Format: 1.8 Date: Wed, 04 Oct 2017 09:02:01 -0400 Source: curl Binary: curl curl-udeb libcurl3 libcurl3-udeb libcurl3-gnutls libcurl3-nss libcurl4-openssl-dev libcurl4-gnutls-dev libcurl4-nss-dev libcurl3-dbg libcurl4-doc Architecture: ppc64el Version: 7.35.0-1ubuntu2.11 Distribution: trusty Urgency: medium Maintainer: Launchpad Build Daemon Changed-By: Marc Deslauriers Description: curl - command line tool for transferring data with URL syntax curl-udeb - Get a file from an HTTP, HTTPS or FTP server (udeb) libcurl3 - easy-to-use client-side URL transfer library (OpenSSL flavour) libcurl3-dbg - debugging symbols for libcurl (OpenSSL, GnuTLS and NSS flavours) libcurl3-gnutls - easy-to-use client-side URL transfer library (GnuTLS flavour) libcurl3-nss - easy-to-use client-side URL transfer library (NSS flavour) libcurl3-udeb - Multi-protocol file transfer library (OpenSSL) (udeb) libcurl4-doc - documentation for libcurl libcurl4-gnutls-dev - development files and documentation for libcurl (GnuTLS flavour) libcurl4-nss-dev - development files and documentation for libcurl (NSS flavour) libcurl4-openssl-dev - development files and documentation for libcurl (OpenSSL flavour) Changes: curl (7.35.0-1ubuntu2.11) trusty-security; urgency=medium . * SECURITY UPDATE: printf floating point buffer overflow - debian/patches/CVE-2016-9586.patch: fix floating point buffer overflow issues in lib/mprintf.c, added test to tests/data/test557, tests/libtest/lib557.c. - CVE-2016-9586 * SECURITY UPDATE: TFTP sends more than buffer size - debian/patches/CVE-2017-1000100.patch: reject file name lengths that don't fit in lib/tftp.c. - CVE-2017-1000100 * SECURITY UPDATE: URL globbing out of bounds read - debian/patches/CVE-2017-1000101.patch: do not continue parsing after a strtoul() overflow range in src/tool_urlglob.c, added test to tests/data/Makefile.am, tests/data/test1289. - CVE-2017-1000101 * SECURITY UPDATE: FTP PWD response parser out of bounds read - debian/patches/CVE-2017-1000254.patch: zero terminate the entry path even on bad input in lib/ftp.c, added test to tests/data/Makefile.am, tests/data/test1152. - CVE-2017-1000254 * SECURITY UPDATE: --write-out out of buffer read - debian/patches/CVE-2017-7407-1.patch: fix a buffer read overrun in src/tool_writeout.c added test to tests/data/Makefile.am, tests/data/test1440, tests/data/test1441. - debian/patches/CVE-2017-7407-2.patch: check for end of input in src/tool_writeout.c added test to tests/data/Makefile.am, tests/data/test1442. - CVE-2017-7407 Checksums-Sha1: 143d8e64a602922c85ccaf5cb0447708fe98612e 122112 curl_7.35.0-1ubuntu2.11_ppc64el.deb 49e2a24658009860f69105d93299ae4dc37e3ff3 962 curl-udeb_7.35.0-1ubuntu2.11_ppc64el.udeb 4262c14f3e0f877b891b3913d1da8eb62a7dfb92 172420 libcurl3_7.35.0-1ubuntu2.11_ppc64el.deb e779b9d0144db48bd51fd058fb7e0180911c7e73 842 libcurl3-udeb_7.35.0-1ubuntu2.11_ppc64el.udeb 6ed45fd674a36cbf37b87e084d67b9607a60e8cc 166020 libcurl3-gnutls_7.35.0-1ubuntu2.11_ppc64el.deb 4a1c9029b5a2037c6eb4072c7f0e030eeeb74bc1 177298 libcurl3-nss_7.35.0-1ubuntu2.11_ppc64el.deb 1038754f1b82d25a56f224f39de61bda159e1650 253386 libcurl4-openssl-dev_7.35.0-1ubuntu2.11_ppc64el.deb 6d1fdcea9a82259a9eba5a024b77cc1ef98ba1c1 246342 libcurl4-gnutls-dev_7.35.0-1ubuntu2.11_ppc64el.deb c1ecb78b62934ec1c9a960e1bb26782661b1ac08 260718 libcurl4-nss-dev_7.35.0-1ubuntu2.11_ppc64el.deb fcb2a58e08013c1e23131685cde6860f3087c9d9 3478810 libcurl3-dbg_7.35.0-1ubuntu2.11_ppc64el.deb e85eabc985ead5f7d9954b524154377ae738c28c 1084 curl-dbgsym_7.35.0-1ubuntu2.11_ppc64el.ddeb 5308aa2cfda3c6724aeddc53a62127e98173a985 986 curl-udeb-dbgsym_7.35.0-1ubuntu2.11_ppc64el.ddeb 69821611c4a86e249aa186b2dc3a6ec79e592897 1202 libcurl3-dbgsym_7.35.0-1ubuntu2.11_ppc64el.ddeb ecae192c84c54176efa1750948e2dc5907a476d2 904 libcurl3-udeb-dbgsym_7.35.0-1ubuntu2.11_ppc64el.ddeb eca1803713e356ec50b124cde9b81c34a7d6e087 1208 libcurl3-gnutls-dbgsym_7.35.0-1ubuntu2.11_ppc64el.ddeb dde7af342e1aab2977a8e61f8169b34b399e6c98 1206 libcurl3-nss-dbgsym_7.35.0-1ubuntu2.11_ppc64el.ddeb 4c5a2225af5983d1b2cf8891faec5d074bdd4f92 1284 libcurl4-openssl-dev-dbgsym_7.35.0-1ubuntu2.11_ppc64el.ddeb e0679d7d031b320a932e03c397d17552588c127d 1284 libcurl4-gnutls-dev-dbgsym_7.35.0-1ubuntu2.11_ppc64el.ddeb 657daa5ea1a21dd7ad680e3992dc63e78da84f5b 1282 libcurl4-nss-dev-dbgsym_7.35.0-1ubuntu2.11_ppc64el.ddeb Checksums-Sha256: 4bec5e870925fe6daa48afe35a047ce1ae75449738ff1a73df4411c75848f0d4 122112 curl_7.35.0-1ubuntu2.11_ppc64el.deb 5ee5a63365ccc2d9e02e2ef09d33c9c14fc47c737ed900aa3778592d8b4235be 962 curl-udeb_7.35.0-1ubuntu2.11_ppc64el.udeb 1f6bfd45b3d408353a91b80015dda67df2569857ead1391b0a1f5c0268959f6c 172420 libcurl3_7.35.0-1ubuntu2.11_ppc64el.deb d1dec69ca0ed550c78f1a562869fcc13e05771b28b82650bf1c1e1f60ff6de49 842 libcurl3-udeb_7.35.0-1ubuntu2.11_ppc64el.udeb 910bedca0afa577ddb191878720d6b4916349bd871d1e43ca4ddda81f138c783 166020 libcurl3-gnutls_7.35.0-1ubuntu2.11_ppc64el.deb ea93ae9b5a414914acad3b9119cba5339e8abfadfdc6f6b91ab8659013474b41 177298 libcurl3-nss_7.35.0-1ubuntu2.11_ppc64el.deb dac90fdc8f224d1d0f92081b994e69ed906cffc43922f63a877df98ece5701a8 253386 libcurl4-openssl-dev_7.35.0-1ubuntu2.11_ppc64el.deb 1183bc159d4cee8d000c1a5eec2e3903f0fecac3586110ee601b8765f8a339ea 246342 libcurl4-gnutls-dev_7.35.0-1ubuntu2.11_ppc64el.deb ae1232eefff20bfb53ab9b830433b1639cf24ad0e0fa31eb65fdcbf6283e5f5e 260718 libcurl4-nss-dev_7.35.0-1ubuntu2.11_ppc64el.deb 678b2ef8eb4bbb8b6a37ff695c63c35cc823d22e1190faee6d4127b9a418c736 3478810 libcurl3-dbg_7.35.0-1ubuntu2.11_ppc64el.deb bb991311a307242c9973bf85f30724e3063626ee7408bd83030c39562023f5fb 1084 curl-dbgsym_7.35.0-1ubuntu2.11_ppc64el.ddeb 4ce3a01a8f53dcb4064d95671523b8a820a97e3bae9c94817c0e74259a36a4a4 986 curl-udeb-dbgsym_7.35.0-1ubuntu2.11_ppc64el.ddeb 21db1f83a98727f16e82f9ad37ae92793b14b1434de9d8290cb6ca5a833b8f7d 1202 libcurl3-dbgsym_7.35.0-1ubuntu2.11_ppc64el.ddeb ce26aa97048a69e84005296ada3b357799bb0a9ecf821fad47533c389c49934b 904 libcurl3-udeb-dbgsym_7.35.0-1ubuntu2.11_ppc64el.ddeb ca4ce6195ace0718a03b964eb8a5676bbb6e4646316964376f8a8873fbeb3731 1208 libcurl3-gnutls-dbgsym_7.35.0-1ubuntu2.11_ppc64el.ddeb ee5c1f9d67c024fe6fbf96fc84a441625acfa2f816b7c6f29340f1c47f63782c 1206 libcurl3-nss-dbgsym_7.35.0-1ubuntu2.11_ppc64el.ddeb d3759c5649c49cea2ee6ebc07c0f85765c8b49939b5bbc0c18c2497f7158608d 1284 libcurl4-openssl-dev-dbgsym_7.35.0-1ubuntu2.11_ppc64el.ddeb da0dcc8c92aeef9376d8c5212cbc7cb6c49118f6f7fb626ea8378db212431882 1284 libcurl4-gnutls-dev-dbgsym_7.35.0-1ubuntu2.11_ppc64el.ddeb 259fd540057a6ff0fb1ab32da11da1bdbbf1735143fda8e3ed41d242084a707a 1282 libcurl4-nss-dev-dbgsym_7.35.0-1ubuntu2.11_ppc64el.ddeb Files: a51c15d1aabb3e92360396858e3c5d03 122112 web optional curl_7.35.0-1ubuntu2.11_ppc64el.deb aa5208c6ad486803966bf6c1862286d8 962 debian-installer optional curl-udeb_7.35.0-1ubuntu2.11_ppc64el.udeb 7856e607e01ee781998266f1369ca5ce 172420 libs optional libcurl3_7.35.0-1ubuntu2.11_ppc64el.deb 9d0760e902909bc441bf29f4ddcf59c6 842 debian-installer optional libcurl3-udeb_7.35.0-1ubuntu2.11_ppc64el.udeb 787a7ea1c1eaab3d352fe2da54b5f733 166020 libs optional libcurl3-gnutls_7.35.0-1ubuntu2.11_ppc64el.deb e3b3ec66e8ac0c07a699c455bae63d9c 177298 libs optional libcurl3-nss_7.35.0-1ubuntu2.11_ppc64el.deb 9c56ce5b4c99dd6852c2495d7f7f2f40 253386 libdevel optional libcurl4-openssl-dev_7.35.0-1ubuntu2.11_ppc64el.deb d8d6744ab12263aac0826146b505d1f1 246342 libdevel optional libcurl4-gnutls-dev_7.35.0-1ubuntu2.11_ppc64el.deb 0be9d8a73cbe20f180bc01c6b7acc205 260718 libdevel optional libcurl4-nss-dev_7.35.0-1ubuntu2.11_ppc64el.deb f306ce14b7c8452da5ef7f8425f20144 3478810 debug extra libcurl3-dbg_7.35.0-1ubuntu2.11_ppc64el.deb efb24acb9a6c60a1bf7a4c4f970ed1d2 1084 web extra curl-dbgsym_7.35.0-1ubuntu2.11_ppc64el.ddeb 031e7ae58668bfb641e2a8d133f9d247 986 debian-installer extra curl-udeb-dbgsym_7.35.0-1ubuntu2.11_ppc64el.ddeb 6f3c469dbbae5fc980745b9b17e5fc4a 1202 libs extra libcurl3-dbgsym_7.35.0-1ubuntu2.11_ppc64el.ddeb 41f0bc9992e30e04a5a8baa04b06f5e5 904 debian-installer extra libcurl3-udeb-dbgsym_7.35.0-1ubuntu2.11_ppc64el.ddeb cdf51c3e89e854b8a095631215d2745f 1208 libs extra libcurl3-gnutls-dbgsym_7.35.0-1ubuntu2.11_ppc64el.ddeb 8fd620a90c599a789a7ca97761cf46f3 1206 libs extra libcurl3-nss-dbgsym_7.35.0-1ubuntu2.11_ppc64el.ddeb 7b76d9d15d52ef00da3c12ca2090b572 1284 libdevel extra libcurl4-openssl-dev-dbgsym_7.35.0-1ubuntu2.11_ppc64el.ddeb ef6d6662eb7b9d451660ad1e534d04da 1284 libdevel extra libcurl4-gnutls-dev-dbgsym_7.35.0-1ubuntu2.11_ppc64el.ddeb 24c7af89fae7e9859b675b148fcf0ec3 1282 libdevel extra libcurl4-nss-dev-dbgsym_7.35.0-1ubuntu2.11_ppc64el.ddeb Original-Maintainer: Alessandro Ghedini Package-Type: udeb