Format: 1.8 Date: Tue, 29 Jan 2019 08:48:30 -0500 Source: curl Binary: curl libcurl4 libcurl3-gnutls libcurl3-nss libcurl4-openssl-dev libcurl4-gnutls-dev libcurl4-nss-dev libcurl4-doc Architecture: ppc64el Version: 7.58.0-2ubuntu3.6 Distribution: bionic Urgency: medium Maintainer: Launchpad Build Daemon Changed-By: Marc Deslauriers Description: curl - command line tool for transferring data with URL syntax libcurl3-gnutls - easy-to-use client-side URL transfer library (GnuTLS flavour) libcurl3-nss - easy-to-use client-side URL transfer library (NSS flavour) libcurl4 - easy-to-use client-side URL transfer library (OpenSSL flavour) libcurl4-doc - documentation for libcurl libcurl4-gnutls-dev - development files and documentation for libcurl (GnuTLS flavour) libcurl4-nss-dev - development files and documentation for libcurl (NSS flavour) libcurl4-openssl-dev - development files and documentation for libcurl (OpenSSL flavour) Changes: curl (7.58.0-2ubuntu3.6) bionic-security; urgency=medium . * SECURITY UPDATE: NTLM type-2 out-of-bounds buffer read - debian/patches/CVE-2018-16890.patch: fix size check condition for type2 received data in lib/vauth/ntlm.c. - CVE-2018-16890 * SECURITY UPDATE: NTLMv2 type-3 header stack buffer overflow - debian/patches/CVE-2019-3822.patch: ix *_type3_message size check to avoid buffer overflow in lib/vauth/ntlm.c. - CVE-2019-3822 * SECURITY UPDATE: SMTP end-of-response out-of-bounds read - debian/patches/CVE-2019-3823.patch: avoid risk of buffer overflow in strtol in lib/smtp.c. - CVE-2019-3823 Checksums-Sha1: 1ad1d158b0919fbab540447fa000903d51cd4e43 147300 curl-dbgsym_7.58.0-2ubuntu3.6_ppc64el.ddeb 6f79e3ae3585927a30afc7b42cd8497e5112b3f2 11433 curl_7.58.0-2ubuntu3.6_ppc64el.buildinfo 5ff9d06242c66bb8395feb2fe5a64501e1825c93 158248 curl_7.58.0-2ubuntu3.6_ppc64el.deb 1a1c8ab09346f493e1ea668522c7f1953aceda41 1374184 libcurl3-gnutls-dbgsym_7.58.0-2ubuntu3.6_ppc64el.ddeb 2152ed7bad5d3dfa889d1ea441bd277affe8a1d5 217404 libcurl3-gnutls_7.58.0-2ubuntu3.6_ppc64el.deb 086a125880ff9da8553f74a219efe48b0ff3ad52 1411588 libcurl3-nss-dbgsym_7.58.0-2ubuntu3.6_ppc64el.ddeb 158c4d6007f6a04f5f60befa05a22e473e2aa1e8 224344 libcurl3-nss_7.58.0-2ubuntu3.6_ppc64el.deb 7cbce5525183b77712d7c58b85f23f7adbfc2c98 1377272 libcurl4-dbgsym_7.58.0-2ubuntu3.6_ppc64el.ddeb 7b4b7bef97f57beff31e39b1740f420e68277689 313664 libcurl4-gnutls-dev_7.58.0-2ubuntu3.6_ppc64el.deb 9b5adbcea6d79f7fc5136ccf78ed3afb0655ba56 321848 libcurl4-nss-dev_7.58.0-2ubuntu3.6_ppc64el.deb fcf9281c3dde4a89682beddfd3e9fa43ebbb1771 310992 libcurl4-openssl-dev_7.58.0-2ubuntu3.6_ppc64el.deb 40c9de3eb2b77d9f7e171371a7aee19204357803 216624 libcurl4_7.58.0-2ubuntu3.6_ppc64el.deb