Format: 1.8 Date: Mon, 17 Jul 2023 10:44:42 -0400 Source: curl Binary: curl libcurl3-gnutls libcurl3-nss libcurl4 libcurl4-gnutls-dev libcurl4-nss-dev libcurl4-openssl-dev Architecture: i386 Version: 7.68.0-1ubuntu2.19 Distribution: focal Urgency: medium Maintainer: Launchpad Build Daemon Changed-By: Marc Deslauriers Description: curl - command line tool for transferring data with URL syntax libcurl3-gnutls - easy-to-use client-side URL transfer library (GnuTLS flavour) libcurl3-nss - easy-to-use client-side URL transfer library (NSS flavour) libcurl4 - easy-to-use client-side URL transfer library (OpenSSL flavour) libcurl4-gnutls-dev - development files and documentation for libcurl (GnuTLS flavour) libcurl4-nss-dev - development files and documentation for libcurl (NSS flavour) libcurl4-openssl-dev - development files and documentation for libcurl (OpenSSL flavour) Changes: curl (7.68.0-1ubuntu2.19) focal-security; urgency=medium . * SECURITY UPDATE: improper certificate validation vulnerability - debian/patches/CVE-2023-28321.patch: fix host name wildcard checking in lib/hostcheck.c, tests/data/test1397, tests/unit/unit1397.c. - CVE-2023-28321 * SECURITY UPDATE: information disclosure vulnerability - debian/patches/CVE-2023-28322.patch: unify the upload/method handling in lib/curl_rtmp.c, lib/file.c, lib/ftp.c, lib/http.c, lib/imap.c, lib/rtsp.c, lib/setopt.c, lib/smb.c, lib/smtp.c, lib/tftp.c, lib/transfer.c, lib/urldata.h, lib/vssh/libssh.c, lib/vssh/libssh2.c. - CVE-2023-28322 Checksums-Sha1: f410365272566b80f6818cffc8ea26a0768fbc57 122180 curl-dbgsym_7.68.0-1ubuntu2.19_i386.ddeb 1f655d491b8015f7fb82bd89ae1a3cea63853a08 11874 curl_7.68.0-1ubuntu2.19_i386.buildinfo 5d1de36e94589cd1848c31b1c0b7a44e56cc807f 166808 curl_7.68.0-1ubuntu2.19_i386.deb 927865ee146b29d9dc90a119fea9e6ed1a4b0c58 666800 libcurl3-gnutls-dbgsym_7.68.0-1ubuntu2.19_i386.ddeb e55e7f5a7722a44497836ae32d5c4efcec3bea6c 260284 libcurl3-gnutls_7.68.0-1ubuntu2.19_i386.deb 7658e5f33e80484a0d228b7217b89116a4e69ee2 702688 libcurl3-nss-dbgsym_7.68.0-1ubuntu2.19_i386.ddeb d50f279464ee3496e2b39afb883e009e3664ac16 266772 libcurl3-nss_7.68.0-1ubuntu2.19_i386.deb a34f78983f755939ab8453fa39ce75d585655fe8 682008 libcurl4-dbgsym_7.68.0-1ubuntu2.19_i386.ddeb c0807de797b049fdaf80f15e031ee11de75191f3 357312 libcurl4-gnutls-dev_7.68.0-1ubuntu2.19_i386.deb c74eb54950b23754016b18ecc1eed225df4fb8ab 363792 libcurl4-nss-dev_7.68.0-1ubuntu2.19_i386.deb b282eb94d90c7535dd8242efd233a98f78f4a34f 360328 libcurl4-openssl-dev_7.68.0-1ubuntu2.19_i386.deb 4fef0e75487dbf0009665fb81683dc0973c14ae9 264260 libcurl4_7.68.0-1ubuntu2.19_i386.deb