Format: 1.8 Date: Thu, 16 May 2019 08:32:04 -0400 Source: curl Binary: curl libcurl3-gnutls libcurl3-nss libcurl4 libcurl4-gnutls-dev libcurl4-nss-dev libcurl4-openssl-dev Architecture: i386 Version: 7.64.0-2ubuntu1.1 Distribution: disco Urgency: medium Maintainer: Launchpad Build Daemon Changed-By: Marc Deslauriers Description: curl - command line tool for transferring data with URL syntax libcurl3-gnutls - easy-to-use client-side URL transfer library (GnuTLS flavour) libcurl3-nss - easy-to-use client-side URL transfer library (NSS flavour) libcurl4 - easy-to-use client-side URL transfer library (OpenSSL flavour) libcurl4-gnutls-dev - development files and documentation for libcurl (GnuTLS flavour) libcurl4-nss-dev - development files and documentation for libcurl (NSS flavour) libcurl4-openssl-dev - development files and documentation for libcurl (OpenSSL flavour) Changes: curl (7.64.0-2ubuntu1.1) disco-security; urgency=medium . * SECURITY UPDATE: Integer overflows in curl_url_set() - debian/patches/CVE-2019-5345.patch: limit sizes in lib/setopt.c, lib/urlapi.c, lib/urldata.h, tests/data/Makefile.inc, tests/data/test1559, tests/libtest/Makefile.inc, tests/libtest/lib1559.c. - CVE-2019-5345 * SECURITY UPDATE: TFTP receive buffer overflow - debian/patches/CVE-2019-5346.patch: use the current blksize in lib/tftp.c. - CVE-2019-5346 Checksums-Sha1: 4ec767fe112d43f3370c1ebd58f332fcc2724101 107016 curl-dbgsym_7.64.0-2ubuntu1.1_i386.ddeb 551a9eda0b06b09f2d7dc2b80be120d3e292fcb9 10752 curl_7.64.0-2ubuntu1.1_i386.buildinfo 195ff88336cbd854be3ab810bd651810043e48e7 169192 curl_7.64.0-2ubuntu1.1_i386.deb abe25cae105b7f3644b0538409ab66a886ba5450 649112 libcurl3-gnutls-dbgsym_7.64.0-2ubuntu1.1_i386.ddeb 2eaff949020de21bd53bbaeae83b19abddbca5c4 256140 libcurl3-gnutls_7.64.0-2ubuntu1.1_i386.deb 802149f318ae427ee1566785dc3bfc56c189a4c3 685896 libcurl3-nss-dbgsym_7.64.0-2ubuntu1.1_i386.ddeb 4210bad9880f4ce50a1702aa3ee077b6457b9769 262100 libcurl3-nss_7.64.0-2ubuntu1.1_i386.deb 8b50977d96d2f62076d89031e331b81a3b980ac7 666760 libcurl4-dbgsym_7.64.0-2ubuntu1.1_i386.ddeb 8252314050fd7dc6af79017cfa647014b6c1f069 351144 libcurl4-gnutls-dev_7.64.0-2ubuntu1.1_i386.deb 15802f8501c9d8de0e9107ea47a1eabf23e5fb3f 357812 libcurl4-nss-dev_7.64.0-2ubuntu1.1_i386.deb 2dea1bcfc528c89e396d1b0173c9e1ee92ebc657 354356 libcurl4-openssl-dev_7.64.0-2ubuntu1.1_i386.deb 04a3549cba1c88f3d6fd849c755eeb4792ade6d5 259248 libcurl4_7.64.0-2ubuntu1.1_i386.deb Checksums-Sha256: 0e0b9681b77d5f5d134bae8a3846fedc5df0e39520db17ebc69f00222e7fdefc 