Format: 1.8 Date: Mon, 29 Oct 2018 08:13:39 -0400 Source: curl Binary: curl libcurl3 libcurl3-gnutls libcurl3-nss libcurl4-openssl-dev libcurl4-gnutls-dev libcurl4-nss-dev libcurl3-dbg libcurl4-doc Architecture: ppc64el Version: 7.47.0-1ubuntu2.11 Distribution: xenial Urgency: medium Maintainer: Launchpad Build Daemon Changed-By: Marc Deslauriers Description: curl - command line tool for transferring data with URL syntax libcurl3 - easy-to-use client-side URL transfer library (OpenSSL flavour) libcurl3-dbg - debugging symbols for libcurl (OpenSSL, GnuTLS and NSS flavours) libcurl3-gnutls - easy-to-use client-side URL transfer library (GnuTLS flavour) libcurl3-nss - easy-to-use client-side URL transfer library (NSS flavour) libcurl4-doc - documentation for libcurl libcurl4-gnutls-dev - development files and documentation for libcurl (GnuTLS flavour) libcurl4-nss-dev - development files and documentation for libcurl (NSS flavour) libcurl4-openssl-dev - development files and documentation for libcurl (OpenSSL flavour) Changes: curl (7.47.0-1ubuntu2.11) xenial-security; urgency=medium . * SECURITY UPDATE: SASL password overflow via integer overflow - debian/patches/CVE-2018-16839-pre1.patch: prevent size overflows in lib/curl_sasl.c. - debian/patches/CVE-2018-16839-pre2.patch: fix integer overflow check in lib/curl_ntlm_core.c, lib/curl_setup.h, lib/curl_sasl.c. - debian/patches/CVE-2018-16839.patch: fix check in lib/curl_sasl.c. - CVE-2018-16839 * SECURITY UPDATE: warning message out-of-buffer read - debian/patches/oob-read.patch: fix bad arithmetic in src/tool_msgs.c. - CVE number pending Checksums-Sha1: c2c5c906b32c1737062dd4a630f578d4aa7b85bb 1088 curl-dbgsym_7.47.0-1ubuntu2.11_ppc64el.ddeb a6c5a6465188671d1ea432d789e0c7b11f2faac6 136178 curl_7.47.0-1ubuntu2.11_ppc64el.deb 6dc9bfd38a84a62eccff001255fc826b5f3e4d46 3688628 libcurl3-dbg_7.47.0-1ubuntu2.11_ppc64el.deb 878330011c3018157177191f211756d1bac8f436 1202 libcurl3-dbgsym_7.47.0-1ubuntu2.11_ppc64el.ddeb 344581526204d24085de07154db692b4ca6a2841 1208 libcurl3-gnutls-dbgsym_7.47.0-1ubuntu2.11_ppc64el.ddeb fd587edcfd875af3295db119f9e4762dd00286c3 177280 libcurl3-gnutls_7.47.0-1ubuntu2.11_ppc64el.deb 43df5aef76d311833d9610d65919beeed1e80fa1 1206 libcurl3-nss-dbgsym_7.47.0-1ubuntu2.11_ppc64el.ddeb 717d2d6e1b9897bba002d51fe4aece4d53949616 183214 libcurl3-nss_7.47.0-1ubuntu2.11_ppc64el.deb 53d566579f3a740e43cc03f6d1dfe9778e238a1a 177860 libcurl3_7.47.0-1ubuntu2.11_ppc64el.deb 7ad4748cef9bf3e2e8a0e47509aee30860ea6ea3 1294 libcurl4-gnutls-dev-dbgsym_7.47.0-1ubuntu2.11_ppc64el.ddeb 864eaee9d1fd51d2331878ebe3e8c84923ffa2cc 261908 libcurl4-gnutls-dev_7.47.0-1ubuntu2.11_ppc64el.deb fba985c8bbe5283c2bda97877fadb8d7150a5a1e 1290 libcurl4-nss-dev-dbgsym_7.47.0-1ubuntu2.11_ppc64el.ddeb 6ce872e8ab3c409bd876466ce705708aa4ee1c9d 267892 libcurl4-nss-dev_7.47.0-1ubuntu2.11_ppc64el.deb df105f723c74c1bb0b01500eea14a6ae72610355 1294 libcurl4-openssl-dev-dbgsym_7.47.0-1ubuntu2.11_ppc64el.ddeb 153843a6efaabea4183f3a34c1c9395281319b5e 260218 libcurl4-openssl-dev_7.47.0-1ubuntu2.11_ppc64el.deb Checksums-Sha256: fa51cd2004ac41b263b16237355b949f463772ef7bccf3afa8eab9e10ee6d37b 1088 curl-dbgsym_7.47.0-1ubuntu2.11_ppc64el.ddeb 