View Bazaar branches
Get this repository:
git clone https://git.launchpad.net/ubuntu/+source/curl
Members of Ubuntu Server Dev import team can upload to this repository. Log in for directions.

Branches

Name Last Modified Last Commit
ubuntu/natty-devel 2012-01-24 21:07:49 UTC 2012-01-24
Import patches-unapplied version 7.21.3-1ubuntu1.5 to ubuntu/natty-security

Author: Marc Deslauriers
Author Date: 2012-01-24 13:28:19 UTC

Import patches-unapplied version 7.21.3-1ubuntu1.5 to ubuntu/natty-security

Imported using git-ubuntu import.

Changelog parent: 3370aec0473720c1c5d52b57ecc62235245b7d87

New changelog entries:
  * SECURITY UPDATE: URL sanitization vulnerability
    - debian/patches/CVE-2012-0036.patch: reject URLs with embedded control
      codes in lib/{escape.h,escape.c,imap.c,pop3.c,smtp.c}.
    - CVE-2012-0036

ubuntu/natty-security 2012-01-24 21:07:49 UTC 2012-01-24
Import patches-unapplied version 7.21.3-1ubuntu1.5 to ubuntu/natty-security

Author: Marc Deslauriers
Author Date: 2012-01-24 13:28:19 UTC

Import patches-unapplied version 7.21.3-1ubuntu1.5 to ubuntu/natty-security

Imported using git-ubuntu import.

Changelog parent: 3370aec0473720c1c5d52b57ecc62235245b7d87

New changelog entries:
  * SECURITY UPDATE: URL sanitization vulnerability
    - debian/patches/CVE-2012-0036.patch: reject URLs with embedded control
      codes in lib/{escape.h,escape.c,imap.c,pop3.c,smtp.c}.
    - CVE-2012-0036

ubuntu/natty-updates 2012-01-24 21:07:49 UTC 2012-01-24
Import patches-unapplied version 7.21.3-1ubuntu1.5 to ubuntu/natty-security

Author: Marc Deslauriers
Author Date: 2012-01-24 13:28:19 UTC

Import patches-unapplied version 7.21.3-1ubuntu1.5 to ubuntu/natty-security

Imported using git-ubuntu import.

Changelog parent: 3370aec0473720c1c5d52b57ecc62235245b7d87

New changelog entries:
  * SECURITY UPDATE: URL sanitization vulnerability
    - debian/patches/CVE-2012-0036.patch: reject URLs with embedded control
      codes in lib/{escape.h,escape.c,imap.c,pop3.c,smtp.c}.
    - CVE-2012-0036

applied/ubuntu/natty-updates 2012-01-24 21:07:49 UTC 2012-01-24
Import patches-applied version 7.21.3-1ubuntu1.5 to applied/ubuntu/natty-secu...

Author: Marc Deslauriers
Author Date: 2012-01-24 13:28:19 UTC

Import patches-applied version 7.21.3-1ubuntu1.5 to applied/ubuntu/natty-security

Imported using git-ubuntu import.

Changelog parent: 05ee322179377267f52e3770abe79a9401f7f705
Unapplied parent: b3d9ca6516bb584c841ab56f30f945c42df5fe15

New changelog entries:
  * SECURITY UPDATE: URL sanitization vulnerability
    - debian/patches/CVE-2012-0036.patch: reject URLs with embedded control
      codes in lib/{escape.h,escape.c,imap.c,pop3.c,smtp.c}.
    - CVE-2012-0036

applied/ubuntu/natty-security 2012-01-24 21:07:49 UTC 2012-01-24
Import patches-applied version 7.21.3-1ubuntu1.5 to applied/ubuntu/natty-secu...

Author: Marc Deslauriers
Author Date: 2012-01-24 13:28:19 UTC

Import patches-applied version 7.21.3-1ubuntu1.5 to applied/ubuntu/natty-security

Imported using git-ubuntu import.