Checksums-Sha256: cff2657c71b6aaefe712687ace54130c7eacc61341b75dff4ad2598ef25baa9a 147300 curl-dbgsym_7.58.0-2ubuntu3.6_ppc64el.ddeb 525d645c9680cb3a912d109c48d87519b0223c9cbd932f3f036a81ae07d6658f 11433 curl_7.58.0-2ubuntu3.6_ppc64el.buildinfo 4538102ae191f9784efbed1a4d1f035f8f418c7f02d92015b8ea1c284b4de515 158248 curl_7.58.0-2ubuntu3.6_ppc64el.deb 4c8a565afe38f33a6c86c9489fdefa9aa349a0046738fc2ef7d3496772a1dd69 1374184 libcurl3-gnutls-dbgsym_7.58.0-2ubuntu3.6_ppc64el.ddeb 1388998f4a7750b486ea331d691bbab5381ccedf8513828cb314d87e6dc09d6b 217404 libcurl3-gnutls_7.58.0-2ubuntu3.6_ppc64el.deb 1aa24461636667e1abb74f0a0465874aa2f15f8ffdbaf0928ec64889f4c274c6 1411588 libcurl3-nss-dbgsym_7.58.0-2ubuntu3.6_ppc64el.ddeb d61a13166eee97760a26451f542614fcd101b809fd61adad05a02fe259f0ced4 224344 libcurl3-nss_7.58.0-2ubuntu3.6_ppc64el.deb d493bade622d79cc58f3dd30df86c0318e27ce7c4f43dcea8053d370ed6e59f8 1377272 libcurl4-dbgsym_7.58.0-2ubuntu3.6_ppc64el.ddeb 371a654a74588cb6d3de6b26786360976b1e7cecfc8108905d7bacca7aade1a6 313664 libcurl4-gnutls-dev_7.58.0-2ubuntu3.6_ppc64el.deb cee7b8a7bd03b00fdf7b17ba58c27ead1e81d994fd6081679e590bda6ab36d66 321848 libcurl4-nss-dev_7.58.0-2ubuntu3.6_ppc64el.deb 7f3e7d55da4a9b48fca9364bce74719c693a3bab808f539459db1fb93754d9f5 310992 libcurl4-openssl-dev_7.58.0-2ubuntu3.6_ppc64el.deb 2fc12385d591c4d9211ad0346a786e169c5fbfd3b99b3498c5a330abe4040be3 216624 libcurl4_7.58.0-2ubuntu3.6_ppc64el.deb Files: 4066f1a11405938fd9c2c4b9ca74e268 147300 debug optional curl-dbgsym_7.58.0-2ubuntu3.6_ppc64el.ddeb 77e702941e28e3e328d6cb89a6a12c79 11433 web optional curl_7.58.0-2ubuntu3.6_ppc64el.buildinfo 8fbdf31b116775be3010ec628de24c85 158248 web optional curl_7.58.0-2ubuntu3.6_ppc64el.deb 6f371d0e56a00c5adb5753b944841872 1374184 debug optional libcurl3-gnutls-dbgsym_7.58.0-2ubuntu3.6_ppc64el.ddeb a53334c9d3ecb3e078a79dd085538e50 217404 libs optional libcurl3-gnutls_7.58.0-2ubuntu3.6_ppc64el.deb a074d19ced19e679857878f7a200fcb3 1411588 debug optional libcurl3-nss-dbgsym_7.58.0-2ubuntu3.6_ppc64el.ddeb 7c126ea9a639fd39a1080264cd89aa43 224344 libs optional libcurl3-nss_7.58.0-2ubuntu3.6_ppc64el.deb 447d1f0fcf77ac90a816bae30d7b5567 1377272 debug optional libcurl4-dbgsym_7.58.0-2ubuntu3.6_ppc64el.ddeb 64790fbb6226561afa4480ebb9fa9ddf 313664 libdevel optional libcurl4-gnutls-dev_7.58.0-2ubuntu3.6_ppc64el.deb 5e35268406251fd019f42436395c7822 321848 libdevel optional libcurl4-nss-dev_7.58.0-2ubuntu3.6_ppc64el.deb 6c1f0b891d7a3e3b681eca74e9c8696d 310992 libdevel optional libcurl4-openssl-dev_7.58.0-2ubuntu3.6_ppc64el.deb 75d9981983352b497b593252b67aa59e 216624 libs optional libcurl4_7.58.0-2ubuntu3.6_ppc64el.deb Original-Maintainer: Alessandro Ghedini