Checksums-Sha256: e9bd5b163f90b3f33b01828ae24de6e15c1b545eda25812ae1086a2ea6b6fa25 122180 curl-dbgsym_7.68.0-1ubuntu2.19_i386.ddeb 02e5064c8cb824decc394f7e7cd22a7c87074d68ea92941bc039c77ea06d36b4 11874 curl_7.68.0-1ubuntu2.19_i386.buildinfo 705d768982e51e74b60a01dee71099a77158cbdc32218f5ed1402d118f1ff2b0 166808 curl_7.68.0-1ubuntu2.19_i386.deb cf8638f14e1f667aafea23e8e668f4f7e4fd0d7e4655b8011f206c4ab46cf8a5 666800 libcurl3-gnutls-dbgsym_7.68.0-1ubuntu2.19_i386.ddeb e626d455edc7b0c86f4cde6170fbc6530b513cca9673e07a32b0e4105f2fc2e5 260284 libcurl3-gnutls_7.68.0-1ubuntu2.19_i386.deb b75b32c196454747afdc3a0cff9402fec3bd62d4a9e7155508a6d911b89cdbea 702688 libcurl3-nss-dbgsym_7.68.0-1ubuntu2.19_i386.ddeb e6bd07fe6d04117694aef28ba4aedc0ea57919af84cc1bd17fb056a4e40a41a2 266772 libcurl3-nss_7.68.0-1ubuntu2.19_i386.deb fd809ad76f07669f2f779dc745cf78a348d677f31cd42c901aeb08ef8eaf1b3b 682008 libcurl4-dbgsym_7.68.0-1ubuntu2.19_i386.ddeb 1f380b8d33c13a89c00fff98aa06784366e917db1d77e595c91f67119db2c275 357312 libcurl4-gnutls-dev_7.68.0-1ubuntu2.19_i386.deb 9f961ec62d702f370010fdaf44e96ec84c78da7539c4127cdd7b23e67552680e 363792 libcurl4-nss-dev_7.68.0-1ubuntu2.19_i386.deb 6e8e8e2e810b063a774bfb078123afefb1fd761cb0a528bde551f91c316541a0 360328 libcurl4-openssl-dev_7.68.0-1ubuntu2.19_i386.deb 2a775e602dc56263be2fbc95f5908fedf4bfe381a8001294fcd285d3a29c8817 264260 libcurl4_7.68.0-1ubuntu2.19_i386.deb Files: 5eb9f55eafeb283311b4b72a0176215c 122180 debug optional curl-dbgsym_7.68.0-1ubuntu2.19_i386.ddeb be1fd40f76c0d77a0faedbe740e05ff8 11874 web optional curl_7.68.0-1ubuntu2.19_i386.buildinfo 9f0e54d10e2d4eae192228cf6fbe5fd6 166808 web optional curl_7.68.0-1ubuntu2.19_i386.deb c8a45856637c01adf3b21f8bdea3621a 666800 debug optional libcurl3-gnutls-dbgsym_7.68.0-1ubuntu2.19_i386.ddeb 630dc6f403605ddfa60f35d53d414c44 260284 libs optional libcurl3-gnutls_7.68.0-1ubuntu2.19_i386.deb 5cbfc7a3ae15cddbf36ce38ced0a814c 702688 debug optional libcurl3-nss-dbgsym_7.68.0-1ubuntu2.19_i386.ddeb c1088e713b1c90e124842844faeaa6d2 266772 libs optional libcurl3-nss_7.68.0-1ubuntu2.19_i386.deb aa4e6a4cb744d08f2a55a0f5f0782e36 682008 debug optional libcurl4-dbgsym_7.68.0-1ubuntu2.19_i386.ddeb 205a1fc257a8a07c7686e2981478328a 357312 libdevel optional libcurl4-gnutls-dev_7.68.0-1ubuntu2.19_i386.deb 67766465e4dfa6a36ece88dc12aafece 363792 libdevel optional libcurl4-nss-dev_7.68.0-1ubuntu2.19_i386.deb 45121ea961ca130345967e40cfcc1c07 360328 libdevel optional libcurl4-openssl-dev_7.68.0-1ubuntu2.19_i386.deb abf2f5f7b722f8bdc3a1bf4d6cbe89e2 264260 libs optional libcurl4_7.68.0-1ubuntu2.19_i386.deb Original-Maintainer: Alessandro Ghedini