Changelog parent: 05ee322179377267f52e3770abe79a9401f7f705
Unapplied parent: b3d9ca6516bb584c841ab56f30f945c42df5fe15

New changelog entries:
  * SECURITY UPDATE: URL sanitization vulnerability
    - debian/patches/CVE-2012-0036.patch: reject URLs with embedded control
      codes in lib/{escape.h,escape.c,imap.c,pop3.c,smtp.c}.
    - CVE-2012-0036

applied/ubuntu/natty-devel 2012-01-24 21:07:49 UTC 2012-01-24
Import patches-applied version 7.21.3-1ubuntu1.5 to applied/ubuntu/natty-secu...

Author: Marc Deslauriers
Author Date: 2012-01-24 13:28:19 UTC

Import patches-applied version 7.21.3-1ubuntu1.5 to applied/ubuntu/natty-security

Imported using git-ubuntu import.

Changelog parent: 05ee322179377267f52e3770abe79a9401f7f705
Unapplied parent: b3d9ca6516bb584c841ab56f30f945c42df5fe15

New changelog entries:
  * SECURITY UPDATE: URL sanitization vulnerability
    - debian/patches/CVE-2012-0036.patch: reject URLs with embedded control
      codes in lib/{escape.h,escape.c,imap.c,pop3.c,smtp.c}.
    - CVE-2012-0036

applied/ubuntu/maverick-updates 2012-01-24 21:07:49 UTC 2012-01-24
Import patches-applied version 7.21.0-1ubuntu1.3 to applied/ubuntu/maverick-s...

Author: Marc Deslauriers
Author Date: 2012-01-24 13:29:10 UTC

Import patches-applied version 7.21.0-1ubuntu1.3 to applied/ubuntu/maverick-security

Imported using git-ubuntu import.

Changelog parent: cbb4d560519c307468121f61a037c79bee52d505
Unapplied parent: 1d8d9dc4612920a87b8967fc6d4446fd768b4cd2

New changelog entries:
  * SECURITY UPDATE: URL sanitization vulnerability
    - debian/patches/CVE-2012-0036.patch: reject URLs with embedded control
      codes in lib/{escape.h,escape.c,imap.c,pop3.c,smtp.c}.
    - CVE-2012-0036

applied/ubuntu/maverick-devel 2012-01-24 21:07:49 UTC 2012-01-24
Import patches-applied version 7.21.0-1ubuntu1.3 to applied/ubuntu/maverick-s...

Author: Marc Deslauriers
Author Date: 2012-01-24 13:29:10 UTC

Import patches-applied version 7.21.0-1ubuntu1.3 to applied/ubuntu/maverick-security

Imported using git-ubuntu import.

Changelog parent: cbb4d560519c307468121f61a037c79bee52d505
Unapplied parent: 1d8d9dc4612920a87b8967fc6d4446fd768b4cd2

New changelog entries:
  * SECURITY UPDATE: URL sanitization vulnerability
    - debian/patches/CVE-2012-0036.patch: reject URLs with embedded control
      codes in lib/{escape.h,escape.c,imap.c,pop3.c,smtp.c}.
    - CVE-2012-0036

applied/ubuntu/oneiric 2011-09-15 21:03:47 UTC 2011-09-15
Import patches-applied version 7.21.6-3ubuntu3 to applied/ubuntu/oneiric

Author: James Page
Author Date: 2011-09-14 16:31:37 UTC

Import patches-applied version 7.21.6-3ubuntu3 to applied/ubuntu/oneiric

Imported using git-ubuntu import.

Changelog parent: 5748762748f271c79cfafde2e356361b551798f7
Unapplied parent: 5eb389634a5d859aa4a41cec001a72fc121592e1

New changelog entries:
  [ James Page, Colin Watson ]
  * Add new libcurl3-udeb package, stripped down for use during installation
    (LP: #831496).

ubuntu/oneiric 2011-09-15 21:03:47 UTC 2011-09-15
Import patches-unapplied version 7.21.6-3ubuntu3 to ubuntu/oneiric

Author: James Page
Author Date: 2011-09-14 16:31:37 UTC

Import patches-unapplied version 7.21.6-3ubuntu3 to ubuntu/oneiric

Imported using git-ubuntu import.

Changelog parent: 50a93a70abd7de7e5687dae3aac4dc9c96cd71bb

New changelog entries:
  [ James Page, Colin Watson ]
  * Add new libcurl3-udeb package, stripped down for use during installation
    (LP: #831496).

applied/ubuntu/natty-proposed 2011-07-14 17:10:07 UTC 2011-07-14
Import patches-applied version 7.21.3-1ubuntu1.3 to applied/ubuntu/natty-prop...

