Format: 1.8 Date: Mon, 17 Jul 2023 07:53:10 -0400 Source: curl Binary: curl libcurl3-gnutls libcurl3-nss libcurl4 libcurl4-gnutls-dev libcurl4-nss-dev libcurl4-openssl-dev Built-For-Profiles: noudeb Architecture: i386 Version: 7.88.1-8ubuntu2.1 Distribution: lunar Urgency: medium Maintainer: Launchpad Build Daemon Changed-By: Marc Deslauriers Description: curl - command line tool for transferring data with URL syntax libcurl3-gnutls - easy-to-use client-side URL transfer library (GnuTLS flavour) libcurl3-nss - easy-to-use client-side URL transfer library (NSS flavour) libcurl4 - easy-to-use client-side URL transfer library (OpenSSL flavour) libcurl4-gnutls-dev - development files and documentation for libcurl (GnuTLS flavour) libcurl4-nss-dev - development files and documentation for libcurl (NSS flavour) libcurl4-openssl-dev - development files and documentation for libcurl (OpenSSL flavour) Changes: curl (7.88.1-8ubuntu2.1) lunar-security; urgency=medium . * SECURITY UPDATE: improper certificate validation vulnerability - debian/patches/CVE-2023-28321.patch: fix host name wildcard checking in lib/vtls/hostcheck.c, tests/data/test1397, tests/unit/unit1397.c. - CVE-2023-28321 * SECURITY UPDATE: information disclosure vulnerability - debian/patches/CVE-2023-28322.patch: unify the upload/method handling in lib/curl_rtmp.c, lib/file.c, lib/ftp.c, lib/http.c, lib/imap.c, lib/rtsp.c, lib/setopt.c, lib/smb.c, lib/smtp.c, lib/tftp.c, lib/transfer.c, lib/urldata.h, lib/vssh/libssh.c, lib/vssh/libssh2.c, lib/vssh/wolfssh.c. - CVE-2023-28322 * SECURITY UPDATE: fopen race condition - debian/patches/CVE-2023-32001.patch: fix race in lib/fopen.c. - CVE-2023-32001 Checksums-Sha1: 17e194cda73628c781105d1f382ff7a64a6119c2 145124 curl-dbgsym_7.88.1-8ubuntu2.1_i386.ddeb cb88dfccb75afd476ed5447b4a3189c63408f86c 12025 curl_7.88.1-8ubuntu2.1_i386.buildinfo d82a335955cec805f0c46e792b432474ee13aae3 216872 curl_7.88.1-8ubuntu2.1_i386.deb 2e455079fd76a6465f713eea9791a38cefa9613d 894004 libcurl3-gnutls-dbgsym_7.88.1-8ubuntu2.1_i386.ddeb 6e15a6c1583671b412de8e03dc85b4a8a8562a22 333370 libcurl3-gnutls_7.88.1-8ubuntu2.1_i386.deb 8c5dcb5ec8f728024970b5542378c4a78d46758c 935590 libcurl3-nss-dbgsym_7.88.1-8ubuntu2.1_i386.ddeb cfb40cbda6551046cdc73b6dd84364c463eb58f2 341770 libcurl3-nss_7.88.1-8ubuntu2.1_i386.deb f9db7ac481600012aebb5f8698db0258fa0dafbb 915542 libcurl4-dbgsym_7.88.1-8ubuntu2.1_i386.ddeb f159e5dbbd80f3a18282179766a8803cab4d57ac 455346 libcurl4-gnutls-dev_7.88.1-8ubuntu2.1_i386.deb ef335425e6b559156be4e116dd68ec883b8a224b 465094 libcurl4-nss-dev_7.88.1-8ubuntu2.1_i386.deb acb67f0e3c9d8241979774aaf796cc1fcefe00c7 463128 libcurl4-openssl-dev_7.88.1-8ubuntu2.1_i386.deb