Format: 1.8 Date: Mon, 17 Jul 2023 08:03:23 -0400 Source: curl Binary: curl libcurl3-gnutls libcurl3-nss libcurl4 libcurl4-gnutls-dev libcurl4-nss-dev libcurl4-openssl-dev Built-For-Profiles: noudeb Architecture: riscv64 Version: 7.85.0-1ubuntu0.6 Distribution: kinetic Urgency: medium Maintainer: Launchpad Build Daemon Changed-By: Marc Deslauriers Description: curl - command line tool for transferring data with URL syntax libcurl3-gnutls - easy-to-use client-side URL transfer library (GnuTLS flavour) libcurl3-nss - easy-to-use client-side URL transfer library (NSS flavour) libcurl4 - easy-to-use client-side URL transfer library (OpenSSL flavour) libcurl4-gnutls-dev - development files and documentation for libcurl (GnuTLS flavour) libcurl4-nss-dev - development files and documentation for libcurl (NSS flavour) libcurl4-openssl-dev - development files and documentation for libcurl (OpenSSL flavour) Changes: curl (7.85.0-1ubuntu0.6) kinetic-security; urgency=medium . * SECURITY UPDATE: improper certificate validation vulnerability - debian/patches/CVE-2023-28321.patch: fix host name wildcard checking in lib/vtls/hostcheck.c, tests/data/test1397, tests/unit/unit1397.c. - CVE-2023-28321 * SECURITY UPDATE: information disclosure vulnerability - debian/patches/CVE-2023-28322.patch: unify the upload/method handling in lib/curl_rtmp.c, lib/file.c, lib/ftp.c, lib/http.c, lib/imap.c, lib/rtsp.c, lib/setopt.c, lib/smb.c, lib/smtp.c, lib/tftp.c, lib/transfer.c, lib/urldata.h, lib/vssh/libssh.c, lib/vssh/libssh2.c, lib/vssh/wolfssh.c. - CVE-2023-28322 * SECURITY UPDATE: fopen race condition - debian/patches/CVE-2023-32001.patch: fix race in lib/fopen.c. - CVE-2023-32001 Checksums-Sha1: 0a3047e68d1fd26c2e0096d5eaa6e798752e03f9 157204 curl-dbgsym_7.85.0-1ubuntu0.6_riscv64.ddeb 72f030b06e29d703ec1e4e56b4d7e84312bcf259 12903 curl_7.85.0-1ubuntu0.6_riscv64.buildinfo 62719da271e806f0dc059f069efc68a0fcbb0b49 191796 curl_7.85.0-1ubuntu0.6_riscv64.deb ae375f98f29b7af7a791730d2b545cdde2b7b068 937076 libcurl3-gnutls-dbgsym_7.85.0-1ubuntu0.6_riscv64.ddeb b5c87f18cd4a99c90e19fcef2e612e54026cb31f 250728 libcurl3-gnutls_7.85.0-1ubuntu0.6_riscv64.deb 1abc7fb46eb729748e9a2c5903af546d47cabce0 977636 libcurl3-nss-dbgsym_7.85.0-1ubuntu0.6_riscv64.ddeb e057e248ded4b7370f5481f97028d99e52c91734 260678 libcurl3-nss_7.85.0-1ubuntu0.6_riscv64.deb 8d65a3fcab8b13ab81ca9f976cd9126305c88322 961750 libcurl4-dbgsym_7.85.0-1ubuntu0.6_riscv64.ddeb fa6ff774ce1eb5b8c2361bf49a42f7a9d5f78cc9 834798 libcurl4-gnutls-dev_7.85.0-1ubuntu0.6_riscv64.deb 89c40fd6e794429012949f50e8fe9b4eb6ae04e6 856940 libcurl4-nss-dev_7.85.0-1ubuntu0.6_riscv64.deb c8f3f358187f64dda95ef5cefa8c88a8cf9ba156 853224 libcurl4-openssl-dev_7.85.0-1ubuntu0.6_riscv64.deb 