Author: Steve Beattie
Author Date: 2011-06-24 18:36:02 UTC

Import patches-applied version 7.21.3-1ubuntu1.3 to applied/ubuntu/natty-proposed

Imported using git-ubuntu import.

Changelog parent: 5dba0137f9e12dc294508b7f4fd8a502b1d22d18
Unapplied parent: 939c8eb07a6c92996265b2e52c16e66f98ed49de

New changelog entries:
  * debian/patches/timeout_bug_736216: cherry pick upstream
    git revision d4e000906ac4ef243258a5c9a819a7cde247d16a to fix
    handshake timeout bug (LP: #736216). Thanks to Sidnei da Silva
    and Michael Vogt

ubuntu/natty-proposed 2011-07-14 17:10:07 UTC 2011-07-14
Import patches-unapplied version 7.21.3-1ubuntu1.3 to ubuntu/natty-proposed

Author: Steve Beattie
Author Date: 2011-06-24 18:36:02 UTC

Import patches-unapplied version 7.21.3-1ubuntu1.3 to ubuntu/natty-proposed

Imported using git-ubuntu import.

Changelog parent: bdf08fc575efeba154aa3b43df8e9e15c0639579

New changelog entries:
  * debian/patches/timeout_bug_736216: cherry pick upstream
    git revision d4e000906ac4ef243258a5c9a819a7cde247d16a to fix
    handshake timeout bug (LP: #736216). Thanks to Sidnei da Silva
    and Michael Vogt

applied/ubuntu/natty 2011-01-26 15:07:09 UTC 2011-01-26
Import patches-applied version 7.21.3-1ubuntu1 to applied/ubuntu/natty

Author: Artur Rona
Author Date: 2011-01-26 01:50:18 UTC

Import patches-applied version 7.21.3-1ubuntu1 to applied/ubuntu/natty

Imported using git-ubuntu import.

Changelog parent: e21e97e61f986161628fa1c215bed4cab94dcb3e
Unapplied parent: 021770771317173d1fbc9f223d2cb8d9cd158762

New changelog entries:
  * Merge from debian unstable. Remaining changes: (LP: #707756)
    - debian/control:
      + Build-Depends: Replace libssh2-1-dev with openssh-server.
        Drop stunnel since it's in universe, as well.
      + Drop libssh2-1-dev from libcurl4-openssl-dev's Depends.
      Above changes are necessary to be independent from the universe.

ubuntu/natty 2011-01-26 15:07:09 UTC 2011-01-26
Import patches-unapplied version 7.21.3-1ubuntu1 to ubuntu/natty

Author: Artur Rona
Author Date: 2011-01-26 01:50:18 UTC

Import patches-unapplied version 7.21.3-1ubuntu1 to ubuntu/natty

Imported using git-ubuntu import.

Changelog parent: 73603fa58f8dbcdabfa0b57d1e2d92ee161b0947

New changelog entries:
  * Merge from debian unstable. Remaining changes: (LP: #707756)
    - debian/control:
      + Build-Depends: Replace libssh2-1-dev with openssh-server.
        Drop stunnel since it's in universe, as well.
      + Drop libssh2-1-dev from libcurl4-openssl-dev's Depends.
      Above changes are necessary to be independent from the universe.

ubuntu/maverick 2010-06-23 07:05:20 UTC 2010-06-23
Import patches-unapplied version 7.21.0-1ubuntu1 to ubuntu/maverick

Author: Bhavani Shankar
Author Date: 2010-06-20 08:26:28 UTC

Import patches-unapplied version 7.21.0-1ubuntu1 to ubuntu/maverick

Imported using git-ubuntu import.

Changelog parent: 8de5017a59811d5480eeb01a238db8a2012b9cc5

New changelog entries:
  * Merge from debian unstable. Remaining changes: LP: #596334
    - Keep build deps in main:
      - Drop build dependencies: stunnel, libssh2-1-dev
      - Add build-dependency on openssh-server
      - Drop libssh2-1-dev from libcurl4-openssl-dev's Depends.

applied/ubuntu/maverick 2010-06-23 07:05:20 UTC 2010-06-23
Import patches-applied version 7.21.0-1ubuntu1 to applied/ubuntu/maverick

Author: Bhavani Shankar
Author Date: 2010-06-20 08:26:28 UTC

Import patches-applied version 7.21.0-1ubuntu1 to applied/ubuntu/maverick

Imported using git-ubuntu import.

