Format: 1.8 Date: Fri, 06 Sep 2019 15:00:31 +0930 Source: curl Binary: curl libcurl3 libcurl3-gnutls libcurl3-nss libcurl4-openssl-dev libcurl4-gnutls-dev libcurl4-nss-dev libcurl3-dbg libcurl4-doc Architecture: i386 Version: 7.47.0-1ubuntu2.14 Distribution: xenial Urgency: medium Maintainer: Launchpad Build Daemon Changed-By: Alex Murray Description: curl - command line tool for transferring data with URL syntax libcurl3 - easy-to-use client-side URL transfer library (OpenSSL flavour) libcurl3-dbg - debugging symbols for libcurl (OpenSSL, GnuTLS and NSS flavours) libcurl3-gnutls - easy-to-use client-side URL transfer library (GnuTLS flavour) libcurl3-nss - easy-to-use client-side URL transfer library (NSS flavour) libcurl4-doc - documentation for libcurl libcurl4-gnutls-dev - development files and documentation for libcurl (GnuTLS flavour) libcurl4-nss-dev - development files and documentation for libcurl (NSS flavour) libcurl4-openssl-dev - development files and documentation for libcurl (OpenSSL flavour) Changes: curl (7.47.0-1ubuntu2.14) xenial-security; urgency=medium . * SECURITY UPDATE: double-free when using kerberos over FTP may cause denial-of-service - debian/patches/CVE-2019-5481.patch: update lib/security.c to avoid double-free on large memory allocation failures - CVE-2019-5481 * SECURITY UPDATE: heap buffer overflow when receiving TFTP data may cause denial-of-service or remote code-execution - debian/patches/CVE-2019-5482.patch: ensure to use the correct block size when calling recvfrom() if the server returns an OACK without specifying a block size in lib/tftp.c - CVE-2019-5482 Checksums-Sha1: 6726e8171ca64d95ef472789b2489ab219f7bb65 1088 curl-dbgsym_7.47.0-1ubuntu2.14_i386.ddeb 67be89e31f6a95d7399741c65028a830397b25d0 141658 curl_7.47.0-1ubuntu2.14_i386.deb f5e4798ce96550139c1d4511d522411bddb3469c 3225626 libcurl3-dbg_7.47.0-1ubuntu2.14_i386.deb 444b3fed85c2fc473f44ca5e0e47dc43119ee729 1204 libcurl3-dbgsym_7.47.0-1ubuntu2.14_i386.ddeb a4b4187918a75f9abab69fb083f367991d29acab 1208 libcurl3-gnutls-dbgsym_7.47.0-1ubuntu2.14_i386.ddeb 723fd063e4b737e3db25a06bf8cac9bb68edcfa1 205042 libcurl3-gnutls_7.47.0-1ubuntu2.14_i386.deb e15fc435c868e914722b76e3d6f825499f051513 1208 libcurl3-nss-dbgsym_7.47.0-1ubuntu2.14_i386.ddeb 576394bf56168a0861580ea866b82a617aa7cac1 211258 libcurl3-nss_7.47.0-1ubuntu2.14_i386.deb e11f5d112a1b192860d0d8a97e001ef6da5bcfce 207846 libcurl3_7.47.0-1ubuntu2.14_i386.deb 46a9b8251cb07f62742f8b7e7c3478218d481472 1294 libcurl4-gnutls-dev-dbgsym_7.47.0-1ubuntu2.14_i386.ddeb 103382b0f1c58fc54186927a99443856fc062175 288554 libcurl4-gnutls-dev_7.47.0-1ubuntu2.14_i386.deb 2b98c612fd6f6bc5d4a631dcdc3b185384d221ff 1290 libcurl4-nss-dev-dbgsym_7.47.0-1ubuntu2.14_i386.ddeb 1bc9fa0978604cc2df8a0a25c3c27014c5759439 295182 libcurl4-nss-dev_7.47.0-1ubuntu2.14_i386.deb c952ab7ba045c1c38fc9e33b2683e65a111434c7 1292 libcurl4-openssl-dev-dbgsym_7.47.0-1ubuntu2.14_i386.ddeb ec2ec6cd696e8cd91ecbb83cf1be34fa393d436e 291116 libcurl4-openssl-dev_7.47.0-1ubuntu2.14_i386.deb Checksums-Sha256: f0bd8aef4115f6fe958a86a51cf7c54da145830ea30a9de9b940dcc158affb9e 1088 curl-dbgsym_7.47.0-1ubuntu2.14_i386.ddeb 