Accepted curl 7.38.0-4+deb8u10 (source amd64 all) into oldstable-proposed-updates->oldstable-new, oldstable-proposed-updates
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Tue, 13 Mar 2018 20:47:46 +0000
Source: curl
Binary: curl libcurl3 libcurl3-gnutls libcurl3-nss libcurl4-openssl-dev libcurl4-gnutls-dev libcurl4-nss-dev libcurl3-dbg libcurl4-doc
Architecture: source amd64 all
Version: 7.38.0-4+deb8u10
Distribution: jessie-security
Urgency: high
Maintainer: Alessandro Ghedini <ghedo@debian.org>
Changed-By: Alessandro Ghedini <ghedo@debian.org>
Description:
curl - command line tool for transferring data with URL syntax
libcurl3 - easy-to-use client-side URL transfer library (OpenSSL flavour)
libcurl3-dbg - debugging symbols for libcurl (OpenSSL, GnuTLS and NSS flavours)
libcurl3-gnutls - easy-to-use client-side URL transfer library (GnuTLS flavour)
libcurl3-nss - easy-to-use client-side URL transfer library (NSS flavour)
libcurl4-doc - documentation for libcurl
libcurl4-gnutls-dev - development files and documentation for libcurl (GnuTLS flavour)
libcurl4-nss-dev - development files and documentation for libcurl (NSS flavour)
libcurl4-openssl-dev - development files and documentation for libcurl (OpenSSL flavour)
Changes:
curl (7.38.0-4+deb8u10) jessie-security; urgency=high
.
* Fix NIL byte out of bounds write due to FTP path trickery
as per CVE-2018-1000120
https://curl.haxx.se/docs/adv_2018-9cd6.html
* Fix LDAP NULL pointer dereference as per CVE-2018-1000121
https://curl.haxx.se/docs/adv_2018-97a2.html
* Fix RTSP RTP buffer over-read as per CVE-2018-1000122
https://curl.haxx.se/docs/adv_2018-b047.html
Checksums-Sha1:
9896f3a07aa083d2944f6a1a68dfe050549bb81f 2673 curl_7.38.0-4+deb8u10.dsc
ec5a7637b5a19f032d82d3ddfd41de0556a2c1cb 47208 curl_7.38.0-4+deb8u10.debian.tar.xz
b9eb83d5e46e79422f613d24082b57a8f2c03c98 200814 curl_7.38.0-4+deb8u10_amd64.deb
ea471285edabc916430c7956c252cef804e55033 259728 libcurl3_7.38.0-4+deb8u10_amd64.deb
3ede8851f5e0338963f213f81ea5c48a095e652e 252366 libcurl3-gnutls_7.38.0-4+deb8u10_amd64.deb
6979cf9ba963205b11973b55f77fd1cb965b2768 263784 libcurl3-nss_7.38.0-4+deb8u10_amd64.deb
49c5ffd9883fd228b7d8256fa663f8e944a6ab04 337402 libcurl4-openssl-dev_7.38.0-4+deb8u10_amd64.deb
00d2357a928dcfc75bf682e8e727968ec0a06c48 328912 libcurl4-gnutls-dev_7.38.0-4+deb8u10_amd64.deb
0b4b987464a015d1196052c42f9eda3b1f0e4766 341250 libcurl4-nss-dev_7.38.0-4+deb8u10_amd64.deb
f28a7316dbf058b9407de7a6895ded10518a1d71 3371398 libcurl3-dbg_7.38.0-4+deb8u10_amd64.deb
072db298d8e8e974bd9c2ca9b0b2b0884e905e38 1067032 libcurl4-doc_7.38.0-4+deb8u10_all.deb
Checksums-Sha256:
8c63e3d24209e7eee792a8bc80a540dcfadf881452e43e8c500dcac192c3a73c 2673 curl_7.38.0-4+deb8u10.dsc
917f9e86ed29504a962e5b982a455cfbd272a5e38a6ee050dfa343a2790fe746 47208 curl_7.38.0-4+deb8u10.debian.tar.xz