081377c14fdedbe897739254c7fed2a0bc44c8fb 257712 libcurl4_7.85.0-1ubuntu0.6_riscv64.deb Checksums-Sha256: 5484814615022b3578b6ef9323e4340f8a3c092b475de85c4aa8e185badba8f5 157204 curl-dbgsym_7.85.0-1ubuntu0.6_riscv64.ddeb b045ad464ba73040e3aaf51e18f5a1acfe861b9482625f3db513d892e6bd6482 12903 curl_7.85.0-1ubuntu0.6_riscv64.buildinfo 225a9afe7e6b7dfa0213f29d786382edbf8c9dfd938fc7d95ae482109c345746 191796 curl_7.85.0-1ubuntu0.6_riscv64.deb 454c9b6d739e0d6edf82da70c3150402c189626a529f9b92341d33aa821712e6 937076 libcurl3-gnutls-dbgsym_7.85.0-1ubuntu0.6_riscv64.ddeb 0030660f2027a229a3247866b0b80c78bbecc2776085103769c8851b7c8f6710 250728 libcurl3-gnutls_7.85.0-1ubuntu0.6_riscv64.deb 11fcb59c5749cfdb56b2b7ff5689b1fba784516441b39a4cf7d62a4dbc06d5d5 977636 libcurl3-nss-dbgsym_7.85.0-1ubuntu0.6_riscv64.ddeb 3098dd2f90231a233bc0e33240e1d17a1318d454fb935727958d5b72fc242a7d 260678 libcurl3-nss_7.85.0-1ubuntu0.6_riscv64.deb ec28573139236275a14342f7cf4ca47e8854984db53bb4ccce521afb9596d388 961750 libcurl4-dbgsym_7.85.0-1ubuntu0.6_riscv64.ddeb 2ed13774ca271a06dab600abd6848415dfaf96cfe151b308178169e433ea4ab4 834798 libcurl4-gnutls-dev_7.85.0-1ubuntu0.6_riscv64.deb cc30ff059786d80abd54b8eaf9cd57dfe8d918ce4c17df593324b5f3fabdbf25 856940 libcurl4-nss-dev_7.85.0-1ubuntu0.6_riscv64.deb 014a1f9230ad080805c5ee5dc65cde6da89f7459e98db5d4a48fbbb9077ce4ea 853224 libcurl4-openssl-dev_7.85.0-1ubuntu0.6_riscv64.deb ef29bc9c283e22b99b4829fcfce889cc58223ac55bcf9ab30a7d85809fbc9622 257712 libcurl4_7.85.0-1ubuntu0.6_riscv64.deb Files: 5bac9840a5e8f69c385bda7a13d6d935 157204 debug optional curl-dbgsym_7.85.0-1ubuntu0.6_riscv64.ddeb 8e158786a90ea8f675225e682ed6c00c 12903 web optional curl_7.85.0-1ubuntu0.6_riscv64.buildinfo 414599fb4d8b40b21b3a647e6b3e918c 191796 web optional curl_7.85.0-1ubuntu0.6_riscv64.deb 062351b083b02a27a560ea24bf43585b 937076 debug optional libcurl3-gnutls-dbgsym_7.85.0-1ubuntu0.6_riscv64.ddeb 6577261d51a0de8a352538adecaaee09 250728 libs optional libcurl3-gnutls_7.85.0-1ubuntu0.6_riscv64.deb 339e7746de27c48913ae8f5ea2fe3e4c 977636 debug optional libcurl3-nss-dbgsym_7.85.0-1ubuntu0.6_riscv64.ddeb a4d4a6e3d77a12bf0eece978b9e05100 260678 libs optional libcurl3-nss_7.85.0-1ubuntu0.6_riscv64.deb d50fb973bfcba70b712df80c927c9f21 961750 debug optional libcurl4-dbgsym_7.85.0-1ubuntu0.6_riscv64.ddeb 36c02a839ba292ee1fde44a0682e0980 834798 libdevel optional libcurl4-gnutls-dev_7.85.0-1ubuntu0.6_riscv64.deb ab3ed024ba29a53dbb9e6d8dc78cae2a 856940 libdevel optional libcurl4-nss-dev_7.85.0-1ubuntu0.6_riscv64.deb 8a75f0cf0ef4a1a3916694a540dda6ad 853224 libdevel optional libcurl4-openssl-dev_7.85.0-1ubuntu0.6_riscv64.deb fe9a2cf0eb1d6705408d2ec9fa7e442e 257712 libs optional libcurl4_7.85.0-1ubuntu0.6_riscv64.deb Original-Maintainer: Alessandro Ghedini