Changelog parent: 9d5b58a01737130c1fb4b36fd1ce6f262da486d9
Unapplied parent: 1a3f35bd78430b7f0576b4f872007827f013f102

New changelog entries:
  * Merge from debian unstable. Remaining changes: LP: #596334
    - Keep build deps in main:
      - Drop build dependencies: stunnel, libssh2-1-dev
      - Add build-dependency on openssh-server
      - Drop libssh2-1-dev from libcurl4-openssl-dev's Depends.

ubuntu/lucid 2009-12-12 06:04:47 UTC 2009-12-12
Import patches-unapplied version 7.19.7-1ubuntu1 to ubuntu/lucid

Author: Kees Cook
Author Date: 2009-12-12 03:33:21 UTC

Import patches-unapplied version 7.19.7-1ubuntu1 to ubuntu/lucid

Imported using git-ubuntu import.

Changelog parent: d75d1e627c329bf044199126e84ed3e6cb67bfbb

New changelog entries:
  * Merge with Debian testing. Remaining changes:
    - Keep build deps in main:
      - Drop build dependencies: stunnel, libdb4.6-dev, libssh2-1-dev
      - Add build-dependency on openssh-server
      - Drop libssh2-1-dev from libcurl4-openssl-dev's Depends.

applied/ubuntu/lucid 2009-12-12 06:04:47 UTC 2009-12-12
Import patches-applied version 7.19.7-1ubuntu1 to applied/ubuntu/lucid

Author: Kees Cook
Author Date: 2009-12-12 03:33:21 UTC

Import patches-applied version 7.19.7-1ubuntu1 to applied/ubuntu/lucid

Imported using git-ubuntu import.

Changelog parent: e255e075d09765a96b8e4ced61fa83e9c604fcdc
Unapplied parent: e49e4e452150e0c30c9cdcf48e789a72a8def1a6

New changelog entries:
  * Merge with Debian testing. Remaining changes:
    - Keep build deps in main:
      - Drop build dependencies: stunnel, libdb4.6-dev, libssh2-1-dev
      - Add build-dependency on openssh-server
      - Drop libssh2-1-dev from libcurl4-openssl-dev's Depends.

applied/ubuntu/intrepid-updates 2009-08-17 18:04:38 UTC 2009-08-17
Import patches-applied version 7.18.2-1ubuntu4.4 to applied/ubuntu/intrepid-s...

Author: Kees Cook
Author Date: 2009-08-13 16:12:09 UTC

Import patches-applied version 7.18.2-1ubuntu4.4 to applied/ubuntu/intrepid-security

Imported using git-ubuntu import.

Changelog parent: 1916e85da85fe1ed3a9b2ebf2c752fa220efb907
Unapplied parent: 63679a48561feb6e2f0b3248dbc81ccac1d1dcf1

New changelog entries:
  * SECURITY UPDATE: SSL cert hostname checking bypass with NULL byte.
    - add debian/patches/cert-null-cn: backported upstream changes.
    - CVE-2009-2417

applied/ubuntu/jaunty-updates 2009-08-17 18:04:38 UTC 2009-08-17
Import patches-applied version 7.18.2-8ubuntu4.1 to applied/ubuntu/jaunty-sec...

Author: Kees Cook
Author Date: 2009-08-13 16:08:28 UTC

Import patches-applied version 7.18.2-8ubuntu4.1 to applied/ubuntu/jaunty-security

Imported using git-ubuntu import.

Changelog parent: e29ae83bf377dae80688d496c525b08b04f6017e
Unapplied parent: 2f7f7f9903b595349dfc83bdeb92bfb8337751b3

New changelog entries:
  * SECURITY UPDATE: SSL cert hostname checking bypass with NULL byte.
    - add debian/patches/cert-null-cn.patch: backported upstream changes.
    - CVE-2009-2417

applied/ubuntu/intrepid-devel 2009-08-17 18:04:38 UTC 2009-08-17
Import patches-applied version 7.18.2-1ubuntu4.4 to applied/ubuntu/intrepid-s...

