Format: 1.8 Date: Wed, 04 Oct 2017 09:02:01 -0400 Source: curl Binary: curl curl-udeb libcurl3 libcurl3-udeb libcurl3-gnutls libcurl3-nss libcurl4-openssl-dev libcurl4-gnutls-dev libcurl4-nss-dev libcurl3-dbg libcurl4-doc Architecture: powerpc Version: 7.35.0-1ubuntu2.11 Distribution: trusty Urgency: medium Maintainer: Launchpad Build Daemon Changed-By: Marc Deslauriers Description: curl - command line tool for transferring data with URL syntax curl-udeb - Get a file from an HTTP, HTTPS or FTP server (udeb) libcurl3 - easy-to-use client-side URL transfer library (OpenSSL flavour) libcurl3-dbg - debugging symbols for libcurl (OpenSSL, GnuTLS and NSS flavours) libcurl3-gnutls - easy-to-use client-side URL transfer library (GnuTLS flavour) libcurl3-nss - easy-to-use client-side URL transfer library (NSS flavour) libcurl3-udeb - Multi-protocol file transfer library (OpenSSL) (udeb) libcurl4-doc - documentation for libcurl libcurl4-gnutls-dev - development files and documentation for libcurl (GnuTLS flavour) libcurl4-nss-dev - development files and documentation for libcurl (NSS flavour) libcurl4-openssl-dev - development files and documentation for libcurl (OpenSSL flavour) Changes: curl (7.35.0-1ubuntu2.11) trusty-security; urgency=medium . * SECURITY UPDATE: printf floating point buffer overflow - debian/patches/CVE-2016-9586.patch: fix floating point buffer overflow issues in lib/mprintf.c, added test to tests/data/test557, tests/libtest/lib557.c. - CVE-2016-9586 * SECURITY UPDATE: TFTP sends more than buffer size - debian/patches/CVE-2017-1000100.patch: reject file name lengths that don't fit in lib/tftp.c. - CVE-2017-1000100 * SECURITY UPDATE: URL globbing out of bounds read - debian/patches/CVE-2017-1000101.patch: do not continue parsing after a strtoul() overflow range in src/tool_urlglob.c, added test to tests/data/Makefile.am, tests/data/test1289. - CVE-2017-1000101 * SECURITY UPDATE: FTP PWD response parser out of bounds read - debian/patches/CVE-2017-1000254.patch: zero terminate the entry path even on bad input in lib/ftp.c, added test to tests/data/Makefile.am, tests/data/test1152. - CVE-2017-1000254 * SECURITY UPDATE: --write-out out of buffer read - debian/patches/CVE-2017-7407-1.patch: fix a buffer read overrun in src/tool_writeout.c added test to tests/data/Makefile.am, tests/data/test1440, tests/data/test1441. - debian/patches/CVE-2017-7407-2.patch: check for end of input in src/tool_writeout.c added test to tests/data/Makefile.am, tests/data/test1442. - CVE-2017-7407 Checksums-Sha1: 94c91c92bb39b458df7390498a0453a8a31072a0 120354 curl_7.35.0-1ubuntu2.11_powerpc.deb eefc75fcb357380f75cd6f117649d06ff91b61f6 958 curl-udeb_7.35.0-1ubuntu2.11_powerpc.udeb f4a41e759e00f25f7834ccf63c0bc0a5bd69ec14 158850 libcurl3_7.35.0-1ubuntu2.11_powerpc.deb a2580fb893b8183ec8d22aa215a5ea3eaaf42ed2 842 libcurl3-udeb_7.35.0-1ubuntu2.11_powerpc.udeb 