.7-1ubuntu1.1
SUPERSEDED: Lucid pocket Updates in component main and section web
  • Removed from disk on 2013-04-17.
  • Removal requested on 2013-04-17.
  • Superseded on 2013-04-16 by curl - 7.19.7-1ubuntu1.2
  • Published on 2011-06-24
  • Copied from ubuntu lucid in Private PPA for Ubuntu Security Team
7.19.7-1ubuntu1.1
SUPERSEDED: Lucid pocket Security in component main and section web
  • Removed from disk on 2013-04-17.
  • Removal requested on 2013-04-17.
  • Superseded on 2013-04-16 by curl - 7.19.7-1ubuntu1.2
  • Published on 2011-06-23
  • Copied from ubuntu lucid in Private PPA for Ubuntu Security Team

Builds

Changelog

curl (7.19.7-1ubuntu1.1) lucid-security; urgency=low

  * SECURITY UPDATE: libcurl unconditional credential delegation during
    GSSAPI authentication vulnerability.
    - debian/patches/0001-Curl_input_negotiate-do-not-delegate-credentials.patch:
      do not delegate credentials when doing GSSAPI authentication
    - CVE-2011-2192
  * SECURITY UPDATE: libcurl zlib automatic decompression callback
    data buffer overflow
    - debian/patches/libcurl-contentencoding.patch: restrict amount of
      callback data sent to an application
    - CVE-2010-0734
 -- Steve Beattie <email address hidden>   Wed, 08 Jun 2011 16:52:01 -0700