Format: 1.8 Date: Mon, 29 Oct 2018 08:08:34 -0400 Source: curl Binary: curl libcurl4 libcurl3-gnutls libcurl3-nss libcurl4-openssl-dev libcurl4-gnutls-dev libcurl4-nss-dev libcurl4-doc Architecture: arm64 Version: 7.61.0-1ubuntu2.2 Distribution: cosmic Urgency: medium Maintainer: Launchpad Build Daemon Changed-By: Marc Deslauriers Description: curl - command line tool for transferring data with URL syntax libcurl3-gnutls - easy-to-use client-side URL transfer library (GnuTLS flavour) libcurl3-nss - easy-to-use client-side URL transfer library (NSS flavour) libcurl4 - easy-to-use client-side URL transfer library (OpenSSL flavour) libcurl4-doc - documentation for libcurl libcurl4-gnutls-dev - development files and documentation for libcurl (GnuTLS flavour) libcurl4-nss-dev - development files and documentation for libcurl (NSS flavour) libcurl4-openssl-dev - development files and documentation for libcurl (OpenSSL flavour) Changes: curl (7.61.0-1ubuntu2.2) cosmic-security; urgency=medium . * SECURITY UPDATE: SASL password overflow via integer overflow - debian/patches/CVE-2018-16839.patch: fix check in lib/vauth/cleartext.c. - CVE-2018-16839 * SECURITY UPDATE: use-after-free in handle close - debian/patches/CVE-2018-16840.patch: fix issue in lib/url.c. - CVE-2018-16840 * SECURITY UPDATE: warning message out-of-buffer read - debian/patches/oob-read.patch: fix bad arithmetic in src/tool_msgs.c. - CVE number pending Checksums-Sha1: 9426401da2625007bb9d686a8b63cd75b8b1d724 165264 curl-dbgsym_7.61.0-1ubuntu2.2_arm64.ddeb de2739304b5ca898c62e41caab6bba163311f140 11169 curl_7.61.0-1ubuntu2.2_arm64.buildinfo f950409b129ff37203b9fe704d3129a557db9f20 158772 curl_7.61.0-1ubuntu2.2_arm64.deb f04c1a0e3a34c4a98cdcdc1d5f77c40f42474d24 1482920 libcurl3-gnutls-dbgsym_7.61.0-1ubuntu2.2_arm64.ddeb 95f3957541d866b59833b0f446adf290b15e43f9 197536 libcurl3-gnutls_7.61.0-1ubuntu2.2_arm64.deb 922e13d0976a7891c19783d2707667963337ecea 1516296 libcurl3-nss-dbgsym_7.61.0-1ubuntu2.2_arm64.ddeb 6efdda6ed1d3138eede9d14fafdd1b53846ecfd2 204336 libcurl3-nss_7.61.0-1ubuntu2.2_arm64.deb 500053989578a31d30b4fb8afc54fda9b7ca32ce 1490944 libcurl4-dbgsym_7.61.0-1ubuntu2.2_arm64.ddeb bc25b47278a2fa5b993d4e22c03827e886ebfb3e 289140 libcurl4-gnutls-dev_7.61.0-1ubuntu2.2_arm64.deb d5efeca62581e7a992675ac971c5a38c82fae414 295792 libcurl4-nss-dev_7.61.0-1ubuntu2.2_arm64.deb 661d0194cc065ae14b9a2228eedb9cc42ffb4797 290332 libcurl4-openssl-dev_7.61.0-1ubuntu2.2_arm64.deb 1c4f0b87010716f67295db06baf50774edb2edf1 198944 libcurl4_7.61.0-1ubuntu2.2_arm64.deb Checksums-Sha256: