Format: 1.8 Date: Wed, 04 Oct 2017 09:02:01 -0400 Source: curl Binary: curl curl-udeb libcurl3 libcurl3-udeb libcurl3-gnutls libcurl3-nss libcurl4-openssl-dev libcurl4-gnutls-dev libcurl4-nss-dev libcurl3-dbg libcurl4-doc Architecture: arm64 Version: 7.35.0-1ubuntu2.11 Distribution: trusty Urgency: medium Maintainer: Launchpad Build Daemon Changed-By: Marc Deslauriers Description: curl - command line tool for transferring data with URL syntax curl-udeb - Get a file from an HTTP, HTTPS or FTP server (udeb) libcurl3 - easy-to-use client-side URL transfer library (OpenSSL flavour) libcurl3-dbg - debugging symbols for libcurl (OpenSSL, GnuTLS and NSS flavours) libcurl3-gnutls - easy-to-use client-side URL transfer library (GnuTLS flavour) libcurl3-nss - easy-to-use client-side URL transfer library (NSS flavour) libcurl3-udeb - Multi-protocol file transfer library (OpenSSL) (udeb) libcurl4-doc - documentation for libcurl libcurl4-gnutls-dev - development files and documentation for libcurl (GnuTLS flavour) libcurl4-nss-dev - development files and documentation for libcurl (NSS flavour) libcurl4-openssl-dev - development files and documentation for libcurl (OpenSSL flavour) Changes: curl (7.35.0-1ubuntu2.11) trusty-security; urgency=medium . * SECURITY UPDATE: printf floating point buffer overflow - debian/patches/CVE-2016-9586.patch: fix floating point buffer overflow issues in lib/mprintf.c, added test to tests/data/test557, tests/libtest/lib557.c. - CVE-2016-9586 * SECURITY UPDATE: TFTP sends more than buffer size - debian/patches/CVE-2017-1000100.patch: reject file name lengths that don't fit in lib/tftp.c. - CVE-2017-1000100 * SECURITY UPDATE: URL globbing out of bounds read - debian/patches/CVE-2017-1000101.patch: do not continue parsing after a strtoul() overflow range in src/tool_urlglob.c, added test to tests/data/Makefile.am, tests/data/test1289. - CVE-2017-1000101 * SECURITY UPDATE: FTP PWD response parser out of bounds read - debian/patches/CVE-2017-1000254.patch: zero terminate the entry path even on bad input in lib/ftp.c, added test to tests/data/Makefile.am, tests/data/test1152. - CVE-2017-1000254 * SECURITY UPDATE: --write-out out of buffer read - debian/patches/CVE-2017-7407-1.patch: fix a buffer read overrun in src/tool_writeout.c added test to tests/data/Makefile.am, tests/data/test1440, tests/data/test1441. - debian/patches/CVE-2017-7407-2.patch: check for end of input in src/tool_writeout.c added test to tests/data/Makefile.am, tests/data/test1442. - CVE-2017-7407 Checksums-Sha1: 7b37e8f6dc0bda1959e1a6c97c3b521e5300dfec 119366 curl_7.35.0-1ubuntu2.11_arm64.deb c95e8e39c9bb414c59eb6575d657bc0029d33ef3 958 curl-udeb_7.35.0-1ubuntu2.11_arm64.udeb 196a87f334217434d0ea369eac790949db4f5112 142884 libcurl3_7.35.0-1ubuntu2.11_arm64.deb 4079672dce6ac2f1041e5156c8c6fff695c009ee 840 