Format: 1.8 Date: Tue, 28 Nov 2017 07:59:20 -0500 Source: curl Binary: curl libcurl3 libcurl3-gnutls libcurl3-nss libcurl4-openssl-dev libcurl4-gnutls-dev libcurl4-nss-dev libcurl4-doc Architecture: i386 Version: 7.55.1-1ubuntu2.2 Distribution: artful Urgency: medium Maintainer: Launchpad Build Daemon Changed-By: Marc Deslauriers Description: curl - command line tool for transferring data with URL syntax libcurl3 - easy-to-use client-side URL transfer library (OpenSSL flavour) libcurl3-gnutls - easy-to-use client-side URL transfer library (GnuTLS flavour) libcurl3-nss - easy-to-use client-side URL transfer library (NSS flavour) libcurl4-doc - documentation for libcurl libcurl4-gnutls-dev - development files and documentation for libcurl (GnuTLS flavour) libcurl4-nss-dev - development files and documentation for libcurl (NSS flavour) libcurl4-openssl-dev - development files and documentation for libcurl (OpenSSL flavour) Changes: curl (7.55.1-1ubuntu2.2) artful-security; urgency=medium . * SECURITY UPDATE: NTLM buffer overflow via integer overflow - debian/patches/CVE-2017-8816.patch: avoid integer overflow for malloc size in lib/curl_ntlm_core.c - CVE-2017-8816 * SECURITY UPDATE: FTP wildcard out of bounds read - debian/patches/CVE-2017-8817.patch: fix heap buffer overflow in setcharset in lib/curl_fnmatch.c, added tests to tests/data/Makefile.inc, tests/data/test1163. - CVE-2017-8817 Checksums-Sha1: fddb9e2f675d019ab4b07bdf48e2e3e5093a2fe8 118940 curl-dbgsym_7.55.1-1ubuntu2.2_i386.ddeb a9556384e66263467a3857374ea6cdf77edae4d2 10765 curl_7.55.1-1ubuntu2.2_i386.buildinfo 6445e93f9d470cfd2714cfd2c02a102aa492afa6 155052 curl_7.55.1-1ubuntu2.2_i386.deb e630e0afb509f60a8abcee33ceae056434d54ede 2012986 libcurl3-dbgsym_7.55.1-1ubuntu2.2_i386.ddeb 26592997b97a4742cf91eeef040640a925dfce35 1014942 libcurl3-gnutls-dbgsym_7.55.1-1ubuntu2.2_i386.ddeb 1aa8dbf5abcbb69a649bc5a45530710c409124f9 214286 libcurl3-gnutls_7.55.1-1ubuntu2.2_i386.deb cb84f406cbd91a08ae44f3a15be4536942feb8a0 1249528 libcurl3-nss-dbgsym_7.55.1-1ubuntu2.2_i386.ddeb c037db198c12247700a66ddf31d85695142097a2 220044 libcurl3-nss_7.55.1-1ubuntu2.2_i386.deb 7bd463943d9233da85695cc1f52a773202607270 217776 libcurl3_7.55.1-1ubuntu2.2_i386.deb 0e61c0249454a89e565aedde375c9f782ec93cc6 299686 libcurl4-gnutls-dev_7.55.1-1ubuntu2.2_i386.deb 8e3237c5245dc6ee6f7265c3881cf4b54a06ba5c 305886 libcurl4-nss-dev_7.55.1-1ubuntu2.2_i386.deb e15974826203aebea38fd1406954ba8d7b8c1e38 302372 libcurl4-openssl-dev_7.55.1-1ubuntu2.2_i386.deb Checksums-Sha256: d074b4c28bd07847ca3027e1fa08f4f5e6114d8561e153b6af40b8f89ba12fc2 118940 curl-dbgsym_7.55.1-1ubuntu2.2_i386.ddeb c769b040d529de1a86954a971e776196461b1f1808b2a9e689df4761cb06c259 10765 curl_7.55.1-1ubuntu2.2_i386.buildinfo 63bcb9b82e4e4d20b47214fdb7c055967c43aeca6265be7f2e8d7dd71671f743 155052 curl_7.55.1-1ubuntu2.2_i386.deb 79820ff3878433df8ac0a931c2f9903cff5a8bd711abd8cd3cdd3c8e9caabb18 2012986 libcurl3-dbgsym_7.55.1-1ubuntu2.2_i386.ddeb d685fb48484bc3d513f4bc6e2d8ab36c56202bdea256ffa7f640c397a94b132e 1014942 libcurl3-gnutls-dbgsym_7.55.1-1ubuntu2.2_i386.ddeb 9d7eb06c133bb613edd027d0fb9b4d683a2b2553299a23867deb3d571ced40da 214286 libcurl3-gnutls_7.55.1-1ubuntu2.2_i386.deb a255bc71a8e390a434bdd99e76a3c8b880e4cc432bfebe7ea0e5b78d23d15450 1249528 libcurl3-nss-dbgsym_7.55.1-1ubuntu2.2_i386.ddeb 364c1a535b1be699162250221ee6aee9fa40fd0c40e1b38622e29a98ae53fc8c 220044 libcurl3-nss_7.55.1-1ubuntu2.2_i386.deb 75556a116f14c87189395b5ab529af57db4ccce29d2578ef2ae541cddffd6758 217776 libcurl3_7.55.1-1ubuntu2.2_i386.deb 2cfd7a60af2a23c2f8b4ac04ead1029022e2b495f6185c3ab2c914e04d6333d3 299686 libcurl4-gnutls-dev_7.55.1-1ubuntu2.2_i386.deb 8fd37606dc3cdd5629ecb87c183ab50214df5a9f0feec7a8194e1ec8beb963f9 305886 libcurl4-nss-dev_7.55.1-1ubuntu2.2_i386.deb 8f561926b0efc6e09921659bb31283c10cd45c2ababfdda4239293a2a9c0216a 302372 libcurl4-openssl-dev_7.55.1-1ubuntu2.2_i386.deb Files: 5fab89795b583a5b7d26be03fed4f382 118940 debug extra curl-dbgsym_7.55.1-1ubuntu2.2_i386.ddeb f3329ce796f34af8709976e203379883 10765 web optional curl_7.55.1-1ubuntu2.2_i386.buildinfo 05afd2c792ad7f0c41a636b7d14a4e55 155052 web optional curl_7.55.1-1ubuntu2.2_i386.deb 9b69832a1da6d33f0e4e3e45dcabcd70 2012986 debug extra libcurl3-dbgsym_7.55.1-1ubuntu2.2_i386.ddeb 9fa6ee480aadd07feae44f140253a751 1014942 debug extra libcurl3-gnutls-dbgsym_7.55.1-1ubuntu2.2_i386.ddeb beef7bf9830484cb691b66a25a09ee73 214286 libs optional libcurl3-gnutls_7.55.1-1ubuntu2.2_i386.deb fcfb819c083fb81271571d9dd5bfb5e5 1249528 debug extra libcurl3-nss-dbgsym_7.55.1-1ubuntu2.2_i386.ddeb ec20e88fefaa7158075671b91540b9fe 220044 libs optional libcurl3-nss_7.55.1-1ubuntu2.2_i386.deb e233140bd1d369db91184a10f7b305b7 217776 libs optional libcurl3_7.55.1-1ubuntu2.2_i386.deb 9918a63a3628536eeef7c1766c0ce0b7 299686 libdevel optional libcurl4-gnutls-dev_7.55.1-1ubuntu2.2_i386.deb feda306ba6dd97100e171915b39a6f58 305886 libdevel optional libcurl4-nss-dev_7.55.1-1ubuntu2.2_i386.deb b78cd99c7d092c63e77c98f8ee857f7d 302372 libdevel optional libcurl4-openssl-dev_7.55.1-1ubuntu2.2_i386.deb Original-Maintainer: Alessandro Ghedini