6312c62d66b00da5fbaeb1911c5830a2f8f30b2ee56a083538e342eb13664f99 136178 curl_7.47.0-1ubuntu2.11_ppc64el.deb d1dda95818e340de9d2c9ba50aeba60899a51bbcc66723b8da2d1353c337b346 3688628 libcurl3-dbg_7.47.0-1ubuntu2.11_ppc64el.deb be50533f722188cddd7fa4ab4aa6187c12bbb1dfe594a7fefdc92998613296dc 1202 libcurl3-dbgsym_7.47.0-1ubuntu2.11_ppc64el.ddeb ba012d41c60c69987bf68cb1a1c49611c7fb655443489a68a6fa8a1baddcf9b3 1208 libcurl3-gnutls-dbgsym_7.47.0-1ubuntu2.11_ppc64el.ddeb c75a36be08ea6db8d47862172f277adeec1b88307e980f9c556ab6e081629ba9 177280 libcurl3-gnutls_7.47.0-1ubuntu2.11_ppc64el.deb a8cc5ce52bea9a7fea1a2423ac165ffd0d98551b992f408dd7d99108cd83a2d7 1206 libcurl3-nss-dbgsym_7.47.0-1ubuntu2.11_ppc64el.ddeb 7e527a19d57855162668762532434cfed4a8c6dd24a76561c8dba672a8be1349 183214 libcurl3-nss_7.47.0-1ubuntu2.11_ppc64el.deb 78f4e621aaffedef69c1939002ad6f5fc8439305d701436473081664d179e3f4 177860 libcurl3_7.47.0-1ubuntu2.11_ppc64el.deb b98fa1c6dc0dc2029204d8e57acbbf0c68843c013e9a3b9edf10f1b52b468298 1294 libcurl4-gnutls-dev-dbgsym_7.47.0-1ubuntu2.11_ppc64el.ddeb af8129086a0e0946bcc42a7f58caa0b1930ab9080fde24463fd83cce1dc5e07b 261908 libcurl4-gnutls-dev_7.47.0-1ubuntu2.11_ppc64el.deb 47b9c5191510bea0e1431722da68b4513756ee1bbb11dc7499e5b7e5602698fb 1290 libcurl4-nss-dev-dbgsym_7.47.0-1ubuntu2.11_ppc64el.ddeb 1527559c4f2809cc65ac9d995d469e5394cea300844b406d8ae5aa609ba4fa8d 267892 libcurl4-nss-dev_7.47.0-1ubuntu2.11_ppc64el.deb 3fbcaa1b0ff5d42520e3ca4726b53cbe1fea77db885ce44dd9a955c45bfbcdd1 1294 libcurl4-openssl-dev-dbgsym_7.47.0-1ubuntu2.11_ppc64el.ddeb f25ef6c5a2ae1714584a3e61c505fffab967fa0f3ef15533f8e1a394c60ef91f 260218 libcurl4-openssl-dev_7.47.0-1ubuntu2.11_ppc64el.deb Files: c61f9fa3aeffd2c6587dce7a39023703 1088 web extra curl-dbgsym_7.47.0-1ubuntu2.11_ppc64el.ddeb 971a401263632270a56efe976c903802 136178 web optional curl_7.47.0-1ubuntu2.11_ppc64el.deb 7a1c48b107090abfb9af8d2d5b98c881 3688628 debug extra libcurl3-dbg_7.47.0-1ubuntu2.11_ppc64el.deb 77575f8df5e1c0fd087affb6ea056764 1202 libs extra libcurl3-dbgsym_7.47.0-1ubuntu2.11_ppc64el.ddeb cfdb60d83572d201fccdda0e5bb6eb78 1208 libs extra libcurl3-gnutls-dbgsym_7.47.0-1ubuntu2.11_ppc64el.ddeb 1049aebca09784039e1b8513340ff7b6 177280 libs optional libcurl3-gnutls_7.47.0-1ubuntu2.11_ppc64el.deb 14f0edb18226bbfc9bdafee6d5532fca 1206 libs extra libcurl3-nss-dbgsym_7.47.0-1ubuntu2.11_ppc64el.ddeb 6d5eed70892f4879c35811b2b9730d9c 183214 libs optional libcurl3-nss_7.47.0-1ubuntu2.11_ppc64el.deb ba689ccb3f2745908107f9f206d6f332 177860 libs optional libcurl3_7.47.0-1ubuntu2.11_ppc64el.deb 3349f316126a3a97eed0d1effd42beb7 1294 libdevel extra libcurl4-gnutls-dev-dbgsym_7.47.0-1ubuntu2.11_ppc64el.ddeb 887d1bf175d1f8fc1a8f67a181e94ba9 261908 libdevel optional libcurl4-gnutls-dev_7.47.0-1ubuntu2.11_ppc64el.deb 0b8e8b18c880ea405fad6f9403e2b9e1 1290 libdevel extra libcurl4-nss-dev-dbgsym_7.47.0-1ubuntu2.11_ppc64el.ddeb b9d64563ee041293a7300f30443c3aa9 267892 libdevel optional libcurl4-nss-dev_7.47.0-1ubuntu2.11_ppc64el.deb 7dd3e7574333fc2feaa09af67f0ae866 1294 libdevel extra libcurl4-openssl-dev-dbgsym_7.47.0-1ubuntu2.11_ppc64el.ddeb e1c82d97024c80672e99c466c945ad5d 260218 libdevel optional libcurl4-openssl-dev_7.47.0-1ubuntu2.11_ppc64el.deb Original-Maintainer: Alessandro Ghedini