Format: 1.8 Date: Fri, 06 Sep 2019 14:57:21 +0930 Source: curl Binary: curl libcurl4 libcurl3-gnutls libcurl3-nss libcurl4-openssl-dev libcurl4-gnutls-dev libcurl4-nss-dev libcurl4-doc Architecture: s390x Version: 7.58.0-2ubuntu3.8 Distribution: bionic Urgency: medium Maintainer: Launchpad Build Daemon Changed-By: Alex Murray Description: curl - command line tool for transferring data with URL syntax libcurl3-gnutls - easy-to-use client-side URL transfer library (GnuTLS flavour) libcurl3-nss - easy-to-use client-side URL transfer library (NSS flavour) libcurl4 - easy-to-use client-side URL transfer library (OpenSSL flavour) libcurl4-doc - documentation for libcurl libcurl4-gnutls-dev - development files and documentation for libcurl (GnuTLS flavour) libcurl4-nss-dev - development files and documentation for libcurl (NSS flavour) libcurl4-openssl-dev - development files and documentation for libcurl (OpenSSL flavour) Changes: curl (7.58.0-2ubuntu3.8) bionic-security; urgency=medium . * SECURITY UPDATE: double-free when using kerberos over FTP may cause denial-of-service - debian/patches/CVE-2019-5481.patch: update lib/security.c to avoid double-free on large memory allocation failures - CVE-2019-5481 * SECURITY UPDATE: heap buffer overflow when receiving TFTP data may cause denial-of-service or remote code-execution - debian/patches/CVE-2019-5482.patch: ensure to use the correct block size when calling recvfrom() if the server returns an OACK without specifying a block size in lib/tftp.c - CVE-2019-5482 Checksums-Sha1: 3677a443b8944dbb3184a93dc47af8160dff5345 150380 curl-dbgsym_7.58.0-2ubuntu3.8_s390x.ddeb 98f14bc2abb05d7d667e3b9ee705901015873c2b 11445 curl_7.58.0-2ubuntu3.8_s390x.buildinfo 9bd2cf73f1a25dc6ef665c508c3835d0070e9343 155204 curl_7.58.0-2ubuntu3.8_s390x.deb 3e7c191b448238ae143f847d63a6b8055a67f894 1353016 libcurl3-gnutls-dbgsym_7.58.0-2ubuntu3.8_s390x.ddeb 98d1ac4da67cef9a93a1376a264c2def7c7b6baf 194900 libcurl3-gnutls_7.58.0-2ubuntu3.8_s390x.deb fb887292938b1b0ce86564a0f697a98dd2ba4d9b 1386508 libcurl3-nss-dbgsym_7.58.0-2ubuntu3.8_s390x.ddeb e5cdc45192e3acce707fb58751e1455a8100d5af 201380 libcurl3-nss_7.58.0-2ubuntu3.8_s390x.deb e0a6c33bd3b9c32193eb1638dc8bd57783ebf70c 1365944 libcurl4-dbgsym_7.58.0-2ubuntu3.8_s390x.ddeb 72c536045f9405d31deb71870ddcd3cf8541f1f8 280256 libcurl4-gnutls-dev_7.58.0-2ubuntu3.8_s390x.deb 2e0989ad590cb2bb34c3af6c930be7653fa478ae 286828 libcurl4-nss-dev_7.58.0-2ubuntu3.8_s390x.deb ad3196bd6b53a771d277800c07b1513899d52e0a 280880 libcurl4-openssl-dev_7.58.0-2ubuntu3.8_s390x.deb 8209b259fae3016c5f9cff516532f911b6a83c0c 196072 libcurl4_7.58.0-2ubuntu3.8_s390x.deb