37788eb2d0153acdcd9733c0eb9443e1cb9c6e31 152202 libcurl3-gnutls_7.35.0-1ubuntu2.11_powerpc.deb 83c63803b4db06a7f05116f532f0f45bc1403f25 162500 libcurl3-nss_7.35.0-1ubuntu2.11_powerpc.deb 964617628b988831feb04c9b35649946684e373e 225552 libcurl4-openssl-dev_7.35.0-1ubuntu2.11_powerpc.deb 3fd2160a6ac69bb014959e768587a290df14fc12 218410 libcurl4-gnutls-dev_7.35.0-1ubuntu2.11_powerpc.deb 692d7cb107597354513f365a646f01dc6032e110 229704 libcurl4-nss-dev_7.35.0-1ubuntu2.11_powerpc.deb b085c32a2e35dd6c5383baeb57ad3a5a8b951725 3329882 libcurl3-dbg_7.35.0-1ubuntu2.11_powerpc.deb f0bb876271e5ab16bf4e0a078b973547c5c74300 1084 curl-dbgsym_7.35.0-1ubuntu2.11_powerpc.ddeb d1c630a67e7f9020158d6854451e9e15ff10ac95 986 curl-udeb-dbgsym_7.35.0-1ubuntu2.11_powerpc.ddeb 06fd16cd8fe443739e8176b052e8de6d3b065bfa 1200 libcurl3-dbgsym_7.35.0-1ubuntu2.11_powerpc.ddeb c7bfa661ed6f65bc2b44d54b31ddd57d0abb7129 906 libcurl3-udeb-dbgsym_7.35.0-1ubuntu2.11_powerpc.ddeb d1bfdad574acce3a5e25e14b40480d552a1ffa51 1208 libcurl3-gnutls-dbgsym_7.35.0-1ubuntu2.11_powerpc.ddeb 019bc631ecd6d91b805e289c69f87690b9e352fa 1206 libcurl3-nss-dbgsym_7.35.0-1ubuntu2.11_powerpc.ddeb 31fd99f5b261804dd8cf854c0d6a42fada840eaf 1288 libcurl4-openssl-dev-dbgsym_7.35.0-1ubuntu2.11_powerpc.ddeb 0352aa1445b9de5c6cd3b64e408bd56a0fc50aba 1288 libcurl4-gnutls-dev-dbgsym_7.35.0-1ubuntu2.11_powerpc.ddeb eae0e7b0f0ac1066379483db5e0b35409adb6206 1284 libcurl4-nss-dev-dbgsym_7.35.0-1ubuntu2.11_powerpc.ddeb Checksums-Sha256: 1369d9a4cdf1e5887efae77f8b89bcd6fbace3b55ceb244e225df4a36443ffda 120354 curl_7.35.0-1ubuntu2.11_powerpc.deb 5050673ef45a915a04691706d69c2f1917e929d36ab2b95ea8f30ffb29e254ed 958 curl-udeb_7.35.0-1ubuntu2.11_powerpc.udeb f186a38feea4f55bc6940bf0b438a2930d2262428a791c3988f04ae9f30477c3 158850 libcurl3_7.35.0-1ubuntu2.11_powerpc.deb f7a6159daf37e263e3080cdc5751dc7f85faf711382bcdece331fff7d5196be3 842 libcurl3-udeb_7.35.0-1ubuntu2.11_powerpc.udeb a676f79016d4b67f9c1c2df73a6d71118d2f77e4507276ad45acb634d7319154 152202 libcurl3-gnutls_7.35.0-1ubuntu2.11_powerpc.deb 2b938cadcf944820e847f40382c6f04339682387a0a57b6948661f5f5fb9b957 162500 libcurl3-nss_7.35.0-1ubuntu2.11_powerpc.deb b450d0afc3f9a0927b3c5b47bd6d182c8dec72e51ecbb5d3087cedc5a21a795f 225552 libcurl4-openssl-dev_7.35.0-1ubuntu2.11_powerpc.deb c45a968183ea2bc8d5bf2b216b5a204a68959aa8a137b07a07660af35d07a7bd 218410 libcurl4-gnutls-dev_7.35.0-1ubuntu2.11_powerpc.deb ec7dae4477c66aae5473c6106519500c987db2139c4c5a3d860fd2d70b7cc885 229704 libcurl4-nss-dev_7.35.0-1ubuntu2.11_powerpc.deb 0a47b848e67b1ae1235a752bb9ccd64bfd6b5fcd622843ff530d1559a3a58fd3 3329882 libcurl3-dbg_7.35.0-1ubuntu2.11_powerpc.deb eb9a401634be7d34a874a6719b3568aa21df9b33bfc81c9339d487c721f6f694 1084 curl-dbgsym_7.35.0-1ubuntu2.11_powerpc.ddeb f2d1b58734c01cf28d586e26715def3cbce2075d52e62ba9afde03377c0a4dc3 986 curl-udeb-dbgsym_7.35.0-1ubuntu2.11_powerpc.ddeb 