Accepted curl 7.38.0-4+deb8u14 (source amd64 all) into oldstable
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Mon, 11 Feb 2019 15:57:22 +0100
Source: curl
Binary: curl libcurl3 libcurl3-gnutls libcurl3-nss libcurl4-openssl-dev libcurl4-gnutls-dev libcurl4-nss-dev libcurl3-dbg libcurl4-doc
Architecture: source amd64 all
Version: 7.38.0-4+deb8u14
Distribution: jessie-security
Urgency: high
Maintainer: Alessandro Ghedini <ghedo@debian.org>
Changed-By: Chris Lamb <lamby@debian.org>
Description:
curl - command line tool for transferring data with URL syntax
libcurl3 - easy-to-use client-side URL transfer library (OpenSSL flavour)
libcurl3-dbg - debugging symbols for libcurl (OpenSSL, GnuTLS and NSS flavours)
libcurl3-gnutls - easy-to-use client-side URL transfer library (GnuTLS flavour)
libcurl3-nss - easy-to-use client-side URL transfer library (NSS flavour)
libcurl4-doc - documentation for libcurl
libcurl4-gnutls-dev - development files and documentation for libcurl (GnuTLS flavour)
libcurl4-nss-dev - development files and documentation for libcurl (NSS flavour)
libcurl4-openssl-dev - development files and documentation for libcurl (OpenSSL flavour)
Changes:
curl (7.38.0-4+deb8u14) jessie-security; urgency=high
.
* CVE-2018-16890: Fix a heap buffer out-of-bounds read vulnerability in the
handling of NTLM type-2 messages.
* CVE-2019-3822: Fix a stack-based buffer overflow in the handling of
outgoing NTLM type-3 headers.
* CVE-2019-3823: Fix a heap out-of-bounds read in the code handling the
end-of-response in the SMTP protocol.
Checksums-Sha1:
552a2bc03ecc2388c199612213d9bf4dceaf9a7d 2673 curl_7.38.0-4+deb8u14.dsc
40d8ec9063f076005535139c9229ac77c57f0300 4094034 curl_7.38.0.orig.tar.gz
d72287b59b7d9e19c2a26b33a7e3935bf47e9a7b 57312 curl_7.38.0-4+deb8u14.debian.tar.xz
8d1179b500c0d5f80199a16f4ffba2ee08118b96 201574 curl_7.38.0-4+deb8u14_amd64.deb
94af1833efa735dc8ecc0f2612c9a90c372bd919 261068 libcurl3_7.38.0-4+deb8u14_amd64.deb
2b4ac7359972b2e7a88f3309cfa0b5c780f6ff2a 253396 libcurl3-gnutls_7.38.0-4+deb8u14_amd64.deb
3009be2e81e27861acc905fd64ad2f8d66650bee 264746 libcurl3-nss_7.38.0-4+deb8u14_amd64.deb
789fc07ffe2cc4b7313db4fe04e907dc56358b5d 337718 libcurl4-openssl-dev_7.38.0-4+deb8u14_amd64.deb
6a4cede392cdf93627a7896ee44e05a8a466ece9 329228 libcurl4-gnutls-dev_7.38.0-4+deb8u14_amd64.deb
1847004c4672a7415d9e04d79957c72040d403d7 341624 libcurl4-nss-dev_7.38.0-4+deb8u14_amd64.deb
e09ae33e8c1104c0611ae3124d7305648c9c590a 3373374 libcurl3-dbg_7.38.0-4+deb8u14_amd64.deb
62879870633530533088031ca8573ff8d9abdc82 1068570 libcurl4-doc_7.38.0-4+deb8u14_all.deb
Checksums-Sha256:
6faa32fb4ca89e2aa65c15f792c31087699a1b43f4296d8efcdfd5677c83a1c1 2673 curl_7.38.0-4+deb8u14.dsc
5661028aa6532882fa228cd23c99ddbb8b87643dbb1a7ea55c068d34a943dff1 4094034 curl_7.38.0.orig.tar.gz
81141deeed8741e4cf31ef240cd438ac8543114cf6fec5faaf2505374b6d8398 57312 curl_7.38.0-4+deb8u14.debian.tar.xz