Checksums-Sha256: b19e50ad6af094181289b7078e93d0d7aaccf81778d79daa9fc92b0ef4da9e92 150380 curl-dbgsym_7.58.0-2ubuntu3.8_s390x.ddeb edbbff179407b5759b168445e0228c5634b6d8854f98edb07216bd1415908877 11445 curl_7.58.0-2ubuntu3.8_s390x.buildinfo e36abc2fb6a9c3f0f263462b9016fa697d18cdc91b88d1fcdc87da089046dd82 155204 curl_7.58.0-2ubuntu3.8_s390x.deb ca8e6d3c5d468d89f2a29c1ca3a83a075f35525a08a5a3c42470cdcc06c50f4b 1353016 libcurl3-gnutls-dbgsym_7.58.0-2ubuntu3.8_s390x.ddeb d902ad934facda2e843a5a1cfc74f5da7f3eb333b8c2d311f8d87eecf4f8b391 194900 libcurl3-gnutls_7.58.0-2ubuntu3.8_s390x.deb 5ad9b2e8dd9cf22dcbbef2b8a3757935a4b339c5f7cac15307174c521fee14b4 1386508 libcurl3-nss-dbgsym_7.58.0-2ubuntu3.8_s390x.ddeb 8a20f94318b7c533c170202737d0c13b6643075ba9da07ed85abd4ec4796a12c 201380 libcurl3-nss_7.58.0-2ubuntu3.8_s390x.deb ada4b6e5c022d070a974a5abe6cc5ba1882ef09a2366a074abc3890718f06d8f 1365944 libcurl4-dbgsym_7.58.0-2ubuntu3.8_s390x.ddeb 0d0df807033144d6a9832c7f5a729e046fb6fdd442f47703488ea0b95216ad93 280256 libcurl4-gnutls-dev_7.58.0-2ubuntu3.8_s390x.deb c36cf50f2ed20b579c8a60dc616ddb00a515999af1cce87f07d36b6e3fe4d975 286828 libcurl4-nss-dev_7.58.0-2ubuntu3.8_s390x.deb 6c1b4a7cb0e2378ecc46b4caff93ad4e5b731c10be6e4a74fa9651736bf55120 280880 libcurl4-openssl-dev_7.58.0-2ubuntu3.8_s390x.deb 4c86cb5eb8d430847facd9ce2715f5cbe578db06f851a947acfcb057eac58a94 196072 libcurl4_7.58.0-2ubuntu3.8_s390x.deb Files: 4aae93d34ef520cfb00fc2ffa2a62848 150380 debug optional curl-dbgsym_7.58.0-2ubuntu3.8_s390x.ddeb eecc63ce4c49308af27476c856651c95 11445 web optional curl_7.58.0-2ubuntu3.8_s390x.buildinfo b98cf7638de137384b6b44e5d8ac26ff 155204 web optional curl_7.58.0-2ubuntu3.8_s390x.deb 3d844e0325f33b6559eab67f8f901c6b 1353016 debug optional libcurl3-gnutls-dbgsym_7.58.0-2ubuntu3.8_s390x.ddeb 31713c0a9be2b1efe8e7196d9b9eec15 194900 libs optional libcurl3-gnutls_7.58.0-2ubuntu3.8_s390x.deb 5f213c2710501e71fa7a7784f3ebb1db 1386508 debug optional libcurl3-nss-dbgsym_7.58.0-2ubuntu3.8_s390x.ddeb 925964f4b69e98a82f57a70301a9c0c6 201380 libs optional libcurl3-nss_7.58.0-2ubuntu3.8_s390x.deb ca83be3d2caf27cabfff26edae7f5ae1 1365944 debug optional libcurl4-dbgsym_7.58.0-2ubuntu3.8_s390x.ddeb 4ce29aca4d231ee4acd106be11c74537 280256 libdevel optional libcurl4-gnutls-dev_7.58.0-2ubuntu3.8_s390x.deb 67da2e75a56594538b7c76e74baea8e7 286828 libdevel optional libcurl4-nss-dev_7.58.0-2ubuntu3.8_s390x.deb 6d9fdf605127a18f1537234c328c7e9a 280880 libdevel optional libcurl4-openssl-dev_7.58.0-2ubuntu3.8_s390x.deb 4991c6c48396f7963deaf7584b126645 196072 libs optional libcurl4_7.58.0-2ubuntu3.8_s390x.deb Original-Maintainer: Alessandro Ghedini