e1f8ff9b2665a2dd5ed79776e5770e99f919ca9b5bb4df6920d375b5ebc6f534 200814 curl_7.38.0-4+deb8u10_amd64.deb
7459409b79e313ae2fd5edc21ed947169d7e89057748da48aefba5f6e4fdc505 259728 libcurl3_7.38.0-4+deb8u10_amd64.deb
8962b4799c5298c87b1ece5912569d4062628992005f924974d3186a224d60c0 252366 libcurl3-gnutls_7.38.0-4+deb8u10_amd64.deb
a6f9250036d576dc5f8b30f563e5d49f0e33c28982cf24f777cc6a5febf5eb24 263784 libcurl3-nss_7.38.0-4+deb8u10_amd64.deb
72f610e33605139b3ab641cc6312b30acfbba4e2684e5f0380a743c77f2619be 337402 libcurl4-openssl-dev_7.38.0-4+deb8u10_amd64.deb
d250a98c9fade4e3390d077d8920e174814a85f488b661aeb2e4d48f91f5026a 328912 libcurl4-gnutls-dev_7.38.0-4+deb8u10_amd64.deb
016856b4c332df4b9a3e338c79bfd28496561191693e7f26f58e78d50cc4e9b5 341250 libcurl4-nss-dev_7.38.0-4+deb8u10_amd64.deb
6c86c815f5451f54499301dca302a53283a6c5183a20acd4f9c5030dd4da3adc 3371398 libcurl3-dbg_7.38.0-4+deb8u10_amd64.deb
95f4c8b17cd0c9c3afc88642b353ae4a899b6d08590f747736d1e3787782965f 1067032 libcurl4-doc_7.38.0-4+deb8u10_all.deb
Files:
d293ed1d0a6884f2606fc7bb275daa21 2673 web optional curl_7.38.0-4+deb8u10.dsc
e48ccbd1924d5cbaf47286299088a5b8 47208 web optional curl_7.38.0-4+deb8u10.debian.tar.xz
38cd129602fba82dd76c4a0807e210be 200814 web optional curl_7.38.0-4+deb8u10_amd64.deb
9861f8e78249389769115ffdd0482094 259728 libs optional libcurl3_7.38.0-4+deb8u10_amd64.deb
a5ecfc9dcaab3b979318390d0ad391c1 252366 libs optional libcurl3-gnutls_7.38.0-4+deb8u10_amd64.deb
99812ac40880d180b4e644c07f19c3fb 263784 libs optional libcurl3-nss_7.38.0-4+deb8u10_amd64.deb
71be46f8f48e1b3b5416625e6d93eb1c 337402 libdevel optional libcurl4-openssl-dev_7.38.0-4+deb8u10_amd64.deb
67a2c714c472f21e1f77ae8fddb1a2fb 328912 libdevel optional libcurl4-gnutls-dev_7.38.0-4+deb8u10_amd64.deb
91a6b3c541b8672b09cc188f7646eb5c 341250 libdevel optional libcurl4-nss-dev_7.38.0-4+deb8u10_amd64.deb
0ee92e25278dbfffe6100bc1377beabb 3371398 debug extra libcurl3-dbg_7.38.0-4+deb8u10_amd64.deb
139249b50362263870526afa6d16715d 1067032 doc optional libcurl4-doc_7.38.0-4+deb8u10_all.deb
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEBsId305pBx+F583DbwzL4CFiRygFAlqoTGkACgkQbwzL4CFi
RyjONg//aMmKGycoU9lIHD3ciD3I090pAdEM1ZUzY7tnDG9MCsC2sd2Lc3Cq935W
jRq/Ns0FTFJm2x8PspnnDK4736EjQe5mwZck0uM68QwUO/LsbrecfzuMSPp76s7S
g6BeDLWIqinQgiKbBnhHbUspqekLWjGMJfZQ68Oea75aIcbaz+Yp6tMTxmWm4Pvs
QXgx8ZKIOuIp8EJLhZ+5k6FvERaKVTGnUUbx8znqvMYOcQaKk+2s75MJEddb9yzC
OahXKY7iPU+71twydr8KL5JXCMyBw5hq/qjDQffe99tpKuwP56UHSe5sL8OVlvts
oAHKDsZ0GxsZm/HxdW6UOMt9aOf7gIkkeYZiYVbEGxxEzKo7jt6PF3bipTHvu88a
GfgNYxPcVucV7k5wvlW7lycS1xkkESC1j1pv/XLU9yISoXR2c+Ljztq2r5kWPcLu
hHif+KD2UOs5ucH1hOQvHQ+KEJRuA4LiBAf6aHBgJhoSPAo1keN2eMpmq5JBuYDx
9K5peOF4ansQ7quPkSguxce+z1HU590yaNAHyTNsow2vYCwccw/piPAxGYtuiKrY
tpISVEOAxJinH0e5COXYNsNlLwC32wFF90BJ71Ikk4loMnFsEpd+pizmZuOCsxNX
embr8qV2NU2LE15dI68rve7tEKrz2oWztEZqgkwy10tfO35r8qc=
=nOcf
-----END PGP SIGNATURE-----