d9de69ed526f4624d54eede4af0ffab3eaa6d154b786bfa2a8da62a31134abdb 201574 curl_7.38.0-4+deb8u14_amd64.deb
740da75de437b4488906973af7283c315aa12d4bb8d3f2e3f274bab065054349 261068 libcurl3_7.38.0-4+deb8u14_amd64.deb
31e950b86818517067f33a5c2d22d4c13b7eeeebf2b424f1393a0e3554e62221 253396 libcurl3-gnutls_7.38.0-4+deb8u14_amd64.deb
87daf83d397b43b9138710980ffae5e3c719bb7a064cc79c66c98658d49ef8db 264746 libcurl3-nss_7.38.0-4+deb8u14_amd64.deb
c94a7fb9fa52cfba2203e5aaa9ff93093e1f5a763e3b1ca87d30ce0e3b405ef8 337718 libcurl4-openssl-dev_7.38.0-4+deb8u14_amd64.deb
789aa2c8bc902b846b4f91a3b7ccfe730530a8600276a2a967d8eccfc799c3c0 329228 libcurl4-gnutls-dev_7.38.0-4+deb8u14_amd64.deb
54f254666fea5a236f06883409a1e940e9af6d503693acb037333c643714541b 341624 libcurl4-nss-dev_7.38.0-4+deb8u14_amd64.deb
a494ac6b030c235565a49fb4589e089df6b9018799a12b7dbe0f837040fc9b14 3373374 libcurl3-dbg_7.38.0-4+deb8u14_amd64.deb
dcfb75a40aea2830460590579fa6a84b53ac1a39a07b489be0408e8895e7ccf2 1068570 libcurl4-doc_7.38.0-4+deb8u14_all.deb
Files:
8aff0d62fc1f1e1addad18e0eddf4cac 2673 web optional curl_7.38.0-4+deb8u14.dsc
b6e3ea55bb718f2270489581efa50a8a 4094034 web optional curl_7.38.0.orig.tar.gz
f5093d40e72078d10dfe78517372b6f9 57312 web optional curl_7.38.0-4+deb8u14.debian.tar.xz
2b09ab10c9ec769ef98c40c35dddbc09 201574 web optional curl_7.38.0-4+deb8u14_amd64.deb
b50ca46db7293e2858cf587b6341e675 261068 libs optional libcurl3_7.38.0-4+deb8u14_amd64.deb
27a0fbbd97d64dda53e33e2dc7cfb502 253396 libs optional libcurl3-gnutls_7.38.0-4+deb8u14_amd64.deb
d3575e8f97789e3c8a1ad11db4c5a441 264746 libs optional libcurl3-nss_7.38.0-4+deb8u14_amd64.deb
b86b969903067005088b70ec481a73ba 337718 libdevel optional libcurl4-openssl-dev_7.38.0-4+deb8u14_amd64.deb
361274f0cd0c29c14df16b9d3a65dee3 329228 libdevel optional libcurl4-gnutls-dev_7.38.0-4+deb8u14_amd64.deb
4e7624082d9b478a31cc60d1b3ea8762 341624 libdevel optional libcurl4-nss-dev_7.38.0-4+deb8u14_amd64.deb
3abbbcdd57ff84ded2bc5cf327d43768 3373374 debug extra libcurl3-dbg_7.38.0-4+deb8u14_amd64.deb
ddfd4d942d24642240c0ef645ae9dfe5 1068570 doc optional libcurl4-doc_7.38.0-4+deb8u14_all.deb
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEEwv5L0nHBObhsUz5GHpU+J9QxHlgFAlxhl/4ACgkQHpU+J9Qx
Hlhx0g/+MT1AtjOS7GIbsup+CXYAdXnqkJyuxUKnAyI8o2u2fIJ0Ssbvu0VobccU
5ltyVdi7MuIcAc8RhJloJ0E5ra17gu43PmF1yfCDsoxW9P4LU7lIdVkaKEx+Uqno
WI+KbRXtHhvw1IcQPdlX/tLveonTlRaM2c27CPNLT7METyEScqqKZwk34D7Hl4ft
9avCUrYikgIHlsfLVwCS2Ho5ZgNq2eVCBLxQlA/G412sqhC7/Z5uQxAeKJQwnvcs
9mh+h4BW3zk1TETBEvrhdJTeCaIpR/FfMTYSiiIEJyq7es1ERX9TvUkwUnunqIq6
SQ0iDP7D+bAftdoU8UqgKs+ncM9/nciI1Brd3Toik+0oJ8FTXqTu5X/z++Z0VPTI
lOpINwE2rjWxMw62X3bM8dAmP8MnR2dW/Vq/93HIRAN+NBktCNLHn0zZTq9cfn00
YPaJRphyXBW06Z2iapnqyraGesD9tPb0ynPDaY4weVOnHP4pW6GCOVoY3q9lHAvu
sMvAEcFrekyY+ZtMbx0MHzFn5wGrHUK86YJ/tnO5pfAZ/DBPTasqOG8ZHOz0utxg
e2KGhbJh8iXaKCAuMdBo8lufBpHaRnrY5DqnNPwGLsImH7uyrpoZPn4EmQNgIyme
FfG39/AcySxdl0rtrHSaS0gjBknvnYnrPympPxSDXpYu9ma6YYA=
=a9fe
-----END PGP SIGNATURE-----
Reply to: