Ubuntu
curl package

Branches for Utopic

Name		Status	Last Modified	Last Commit
lp://staging/ubuntu/utopic/curl		2 Mature	2014-10-02 13:26:57 UTC 2014-10-02	83. debian/patches/09_fix-timeout-in-poll... Author: Brian Murray Revision Date: 2014-10-02 13:26:57 UTC debian/patches/09_fix-timeout-in-poll-and-wait.patch: apply upstream commit fixing timeout return value for curl_poll and curl_wait_ms. Thanks to Grzegorz Gutowski for finding the patch. (LP: #1375663)
lp://staging/ubuntu/utopic-security/curl		2 Mature	2015-04-29 10:23:26 UTC 2015-04-29	86. * SECURITY UPDATE: NTLM connection re... Author: Marc Deslauriers Revision Date: 2015-04-29 10:23:26 UTC * SECURITY UPDATE: NTLM connection reuse when unauthenticated - debian/patches/CVE-2015-3143.patch: require credentials to match in lib/url.c. - CVE-2015-3143 * SECURITY UPDATE: host name out of boundary memory access - debian/patches/CVE-2015-3144.patch: check for valid length in lib/url.c. - CVE-2015-3144 * SECURITY UPDATE: cookie parser out of boundary memory access - debian/patches/CVE-2015-3145.patch: properly handle a single double quote in lib/cookie.c. - CVE-2015-3145 * SECURITY UPDATE: negotiate not treated as connection-oriented - debian/patches/CVE-2015-3148.patch: don't clear GSSAPI state between each exchange and close Negotiate connections when done in lib/http.c, lib/http_negotiate.c, lib/http_negotiate_sspi.c. - CVE-2015-3148 * SECURITY UPDATE: sensitive HTTP server headers disclosure to proxies - debian/patches/CVE-2015-3153.patch: make HTTP headers separated in docs/libcurl/opts/CURLOPT_HEADEROPT.3, lib/url.c, tests/data/test1527, tests/data/test287, tests/libtest/lib1527.c. - CVE-2015-3153
lp://staging/ubuntu/utopic-updates/curl		2 Mature	2015-04-29 10:23:26 UTC 2015-04-29	86. * SECURITY UPDATE: NTLM connection re... Author: Marc Deslauriers Revision Date: 2015-04-29 10:23:26 UTC * SECURITY UPDATE: NTLM connection reuse when unauthenticated - debian/patches/CVE-2015-3143.patch: require credentials to match in lib/url.c. - CVE-2015-3143 * SECURITY UPDATE: host name out of boundary memory access - debian/patches/CVE-2015-3144.patch: check for valid length in lib/url.c. - CVE-2015-3144 * SECURITY UPDATE: cookie parser out of boundary memory access - debian/patches/CVE-2015-3145.patch: properly handle a single double quote in lib/cookie.c. - CVE-2015-3145 * SECURITY UPDATE: negotiate not treated as connection-oriented - debian/patches/CVE-2015-3148.patch: don't clear GSSAPI state between each exchange and close Negotiate connections when done in lib/http.c, lib/http_negotiate.c, lib/http_negotiate_sspi.c. - CVE-2015-3148 * SECURITY UPDATE: sensitive HTTP server headers disclosure to proxies - debian/patches/CVE-2015-3153.patch: make HTTP headers separated in docs/libcurl/opts/CURLOPT_HEADEROPT.3, lib/url.c, tests/data/test1527, tests/data/test287, tests/libtest/lib1527.c. - CVE-2015-3153
lp://staging/ubuntu/utopic-proposed/curl		1 Development	2014-10-03 12:56:36 UTC 2014-10-03	83. debian/patches/09_fix-timeout-in-poll... Author: Brian Murray Revision Date: 2014-10-02 13:26:57 UTC debian/patches/09_fix-timeout-in-poll-and-wait.patch: apply upstream commit fixing timeout return value for curl_poll and curl_wait_ms. Thanks to Grzegorz Gutowski for finding the patch. (LP: #1375663)