libcurl3-udeb_7.35.0-1ubuntu2.11_arm64.udeb 671573f3b192a8a1d855db21d155295b7feeac52 136410 libcurl3-gnutls_7.35.0-1ubuntu2.11_arm64.deb ba6e7fd685c165f8aae9123c21163915ed552a96 146156 libcurl3-nss_7.35.0-1ubuntu2.11_arm64.deb 6e36da45f5837fea1c602306118892a5dc4ec5db 218004 libcurl4-openssl-dev_7.35.0-1ubuntu2.11_arm64.deb 725b912e04b539bd14a7806138c7003f00588135 211074 libcurl4-gnutls-dev_7.35.0-1ubuntu2.11_arm64.deb 83f3ce1d6923b9001c79eabdfceaaa8f7ee96b81 222084 libcurl4-nss-dev_7.35.0-1ubuntu2.11_arm64.deb 06880253ca59ec2045f2d225d445d5f03e64c7b5 3266094 libcurl3-dbg_7.35.0-1ubuntu2.11_arm64.deb f360db62928049462113c146a6d36522f41002b6 1084 curl-dbgsym_7.35.0-1ubuntu2.11_arm64.ddeb 2b580e6ea7ea392210343b1cf0a8b921436a7362 986 curl-udeb-dbgsym_7.35.0-1ubuntu2.11_arm64.ddeb 09a244b158ceeb5fb2635bc852f4bf1bfb67d750 1202 libcurl3-dbgsym_7.35.0-1ubuntu2.11_arm64.ddeb 460291c572a360d75c04040f5b2063490470740e 904 libcurl3-udeb-dbgsym_7.35.0-1ubuntu2.11_arm64.ddeb 77e5c2a4d4f1bd9283f5476497c3d543b46abdc7 1206 libcurl3-gnutls-dbgsym_7.35.0-1ubuntu2.11_arm64.ddeb dbfd514a364c49db53d251381e87d34dee8d1a41 1202 libcurl3-nss-dbgsym_7.35.0-1ubuntu2.11_arm64.ddeb 14dce3db8f5de126988805363221c242ca603563 1286 libcurl4-openssl-dev-dbgsym_7.35.0-1ubuntu2.11_arm64.ddeb 8dc45f7dd8d4c1930d8737af0ebbae56e6edea22 1286 libcurl4-gnutls-dev-dbgsym_7.35.0-1ubuntu2.11_arm64.ddeb 318709140f1e2e6a465c839b4ae8c1638f262676 1284 libcurl4-nss-dev-dbgsym_7.35.0-1ubuntu2.11_arm64.ddeb Checksums-Sha256: 909114917a2a162ffec9d1b68a74f3062abe3b2b5a46c169c8da36fd142693dc 119366 curl_7.35.0-1ubuntu2.11_arm64.deb 2d5333aa21debf956dca2b6c0a6fc229ff0eeb30ced955ef6c9945f26c1bec46 958 curl-udeb_7.35.0-1ubuntu2.11_arm64.udeb b8782bb9b027b2cae19810d7bb0eef2e500650f393dae8f2d5a4fca167a68114 142884 libcurl3_7.35.0-1ubuntu2.11_arm64.deb 62e5900218c7463a520ef8455c4d8f121c7260f68ba267d03a2da7686ba8578e 840 libcurl3-udeb_7.35.0-1ubuntu2.11_arm64.udeb 9451dc0fa268a5c0baf1d43d4ae5dae2031dcff5c216a9f7c43316b27e3afd03 136410 libcurl3-gnutls_7.35.0-1ubuntu2.11_arm64.deb 01e15a64a38d32ec77bb6fb20b286ae7e98441600f564344db16f750081a8468 146156 libcurl3-nss_7.35.0-1ubuntu2.11_arm64.deb 28d5b1ed2ee08c704d51eda77d4cffdb5506d805115ad4d4780a8ff207506621 218004 libcurl4-openssl-dev_7.35.0-1ubuntu2.11_arm64.deb d5b6049fda4b94136217241d7e27d8b18ae4e90539d0b417808ccba1e669cac7 211074 libcurl4-gnutls-dev_7.35.0-1ubuntu2.11_arm64.deb fa3597b89e4db5602eca1162c636ce1933a31496b87234b24704b2b4bf57fa00 222084 libcurl4-nss-dev_7.35.0-1ubuntu2.11_arm64.deb 6fd1143a733f86a0a380778d03c33d8fdf2bc942e41556874bac97d694458e5d 3266094 libcurl3-dbg_7.35.0-1ubuntu2.11_arm64.deb 60f612705e061f61a189cc8db84aa8711b097044bcc3d292e25fa385b8ef1a50 1084 curl-dbgsym_7.35.0-1ubuntu2.11_arm64.ddeb 94c0b7a63e5c37f425421498518077f29d0439db6d19e19fc6b45f139580bbb7 986 curl-udeb-dbgsym_7.35.0-1ubuntu2.11_arm64.ddeb d69e3a90998563f25657e0491f9bd79726cc0a3979aff0d873923c511771810e 1202 libcurl3-dbgsym_7.35.0-1ubuntu2.11_arm64.ddeb c4ac3ca9734d83d337fc84792f33bdb17be12cb64f3ae091605e409e706a73ea 904 libcurl3-udeb-dbgsym_7.35.0-1ubuntu2.11_arm64.ddeb 988a00cd8c5037faed79be4da915c77cec626423cc5351d8605029b73558cf31 1206 libcurl3-gnutls-dbgsym_7.35.0-1ubuntu2.11_arm64.ddeb 7c51cb864b814aa5179b07edfbc036886fcc3793d9a65810d207196c273fc29a 1202 libcurl3-nss-dbgsym_7.35.0-1ubuntu2.11_arm64.ddeb 9032d72c1ad1a3d4de5ba94fa46eec6bc950dbb2d37de59cd5b98f99be8c8541 1286 libcurl4-openssl-dev-dbgsym_7.35.0-1ubuntu2.11_arm64.ddeb 39acbf8bca42c51b0da8d85306e564c5cdc81154d7118c1d47c798a1e24cfe0f 1286 libcurl4-gnutls-dev-dbgsym_7.35.0-1ubuntu2.11_arm64.ddeb 6f376de9698b2281744311d617342913206716755c4aba60859b0ec18853955d 1284 libcurl4-nss-dev-dbgsym_7.35.0-1ubuntu2.11_arm64.ddeb Files: cfdcc54307acc8d4801425de3a21f1c9 119366 web optional curl_7.35.0-1ubuntu2.11_arm64.deb 047735e69c2807fadf69856cd46fbfaa 958 debian-installer optional curl-udeb_7.35.0-1ubuntu2.11_arm64.udeb eea3c0071d024bfe93430db2fb1c1275 142884 libs optional libcurl3_7.35.0-1ubuntu2.11_arm64.deb a8a2523f025ab2fee3dc4c4398b2b6c4 840 debian-installer optional libcurl3-udeb_7.35.0-1ubuntu2.11_arm64.udeb e548f806974fd7f54c3afd2c7933c558 136410 libs optional libcurl3-gnutls_7.35.0-1ubuntu2.11_arm64.deb 70def3e87dda6c9ccd7aa751797ffea4 146156 libs optional libcurl3-nss_7.35.0-1ubuntu2.11_arm64.deb b0806f97c12a4cd16947ef31936276fa 218004 libdevel optional libcurl4-openssl-dev_7.35.0-1ubuntu2.11_arm64.deb a3dc045f1231da1bfde2dcac87843f07 211074 libdevel optional libcurl4-gnutls-dev_7.35.0-1ubuntu2.11_arm64.deb 7c678e26f750badf48e25a759ed7f3f0 222084 libdevel optional libcurl4-nss-dev_7.35.0-1ubuntu2.11_arm64.deb 2944e360ae485245e6ad696815a50fc3 3266094 debug extra libcurl3-dbg_7.35.0-1ubuntu2.11_arm64.deb 8e9593a13a4dba5cdcd5429cec3eba46 1084 web extra curl-dbgsym_7.35.0-1ubuntu2.11_arm64.ddeb 84d71f0e3a452fcbadf6b6e0dca400cd 986 debian-installer extra curl-udeb-dbgsym_7.35.0-1ubuntu2.11_arm64.ddeb 62bae98e382a4edcaf788d7ccdbe00d7 1202 libs extra libcurl3-dbgsym_7.35.0-1ubuntu2.11_arm64.ddeb 216a64c8ba212ce4cf634738a6677a39 904 debian-installer extra libcurl3-udeb-dbgsym_7.35.0-1ubuntu2.11_arm64.ddeb b8530cbaf399bc86e97e5085f00cfb9c 1206 libs extra libcurl3-gnutls-dbgsym_7.35.0-1ubuntu2.11_arm64.ddeb ad9ba3d4b334619ad286875c390540bd 1202 libs extra libcurl3-nss-dbgsym_7.35.0-1ubuntu2.11_arm64.ddeb 9b5149b0a0487b584bbc9c9e3cf02b3d 1286 libdevel extra libcurl4-openssl-dev-dbgsym_7.35.0-1ubuntu2.11_arm64.ddeb 789507895387427f532312cd3ddbffd7 1286 libdevel extra libcurl4-gnutls-dev-dbgsym_7.35.0-1ubuntu2.11_arm64.ddeb 8c8a9db1e30e1a07c3430f8b5d2405c4 1284 libdevel extra libcurl4-nss-dev-dbgsym_7.35.0-1ubuntu2.11_arm64.ddeb Original-Maintainer: Alessandro Ghedini Package-Type: udeb