Publishing details
Changelog
curl (7.88.1-11+20.04.sav1) focal; urgency=medium
* SECURITY UPDATE: SOCKS5 heap buffer overflow
- debian/patches/CVE-2023-38545.patch: return error if hostname too
long for remote resolve in lib/socks.c, tests/data/Makefile.inc,
tests/data/test728.
- CVE-2023-38545
* SECURITY UPDATE: cookie injection with none file
- debian/patches/CVE-2023-38546.patch: remove unnecessary struct fields
in lib/cookie.c, lib/cookie.h, lib/easy.c.
- CVE-2023-38546
[ patches thanks to Marc Deslauriers <email address hidden> ]
-- Rob Savoury <email address hidden> Fri, 20 Oct 2023 06:47:26 -0700
Builds
Built packages
-
curl
command line tool for transferring data with URL syntax
-
curl-dbgsym
debug symbols for curl
-
libcurl3-gnutls
easy-to-use client-side URL transfer library (GnuTLS flavour)
-
libcurl3-gnutls-dbgsym
debug symbols for libcurl3-gnutls
-
libcurl3-nss
easy-to-use client-side URL transfer library (NSS flavour)
-
libcurl3-nss-dbgsym
debug symbols for libcurl3-nss
-
libcurl4
easy-to-use client-side URL transfer library (OpenSSL flavour)
-
libcurl4-dbgsym
debug symbols for libcurl4
-
libcurl4-doc
documentation for libcurl
-
libcurl4-gnutls-dev
development files and documentation for libcurl (GnuTLS flavour)
-
libcurl4-nss-dev
development files and documentation for libcurl (NSS flavour)
-
libcurl4-openssl-dev
development files and documentation for libcurl (OpenSSL flavour)
Package files