107016 curl-dbgsym_7.64.0-2ubuntu1.1_i386.ddeb 5380ee5e355ec8732c138941864461b5fb4af4b210f28f3e00da0882990163c5 10752 curl_7.64.0-2ubuntu1.1_i386.buildinfo 53a6029740216ad7e7fec30594beeb4b3b07a3ea065dcdee6fd0431330e24622 169192 curl_7.64.0-2ubuntu1.1_i386.deb d1a0a775860aadbea007c7b02dd2180bc17a4cf734644315761e86f539b84b46 649112 libcurl3-gnutls-dbgsym_7.64.0-2ubuntu1.1_i386.ddeb b4273491f3a640e614e513b9f589c9d0aa5d9f8c544a79e6181ece005baf0c5d 256140 libcurl3-gnutls_7.64.0-2ubuntu1.1_i386.deb f8affc0723ea65674dccd6427095a65b8ee69640650a80692610300c2833ad01 685896 libcurl3-nss-dbgsym_7.64.0-2ubuntu1.1_i386.ddeb 1c06a87e1bf740fa4090a0dd26b1ee63492c385f62cf2425b567ecd6a58ef27d 262100 libcurl3-nss_7.64.0-2ubuntu1.1_i386.deb 794753137cde491fff0d0400d4d9c2bd0e362d2a6274408a93b5c7fc4ebf7c12 666760 libcurl4-dbgsym_7.64.0-2ubuntu1.1_i386.ddeb eb4a8c7f3e7bad6d180cd3207f08eb6280f5e517d0b622656894dffce32a5b9e 351144 libcurl4-gnutls-dev_7.64.0-2ubuntu1.1_i386.deb 14d67933fd1902a47c0b696ea5fa0e3a96aa5ea4b05aa039debc010ec87c55b8 357812 libcurl4-nss-dev_7.64.0-2ubuntu1.1_i386.deb 55d6c4f6ce42d8fdfce638cd61fea2e86b28480d93b2ab048a17f147b6a6f03a 354356 libcurl4-openssl-dev_7.64.0-2ubuntu1.1_i386.deb 7ee909946f91538ff1385c9a71c1d6ca6e3bd18d5b4d51d861c08f20e050aa8e 259248 libcurl4_7.64.0-2ubuntu1.1_i386.deb Files: f8b552c2b7116b67d2be3a931b16d70b 107016 debug optional curl-dbgsym_7.64.0-2ubuntu1.1_i386.ddeb d2b319ca235c84edc9570305f7b5d65b 10752 web optional curl_7.64.0-2ubuntu1.1_i386.buildinfo e5ca4539d18afee5ffdd2e5731085bc4 169192 web optional curl_7.64.0-2ubuntu1.1_i386.deb bf833fbe8bf8d9a2049e3c2235279393 649112 debug optional libcurl3-gnutls-dbgsym_7.64.0-2ubuntu1.1_i386.ddeb 760916f08e575c9dbf19b4350ab8cef3 256140 libs optional libcurl3-gnutls_7.64.0-2ubuntu1.1_i386.deb d3d4c13c9c338469a45ae1e26256f8ae 685896 debug optional libcurl3-nss-dbgsym_7.64.0-2ubuntu1.1_i386.ddeb a023ea6c42877c37d9bef2c5c9e2a161 262100 libs optional libcurl3-nss_7.64.0-2ubuntu1.1_i386.deb 4bcb530c0f2ce46bb47ca2cc67f99253 666760 debug optional libcurl4-dbgsym_7.64.0-2ubuntu1.1_i386.ddeb 6bafb92dc670933636ddc5c328ace157 351144 libdevel optional libcurl4-gnutls-dev_7.64.0-2ubuntu1.1_i386.deb 7fa77fcbfa955d8fc4dcb87677b0d887 357812 libdevel optional libcurl4-nss-dev_7.64.0-2ubuntu1.1_i386.deb 577bf1c4ee1f1b48f7abcd3252486f9c 354356 libdevel optional libcurl4-openssl-dev_7.64.0-2ubuntu1.1_i386.deb a0b116d3f6cdf87b9c6488f877194901 259248 libs optional libcurl4_7.64.0-2ubuntu1.1_i386.deb Original-Maintainer: Alessandro Ghedini