a60ae80baf4a1d6c26e52a7dc5e9c1ece3c4d4b3 339882 libcurl4_7.88.1-8ubuntu2.1_i386.deb Checksums-Sha256: 41e3c5095584949b964bcefe3fd7606559d1c7e6462d0aa5e4eee7bbd965fd03 145124 curl-dbgsym_7.88.1-8ubuntu2.1_i386.ddeb d9c64d2633d116751255b6c1f1cc1fc2c377e625c2d05adcba00a14db0b99a7a 12025 curl_7.88.1-8ubuntu2.1_i386.buildinfo ef511795d277e69a01f928627b608020a90cd3860d4d08294526ebbfe3eabbb2 216872 curl_7.88.1-8ubuntu2.1_i386.deb 2c27f5aa9ccef874638fa8277cf41b9d8a7583e70ecc476f6f786935a9c5d57e 894004 libcurl3-gnutls-dbgsym_7.88.1-8ubuntu2.1_i386.ddeb b7b15045ce21273dfe9de4ae94b20a921925860c4a502f2508ef8685a10af31c 333370 libcurl3-gnutls_7.88.1-8ubuntu2.1_i386.deb ae0736c5e487f352d647e32f09bc3b2c4cd5abd6404f4a35229d695aff1ff0d0 935590 libcurl3-nss-dbgsym_7.88.1-8ubuntu2.1_i386.ddeb 3e236ddf8235b590e397029bbfab636fc21600cabcf984b2cbb92dde7afe1e8e 341770 libcurl3-nss_7.88.1-8ubuntu2.1_i386.deb 2b49911bcb015e80ff4ab9878bb8a89ec02662a1406e071962747bccbc9ff163 915542 libcurl4-dbgsym_7.88.1-8ubuntu2.1_i386.ddeb 53549d1f0327917014c7602efc9302cc093705f8b81eed19448ac2eca8608410 455346 libcurl4-gnutls-dev_7.88.1-8ubuntu2.1_i386.deb 5d7ee0e917d4f904db14c7b712bb9a324fd5866864fc6fded5836c263060b17b 465094 libcurl4-nss-dev_7.88.1-8ubuntu2.1_i386.deb 29521048365344a1995a9e1b978558588b09b0a2efee9e35b17193d10d989c49 463128 libcurl4-openssl-dev_7.88.1-8ubuntu2.1_i386.deb 1a5cc5dcf8b622bf4c4c8913b2ad00f5d32c1749de97c8ada48f2b4d77703c25 339882 libcurl4_7.88.1-8ubuntu2.1_i386.deb Files: e9f16ce0343d850c93e0d53b005584fa 145124 debug optional curl-dbgsym_7.88.1-8ubuntu2.1_i386.ddeb 1f95ac3985d39491fdd134b5c9045d50 12025 web optional curl_7.88.1-8ubuntu2.1_i386.buildinfo 8065ee75869260613d68f6ddd289b199 216872 web optional curl_7.88.1-8ubuntu2.1_i386.deb 0da6f0329082971814e4d32c6a1341ba 894004 debug optional libcurl3-gnutls-dbgsym_7.88.1-8ubuntu2.1_i386.ddeb 415e2f7700c41bb1a56cabc68a0c3342 333370 libs optional libcurl3-gnutls_7.88.1-8ubuntu2.1_i386.deb 1d0944a72f4dd8aaaa8cf6828637c56c 935590 debug optional libcurl3-nss-dbgsym_7.88.1-8ubuntu2.1_i386.ddeb 903769a2f1a03d729d6004829f531e36 341770 libs optional libcurl3-nss_7.88.1-8ubuntu2.1_i386.deb eac59cbd0fa4f305361422308ec2318e 915542 debug optional libcurl4-dbgsym_7.88.1-8ubuntu2.1_i386.ddeb 6e34a09ffd4a909c78e0da1d1e773d1a 455346 libdevel optional libcurl4-gnutls-dev_7.88.1-8ubuntu2.1_i386.deb 1c8df06cf9ca7ceb6cdcefbd334aabd9 465094 libdevel optional libcurl4-nss-dev_7.88.1-8ubuntu2.1_i386.deb 4bdd6f72828fc586aca48a96be346edd 463128 libdevel optional libcurl4-openssl-dev_7.88.1-8ubuntu2.1_i386.deb b8f16d63f85bfd658c98bb033c47a6ff 339882 libs optional libcurl4_7.88.1-8ubuntu2.1_i386.deb Original-Maintainer: Alessandro Ghedini