Author: Kees Cook
Author Date: 2009-08-13 16:12:09 UTC

Import patches-applied version 7.18.2-1ubuntu4.4 to applied/ubuntu/intrepid-security

Imported using git-ubuntu import.

Changelog parent: 1916e85da85fe1ed3a9b2ebf2c752fa220efb907
Unapplied parent: 63679a48561feb6e2f0b3248dbc81ccac1d1dcf1

New changelog entries:
  * SECURITY UPDATE: SSL cert hostname checking bypass with NULL byte.
    - add debian/patches/cert-null-cn: backported upstream changes.
    - CVE-2009-2417

ubuntu/intrepid-devel 2009-08-17 18:04:38 UTC 2009-08-17
Import patches-unapplied version 7.18.2-1ubuntu4.4 to ubuntu/intrepid-security

Author: Kees Cook
Author Date: 2009-08-13 16:12:09 UTC

Import patches-unapplied version 7.18.2-1ubuntu4.4 to ubuntu/intrepid-security

Imported using git-ubuntu import.

Changelog parent: 53d2578c5226f16c6d031f9faff8a0e42cf2a0d6

New changelog entries:
  * SECURITY UPDATE: SSL cert hostname checking bypass with NULL byte.
    - add debian/patches/cert-null-cn: backported upstream changes.
    - CVE-2009-2417

ubuntu/dapper-security 2009-08-17 18:04:38 UTC 2009-08-17
Import patches-unapplied version 7.15.1-1ubuntu3.2 to ubuntu/dapper-security

Author: Kees Cook
Author Date: 2009-08-13 16:14:00 UTC

Import patches-unapplied version 7.15.1-1ubuntu3.2 to ubuntu/dapper-security

Imported using git-ubuntu import.

Changelog parent: 2b8fb94ca751adbed8f9b3369a3c158509492e6d

New changelog entries:
  * SECURITY UPDATE: SSL cert hostname checking bypass with NULL byte.
    - lib/ssluse.c: backported upstream changes, applied inline.
    - CVE-2009-2417

ubuntu/dapper-updates 2009-08-17 18:04:38 UTC 2009-08-17
Import patches-unapplied version 7.15.1-1ubuntu3.2 to ubuntu/dapper-security

Author: Kees Cook
Author Date: 2009-08-13 16:14:00 UTC

Import patches-unapplied version 7.15.1-1ubuntu3.2 to ubuntu/dapper-security

Imported using git-ubuntu import.

Changelog parent: 2b8fb94ca751adbed8f9b3369a3c158509492e6d

New changelog entries:
  * SECURITY UPDATE: SSL cert hostname checking bypass with NULL byte.
    - lib/ssluse.c: backported upstream changes, applied inline.
    - CVE-2009-2417

ubuntu/dapper-devel 2009-08-17 18:04:38 UTC 2009-08-17
Import patches-unapplied version 7.15.1-1ubuntu3.2 to ubuntu/dapper-security

Author: Kees Cook
Author Date: 2009-08-13 16:14:00 UTC

Import patches-unapplied version 7.15.1-1ubuntu3.2 to ubuntu/dapper-security

Imported using git-ubuntu import.

Changelog parent: 2b8fb94ca751adbed8f9b3369a3c158509492e6d

New changelog entries:
  * SECURITY UPDATE: SSL cert hostname checking bypass with NULL byte.
    - lib/ssluse.c: backported upstream changes, applied inline.
    - CVE-2009-2417

applied/ubuntu/dapper-security 2009-08-17 18:04:38 UTC 2009-08-17
Import patches-applied version 7.15.1-1ubuntu3.2 to applied/ubuntu/dapper-sec...

Author: Kees Cook
Author Date: 2009-08-13 16:14:00 UTC

Import patches-applied version 7.15.1-1ubuntu3.2 to applied/ubuntu/dapper-security

Imported using git-ubuntu import.