3d0cfe25684f49ad080acc6fa800610be98e40dfac121bd08294820c3bd6be8c 141658 curl_7.47.0-1ubuntu2.14_i386.deb 91868cfe1a14f988df3c812b572104181b1557a8ca0215445909058f5766ed39 3225626 libcurl3-dbg_7.47.0-1ubuntu2.14_i386.deb 4377b29f5a6623ba67936d9129e056a4951631c9adca0492fbf647c9f0d0d56d 1204 libcurl3-dbgsym_7.47.0-1ubuntu2.14_i386.ddeb ee0976e01fe438f675bb15e8faf9a7f33e284f19e5f6ae23a9f6ea09fe1b0308 1208 libcurl3-gnutls-dbgsym_7.47.0-1ubuntu2.14_i386.ddeb a05dc76d2f6d72f22edd6ba6e19f5d8238a7085f230ce9af0e8c30d66bac6afd 205042 libcurl3-gnutls_7.47.0-1ubuntu2.14_i386.deb a47e9b8e3c7802f088b52494f67856b7cf94a0abba418a8bca16efff9c8ea5f3 1208 libcurl3-nss-dbgsym_7.47.0-1ubuntu2.14_i386.ddeb 0b01578b46176086ef3f8bbc1e9632e1c6baba89137cfc351be77d7a8e35872d 211258 libcurl3-nss_7.47.0-1ubuntu2.14_i386.deb 4fb735b112006431c0216cc3b836b73eab3aa2bb04471914cb0ea08b6c10696b 207846 libcurl3_7.47.0-1ubuntu2.14_i386.deb dd8e867c98972aa9463e5b1a55537d70f388c7bfc505958aa0a6eae831fc4b18 1294 libcurl4-gnutls-dev-dbgsym_7.47.0-1ubuntu2.14_i386.ddeb f81f6877853e0d0df9914a6aef437e79fa8667893e3936e61b7329deae15edf4 288554 libcurl4-gnutls-dev_7.47.0-1ubuntu2.14_i386.deb 85766df9cab8bb3e76f0dcccada1d7da98d2bf8afa9d54d7dddd62493b6f485f 1290 libcurl4-nss-dev-dbgsym_7.47.0-1ubuntu2.14_i386.ddeb 25b3018dba4bbb206d92563da7616aa94a20bcc106055e85d4c5e05fa21daf1d 295182 libcurl4-nss-dev_7.47.0-1ubuntu2.14_i386.deb 330e84c45bf8d3fc9819b7e85d47ec5fec86e771ca910a070ea350ce69903255 1292 libcurl4-openssl-dev-dbgsym_7.47.0-1ubuntu2.14_i386.ddeb 52050f316bb0c5343243f52631fbd3e5a08868c693036b82582898bf21023d32 291116 libcurl4-openssl-dev_7.47.0-1ubuntu2.14_i386.deb Files: 432675e7119ab3e32a0a84e32e5e618d 1088 web extra curl-dbgsym_7.47.0-1ubuntu2.14_i386.ddeb 5655b54646f67ec99f911c4e62885aa8 141658 web optional curl_7.47.0-1ubuntu2.14_i386.deb 6cb6fa08adcb9bd9267543c8ee7bda1d 3225626 debug extra libcurl3-dbg_7.47.0-1ubuntu2.14_i386.deb 3d1da40b014ee90584a88ae605464a74 1204 libs extra libcurl3-dbgsym_7.47.0-1ubuntu2.14_i386.ddeb 28c87e3fd29aa990a39b89e2e7be1ca4 1208 libs extra libcurl3-gnutls-dbgsym_7.47.0-1ubuntu2.14_i386.ddeb a48106ff7b98958c722b8f03d84b8cc2 205042 libs optional libcurl3-gnutls_7.47.0-1ubuntu2.14_i386.deb ef187a9bd508259343d63a52cc1d215e 1208 libs extra libcurl3-nss-dbgsym_7.47.0-1ubuntu2.14_i386.ddeb fc19e80c4265a6d5e8842d4f9a03f928 211258 libs optional libcurl3-nss_7.47.0-1ubuntu2.14_i386.deb f94d498f1f6389ee1118ea8e6150ea5f 207846 libs optional libcurl3_7.47.0-1ubuntu2.14_i386.deb c08fce9bf7cfc148b3fdd0f14f5b9354 1294 libdevel extra libcurl4-gnutls-dev-dbgsym_7.47.0-1ubuntu2.14_i386.ddeb 78803ff29433f14f25309768dc283b61 288554 libdevel optional libcurl4-gnutls-dev_7.47.0-1ubuntu2.14_i386.deb 21896116cc1c9e48d84f6dc86fc948a5 1290 libdevel extra libcurl4-nss-dev-dbgsym_7.47.0-1ubuntu2.14_i386.ddeb 34a197a8683f44a39f9d5154b1c734e6 295182 libdevel optional libcurl4-nss-dev_7.47.0-1ubuntu2.14_i386.deb 8fed40242da457932918e8580e30426b 1292 libdevel extra libcurl4-openssl-dev-dbgsym_7.47.0-1ubuntu2.14_i386.ddeb 85b4f89bb0f3be0606c165b950782004 291116 libdevel optional libcurl4-openssl-dev_7.47.0-1ubuntu2.14_i386.deb Original-Maintainer: Alessandro Ghedini