curl 7.65.3-1ubuntu3 source package in Ubuntu

Changelog

curl (7.65.3-1ubuntu3) eoan; urgency=medium

  * SECURITY UPDATE: double-free when using kerberos over FTP may cause
    denial-of-service
    - debian/patches/CVE-2019-5481.patch: update lib/security.c to avoid
      double-free on large memory allocation failures
    - CVE-2019-5481
  * SECURITY UPDATE: heap buffer overflow when receiving TFTP data may
    cause denial-of-service or remote code-execution
    - debian/patches/CVE-2019-5482.patch: ensure to use the correct block
      size when calling recvfrom() if the server returns an OACK without
      specifying a block size in lib/tftp.c
    - CVE-2019-5482

 -- Alex Murray <email address hidden>  Fri, 06 Sep 2019 14:52:01 +0930

Upload details

Uploaded by:
Alex Murray
Sponsored by:
Marc Deslauriers
Uploaded to:
Eoan
Original maintainer:
Ubuntu Developers
Architectures:
any all
Section:
web
Urgency:
Medium Urgency

See full publishing history Publishing

Series Pocket Published Component Section

Downloads

File Size SHA-256 Checksum
curl_7.65.3.orig.tar.gz 3.8 MiB 4376ac72b95572fb6c4fbffefb97c7ea0dd083e1974c0e44cd7e49396f454839
curl_7.65.3-1ubuntu3.debian.tar.xz 30.0 KiB 4cc76896389aeda3f4a7d27edcc526cd9c944cd42c7d14fd7f95dd21973cf827
curl_7.65.3-1ubuntu3.dsc 2.6 KiB cb62f24f9cda19bdcb719e5edcf92f64a6ed2b2fbe706b75585eeeb6fbfa6968

View changes file

Binary packages built by this source

curl: No summary available for curl in ubuntu eoan.

No description available for curl in ubuntu eoan.

curl-dbgsym: debug symbols for curl
libcurl3-gnutls: No summary available for libcurl3-gnutls in ubuntu eoan.

No description available for libcurl3-gnutls in ubuntu eoan.

libcurl3-gnutls-dbgsym: No summary available for libcurl3-gnutls-dbgsym in ubuntu eoan.

No description available for libcurl3-gnutls-dbgsym in ubuntu eoan.

libcurl3-nss: No summary available for libcurl3-nss in ubuntu eoan.

No description available for libcurl3-nss in ubuntu eoan.

libcurl3-nss-dbgsym: No summary available for libcurl3-nss-dbgsym in ubuntu eoan.

No description available for libcurl3-nss-dbgsym in ubuntu eoan.

libcurl4: easy-to-use client-side URL transfer library (OpenSSL flavour)

 libcurl is an easy-to-use client-side URL transfer library, supporting DICT,
 FILE, FTP, FTPS, GOPHER, HTTP, HTTPS, IMAP, IMAPS, LDAP, LDAPS, POP3, POP3S,
 RTMP, RTSP, SCP, SFTP, SMTP, SMTPS, TELNET and TFTP.
 .
 libcurl supports SSL certificates, HTTP POST, HTTP PUT, FTP uploading, HTTP
 form based upload, proxies, cookies, user+password authentication (Basic,
 Digest, NTLM, Negotiate, Kerberos), file transfer resume, http proxy tunneling
 and more!
 .
 libcurl is free, thread-safe, IPv6 compatible, feature rich, well supported,
 fast, thoroughly documented and is already used by many known, big and
 successful companies and numerous applications.
 .
 SSL support is provided by OpenSSL.

libcurl4-dbgsym: No summary available for libcurl4-dbgsym in ubuntu eoan.

No description available for libcurl4-dbgsym in ubuntu eoan.

libcurl4-doc: No summary available for libcurl4-doc in ubuntu eoan.

No description available for libcurl4-doc in ubuntu eoan.

libcurl4-gnutls-dev: development files and documentation for libcurl (GnuTLS flavour)

 libcurl is an easy-to-use client-side URL transfer library, supporting DICT,
 FILE, FTP, FTPS, GOPHER, HTTP, HTTPS, IMAP, IMAPS, LDAP, LDAPS, POP3, POP3S,
 RTMP, RTSP, SCP, SFTP, SMTP, SMTPS, TELNET and TFTP.
 .
 libcurl supports SSL certificates, HTTP POST, HTTP PUT, FTP uploading, HTTP
 form based upload, proxies, cookies, user+password authentication (Basic,
 Digest, NTLM, Negotiate, Kerberos), file transfer resume, http proxy tunneling
 and more!
 .
 libcurl is free, thread-safe, IPv6 compatible, feature rich, well supported,
 fast, thoroughly documented and is already used by many known, big and
 successful companies and numerous applications.
 .
 This package provides the development files (ie. includes, static library,
 manual pages) that allow one to build software which uses libcurl.
 .
 SSL support is provided by GnuTLS.

libcurl4-nss-dev: No summary available for libcurl4-nss-dev in ubuntu eoan.

No description available for libcurl4-nss-dev in ubuntu eoan.

libcurl4-openssl-dev: development files and documentation for libcurl (OpenSSL flavour)

 libcurl is an easy-to-use client-side URL transfer library, supporting DICT,
 FILE, FTP, FTPS, GOPHER, HTTP, HTTPS, IMAP, IMAPS, LDAP, LDAPS, POP3, POP3S,
 RTMP, RTSP, SCP, SFTP, SMTP, SMTPS, TELNET and TFTP.
 .
 libcurl supports SSL certificates, HTTP POST, HTTP PUT, FTP uploading, HTTP
 form based upload, proxies, cookies, user+password authentication (Basic,
 Digest, NTLM, Negotiate, Kerberos), file transfer resume, http proxy tunneling
 and more!
 .
 libcurl is free, thread-safe, IPv6 compatible, feature rich, well supported,
 fast, thoroughly documented and is already used by many known, big and
 successful companies and numerous applications.
 .
 This package provides the development files (ie. includes, static library,
 manual pages) that allow one to build software which uses libcurl.
 .
 SSL support is provided by OpenSSL.