85a2b4f6ef9c40fb7ec7d6166ae2258fa5028a2cfa89b9b967ee0406cdda860b 1200 libcurl3-dbgsym_7.35.0-1ubuntu2.11_powerpc.ddeb 7d4686a9cfef4292721c865e4c5e37717cde52a3636325fd852ec9f390db2de2 906 libcurl3-udeb-dbgsym_7.35.0-1ubuntu2.11_powerpc.ddeb a1be27982ff53145bb9f7b87ddc4b3af57d2acf33ee4ccb958fdba95f3168ee9 1208 libcurl3-gnutls-dbgsym_7.35.0-1ubuntu2.11_powerpc.ddeb 9fd6bb34963034ffcc8757077fabc190ccba88a5176ae7850a5e5efc3ebab2f9 1206 libcurl3-nss-dbgsym_7.35.0-1ubuntu2.11_powerpc.ddeb 166c74fc0a220688b66d82c46c91839426bad85e4259faf3544f33923ca2c677 1288 libcurl4-openssl-dev-dbgsym_7.35.0-1ubuntu2.11_powerpc.ddeb 1c31d9052f087da25845e0234efb9a5d82ca9dd435c02dfa43b2b9b94ce9d074 1288 libcurl4-gnutls-dev-dbgsym_7.35.0-1ubuntu2.11_powerpc.ddeb 07d92d08927b68fd6b2029ad8322f2b982553c319db66cfe258532c565f248c5 1284 libcurl4-nss-dev-dbgsym_7.35.0-1ubuntu2.11_powerpc.ddeb Files: 503ce9ac615c4ed9fa7fe4ae469d7a34 120354 web optional curl_7.35.0-1ubuntu2.11_powerpc.deb 0ba60f9bbff92460fc0a43272fcb19e0 958 debian-installer optional curl-udeb_7.35.0-1ubuntu2.11_powerpc.udeb e8c943d063f5db25af6d29754e168728 158850 libs optional libcurl3_7.35.0-1ubuntu2.11_powerpc.deb 0675f1b660d56dfd6283268f0e38f8d8 842 debian-installer optional libcurl3-udeb_7.35.0-1ubuntu2.11_powerpc.udeb 5d686de412e10044644a5302e1f0eae4 152202 libs optional libcurl3-gnutls_7.35.0-1ubuntu2.11_powerpc.deb 15d2a1089fdb94bb20aa0f60c7d2c5bb 162500 libs optional libcurl3-nss_7.35.0-1ubuntu2.11_powerpc.deb 88f89cf38d95707517bf17a1e1e4f2cd 225552 libdevel optional libcurl4-openssl-dev_7.35.0-1ubuntu2.11_powerpc.deb c6bef5859b46cfb4eee7cac68dc8fd3a 218410 libdevel optional libcurl4-gnutls-dev_7.35.0-1ubuntu2.11_powerpc.deb 235c4aca523c11e408f2947f5bea34b3 229704 libdevel optional libcurl4-nss-dev_7.35.0-1ubuntu2.11_powerpc.deb 10d597dc7758758ae4177514ec41ff4f 3329882 debug extra libcurl3-dbg_7.35.0-1ubuntu2.11_powerpc.deb 44c05d684364f69e531db2d8b46ac684 1084 web extra curl-dbgsym_7.35.0-1ubuntu2.11_powerpc.ddeb bd28e6780f818f8d564125b8b9164a8e 986 debian-installer extra curl-udeb-dbgsym_7.35.0-1ubuntu2.11_powerpc.ddeb 4143daf3e8c7be96c9da54de34390ff4 1200 libs extra libcurl3-dbgsym_7.35.0-1ubuntu2.11_powerpc.ddeb e8e6e4dc6f7ad39f33cfc661c03bd4af 906 debian-installer extra libcurl3-udeb-dbgsym_7.35.0-1ubuntu2.11_powerpc.ddeb 99251c93840d46177d647f0e13164eb2 1208 libs extra libcurl3-gnutls-dbgsym_7.35.0-1ubuntu2.11_powerpc.ddeb e2f8abd64310ed45126c434152d9b71a 1206 libs extra libcurl3-nss-dbgsym_7.35.0-1ubuntu2.11_powerpc.ddeb 84c455a9980a35c156986af9802ad818 1288 libdevel extra libcurl4-openssl-dev-dbgsym_7.35.0-1ubuntu2.11_powerpc.ddeb 6377fc683d1cb89ddb42f5fe9e4b7ee0 1288 libdevel extra libcurl4-gnutls-dev-dbgsym_7.35.0-1ubuntu2.11_powerpc.ddeb 7f002bb1a1f56d0c742148d1a92fd916 1284 libdevel extra libcurl4-nss-dev-dbgsym_7.35.0-1ubuntu2.11_powerpc.ddeb Original-Maintainer: Alessandro Ghedini Package-Type: udeb