Format: 1.8 Date: Tue, 01 Apr 2014 09:59:44 -0400 Source: curl Binary: curl curl-udeb libcurl3 libcurl3-udeb libcurl3-gnutls libcurl3-nss libcurl4-openssl-dev libcurl4-gnutls-dev libcurl4-nss-dev libcurl3-dbg Architecture: i386 Version: 7.27.0-1ubuntu1.9 Distribution: quantal Urgency: medium Maintainer: Ubuntu/amd64 Build Daemon Changed-By: Marc Deslauriers Description: curl - command line tool for transferring data with URL syntax curl-udeb - Get a file from an HTTP, HTTPS or FTP server (udeb) libcurl3 - easy-to-use client-side URL transfer library (OpenSSL flavour) libcurl3-dbg - debugging symbols for libcurl (OpenSSL, GnuTLS and NSS flavours) libcurl3-gnutls - easy-to-use client-side URL transfer library (GnuTLS flavour) libcurl3-nss - easy-to-use client-side URL transfer library (NSS flavour) libcurl3-udeb - Multi-protocol file transfer library (OpenSSL) (udeb) libcurl4-gnutls-dev - development files and documentation for libcurl (GnuTLS flavour) libcurl4-nss-dev - development files and documentation for libcurl (NSS flavour) libcurl4-openssl-dev - development files and documentation for libcurl (OpenSSL flavour) Changes: curl (7.27.0-1ubuntu1.9) quantal-security; urgency=medium . * SECURITY UPDATE: wrong re-use of connections - debian/patches/CVE-2014-0138.patch: fix possible issues with NTLM HTTP logic, and extend new connection logic to other protocols in lib/http.c, lib/url.c, lib/urldata.h, add new tests to tests/data/Makefile.am, tests/data/test1418, tests/data/test1419. - CVE-2014-0138 * SECURITY UPDATE: incorrect wildcard SSL certificate validation with literal IP addresses - debian/patches/CVE-2014-0139.patch: fix wildcard logic in lib/ssluse.c. - CVE-2014-0139 * debian/patches/fix_test172.path: fix expired cookie causing test to fail. * debian/patches/disable_test519.path: disable test 519 as security update causes it to hang. Fixing this would require backporting new logic into tests/server/sws.c. Checksums-Sha1: 22b87deddbd2dfd29103cff79b540b6740c0ebf0 147266 curl_7.27.0-1ubuntu1.9_i386.deb 2fb2bcbe73c420fcd03ce92d8576016158e9cdab 84412 curl-udeb_7.27.0-1ubuntu1.9_i386.udeb d3de4f4ee6e128fd30e13085ebafb5466869823a 253854 libcurl3_7.27.0-1ubuntu1.9_i386.deb 9ab56387d3e60c6c7c8c18699848626867206f6c 128110 libcurl3-udeb_7.27.0-1ubuntu1.9_i386.udeb e7488c2c95c87575f3c260ca5b0ab113f3f055a1 245026 libcurl3-gnutls_7.27.0-1ubuntu1.9_i386.deb bc6eee1cd360df3aca806ade4b69e8cbf4cbbb37 250490 libcurl3-nss_7.27.0-1ubuntu1.9_i386.deb 80a21a69841e41ae1ae93e5abf3331b879cf59a9 1105456 libcurl4-openssl-dev_7.27.0-1ubuntu1.9_i386.deb a40df462c11534a52d888df403e69c9eb5399b4f 1098012 libcurl4-gnutls-dev_7.27.0-1ubuntu1.9_i386.deb ff0697eec530afe3b51ab513cd4fe1ab2de5ec18 1103440 libcurl4-nss-dev_7.27.0-1ubuntu1.9_i386.deb 4a8e4bcb22292dc1fa896824790a00f5a5e483a5 2962966 libcurl3-dbg_7.27.0-1ubuntu1.9_i386.deb Checksums-Sha256: c8f4750c9ea5c470416fe3622c0ddf8668a1e59e7e459bbbaeca57e4b0f24064 147266 curl_7.27.0-1ubuntu1.9_i386.deb 719cfe15075c34b2c97f1948aefc024d8dbfaeda3c37f2aa00df77b7a2b3638b 84412 curl-udeb_7.27.0-1ubuntu1.9_i386.udeb 6ae4638511007c3438b1d062c00f2eeeed14820f528492717c65a7f9a468b122 253854 libcurl3_7.27.0-1ubuntu1.9_i386.deb 93744336d77767da03fad906a5e0531013e264af8b71b5e6df617682fd5ea6dd 128110 libcurl3-udeb_7.27.0-1ubuntu1.9_i386.udeb 6b43fb7e0f057b458c3d7384788e115f8f99703152d49c1a7e2af84bcc436219 245026 libcurl3-gnutls_7.27.0-1ubuntu1.9_i386.deb a6d9091509f3ba6ad452cbd6b07ce398071e6d255c246d8a62fa5ddd8dbfa27f 250490 libcurl3-nss_7.27.0-1ubuntu1.9_i386.deb cdbd1a2b2901cb54a7539804ab660f29ca727c2641e0c8339e49ae37ce585ca7 1105456 libcurl4-openssl-dev_7.27.0-1ubuntu1.9_i386.deb f2cba352658b5ce4bf26058ce6c319626f0c71287dba3e0893396c4d92c2d182 1098012 libcurl4-gnutls-dev_7.27.0-1ubuntu1.9_i386.deb b361766f82bb011af1354a276dfbcbf4a414f29f13563a34175662a823d79967 1103440 libcurl4-nss-dev_7.27.0-1ubuntu1.9_i386.deb 9bef12951ba1a6189bff2b9a214f1125dc997aa9210142004f1df4aa19bf985f 2962966 libcurl3-dbg_7.27.0-1ubuntu1.9_i386.deb Files: 4e18b15bb9a113ee5ff4d5db19ca4cc9 147266 web optional curl_7.27.0-1ubuntu1.9_i386.deb 78219170cc000b0a0a6df8b14d3c2d3f 84412 debian-installer optional curl-udeb_7.27.0-1ubuntu1.9_i386.udeb e0ff5b405d73007180051ed6b2f8c696 253854 libs optional libcurl3_7.27.0-1ubuntu1.9_i386.deb 4b5ea79d98ee691932b3c4c7f0c27681 128110 debian-installer optional libcurl3-udeb_7.27.0-1ubuntu1.9_i386.udeb b9b3119a56c1d21ac87bd69bdcd610c5 245026 libs optional libcurl3-gnutls_7.27.0-1ubuntu1.9_i386.deb 39091de184f89c18492b2a58b499ab1b 250490 libs optional libcurl3-nss_7.27.0-1ubuntu1.9_i386.deb 9967b7ed4f55ab92697e3a57061564a1 1105456 libdevel optional libcurl4-openssl-dev_7.27.0-1ubuntu1.9_i386.deb 2329a9129b994dbccedc9069224827fa 1098012 libdevel optional libcurl4-gnutls-dev_7.27.0-1ubuntu1.9_i386.deb a6db5108ac20cf699e6913bb09440e3f 1103440 libdevel optional libcurl4-nss-dev_7.27.0-1ubuntu1.9_i386.deb 31a9bbfa81034e98a7e66d5605908c1b 2962966 debug extra libcurl3-dbg_7.27.0-1ubuntu1.9_i386.deb Original-Maintainer: Alessandro Ghedini Package-Type: udeb