abdff4254010756b674d8a26b77c42487e93b909b17db66b02794f0d63e9439c 165264 curl-dbgsym_7.61.0-1ubuntu2.2_arm64.ddeb 797843624e83b55eed10080bfe6e03215683c98e7d00353a3cf20edcb8503ee3 11169 curl_7.61.0-1ubuntu2.2_arm64.buildinfo 5084988ea39cfd99d43190cd78d46837117865a03c28288195a730f573ebba35 158772 curl_7.61.0-1ubuntu2.2_arm64.deb daad75a8c6f54f8f71e9d168f3c328864fa98057a2f8de910611f2fee98f72e3 1482920 libcurl3-gnutls-dbgsym_7.61.0-1ubuntu2.2_arm64.ddeb 82f104926b791a79760e62e1501780b3c6e256f3eb014fcf09e9cddc673ec5a3 197536 libcurl3-gnutls_7.61.0-1ubuntu2.2_arm64.deb 172b4acd19eab15c10e76efdc996c5d3a6735c2aa83f4da4d4c4d465bc1105f2 1516296 libcurl3-nss-dbgsym_7.61.0-1ubuntu2.2_arm64.ddeb 630be7c214b1419064fccbe61e233cd951a00e619a62229100ffede4af61331d 204336 libcurl3-nss_7.61.0-1ubuntu2.2_arm64.deb 59fb30058b5c6a2f0b452daacf12703403b1064c6c2f984fef3ff3ebc4176a69 1490944 libcurl4-dbgsym_7.61.0-1ubuntu2.2_arm64.ddeb 7b8e315e7f3d8e22172f5d6cb0837a674cbe3f52f0435e7659669685a954d288 289140 libcurl4-gnutls-dev_7.61.0-1ubuntu2.2_arm64.deb 4cade6e2f0a6133645e96cb2b0c4c5d3a8c98617bb41996ef9b82ff3e7468309 295792 libcurl4-nss-dev_7.61.0-1ubuntu2.2_arm64.deb 06e4e01a20a0c6e5b23b1deacfb3f0a02fa8b0abfd2adba373ad916cf99068e8 290332 libcurl4-openssl-dev_7.61.0-1ubuntu2.2_arm64.deb bcec211e5b42ba8e4bd2958a5358a706ef6084602bf5f4276eb008d4346ee681 198944 libcurl4_7.61.0-1ubuntu2.2_arm64.deb Files: 3f2f8700e26dd7cb24487aa13c1f4052 165264 debug optional curl-dbgsym_7.61.0-1ubuntu2.2_arm64.ddeb b0f8c5c47d8d50dd3d8a5dcc66661482 11169 web optional curl_7.61.0-1ubuntu2.2_arm64.buildinfo bd02855314e1e04a766afd3039fddba5 158772 web optional curl_7.61.0-1ubuntu2.2_arm64.deb a60bca8404ffb80dec43a60f6be7cfd4 1482920 debug optional libcurl3-gnutls-dbgsym_7.61.0-1ubuntu2.2_arm64.ddeb 65fd28e04833a47ee7aa5381939beef2 197536 libs optional libcurl3-gnutls_7.61.0-1ubuntu2.2_arm64.deb 65eb0c8f313d7c6cbf9dfb7f1d17036c 1516296 debug optional libcurl3-nss-dbgsym_7.61.0-1ubuntu2.2_arm64.ddeb 1e853e8a1551a533fce5af4db4ddd03c 204336 libs optional libcurl3-nss_7.61.0-1ubuntu2.2_arm64.deb 6182395fef49c317ac5c91e378358dc4 1490944 debug optional libcurl4-dbgsym_7.61.0-1ubuntu2.2_arm64.ddeb 17a844e97f978c7fffd64fec4b8e6671 289140 libdevel optional libcurl4-gnutls-dev_7.61.0-1ubuntu2.2_arm64.deb 5349e8b2ff096c43ee7c6b2ab0a54f43 295792 libdevel optional libcurl4-nss-dev_7.61.0-1ubuntu2.2_arm64.deb 79da9ffc0b6368e5c8bc0fc40a4b56c2 290332 libdevel optional libcurl4-openssl-dev_7.61.0-1ubuntu2.2_arm64.deb 62da404fc5f32ad0f2379011d451781e 198944 libs optional libcurl4_7.61.0-1ubuntu2.2_arm64.deb Original-Maintainer: Alessandro Ghedini