Changelog parent: a382da4263516dcf28566987dc5b3c8d7d4a5174
Unapplied parent: be592cba81b8952fe7d1b1319533202b9c941fff

New changelog entries:
  * SECURITY UPDATE: SSL cert hostname checking bypass with NULL byte.
    - lib/ssluse.c: backported upstream changes, applied inline.
    - CVE-2009-2417

applied/ubuntu/dapper-updates 2009-08-17 18:04:38 UTC 2009-08-17
Import patches-applied version 7.15.1-1ubuntu3.2 to applied/ubuntu/dapper-sec...

Author: Kees Cook
Author Date: 2009-08-13 16:14:00 UTC

Import patches-applied version 7.15.1-1ubuntu3.2 to applied/ubuntu/dapper-security

Imported using git-ubuntu import.

Changelog parent: a382da4263516dcf28566987dc5b3c8d7d4a5174
Unapplied parent: be592cba81b8952fe7d1b1319533202b9c941fff

New changelog entries:
  * SECURITY UPDATE: SSL cert hostname checking bypass with NULL byte.
    - lib/ssluse.c: backported upstream changes, applied inline.
    - CVE-2009-2417

applied/ubuntu/dapper-devel 2009-08-17 18:04:38 UTC 2009-08-17
Import patches-applied version 7.15.1-1ubuntu3.2 to applied/ubuntu/dapper-sec...

Author: Kees Cook
Author Date: 2009-08-13 16:14:00 UTC

Import patches-applied version 7.15.1-1ubuntu3.2 to applied/ubuntu/dapper-security

Imported using git-ubuntu import.

Changelog parent: a382da4263516dcf28566987dc5b3c8d7d4a5174
Unapplied parent: be592cba81b8952fe7d1b1319533202b9c941fff

New changelog entries:
  * SECURITY UPDATE: SSL cert hostname checking bypass with NULL byte.
    - lib/ssluse.c: backported upstream changes, applied inline.
    - CVE-2009-2417

applied/ubuntu/jaunty-devel 2009-08-17 18:04:38 UTC 2009-08-17
Import patches-applied version 7.18.2-8ubuntu4.1 to applied/ubuntu/jaunty-sec...

Author: Kees Cook
Author Date: 2009-08-13 16:08:28 UTC

Import patches-applied version 7.18.2-8ubuntu4.1 to applied/ubuntu/jaunty-security

Imported using git-ubuntu import.

Changelog parent: e29ae83bf377dae80688d496c525b08b04f6017e
Unapplied parent: 2f7f7f9903b595349dfc83bdeb92bfb8337751b3

New changelog entries:
  * SECURITY UPDATE: SSL cert hostname checking bypass with NULL byte.
    - add debian/patches/cert-null-cn.patch: backported upstream changes.
    - CVE-2009-2417

ubuntu/intrepid-security 2009-08-17 18:04:38 UTC 2009-08-17
Import patches-unapplied version 7.18.2-1ubuntu4.4 to ubuntu/intrepid-security

Author: Kees Cook
Author Date: 2009-08-13 16:12:09 UTC

Import patches-unapplied version 7.18.2-1ubuntu4.4 to ubuntu/intrepid-security

Imported using git-ubuntu import.

Changelog parent: 53d2578c5226f16c6d031f9faff8a0e42cf2a0d6

New changelog entries:
  * SECURITY UPDATE: SSL cert hostname checking bypass with NULL byte.
    - add debian/patches/cert-null-cn: backported upstream changes.
    - CVE-2009-2417

ubuntu/intrepid-updates 2009-08-17 18:04:38 UTC 2009-08-17
Import patches-unapplied version 7.18.2-1ubuntu4.4 to ubuntu/intrepid-security

Author: Kees Cook
Author Date: 2009-08-13 16:12:09 UTC

Import patches-unapplied version 7.18.2-1ubuntu4.4 to ubuntu/intrepid-security

Imported using git-ubuntu import.

Changelog parent: 53d2578c5226f16c6d031f9faff8a0e42cf2a0d6

New changelog entries:
  * SECURITY UPDATE: SSL cert hostname checking bypass with NULL byte.
    - add debian/patches/cert-null-cn: backported upstream changes.
    - CVE-2009-2417

applied/ubuntu/jaunty-security 2009-08-17 18:04:38 UTC 2009-08-17
Import patches-applied version 7.18.2-8ubuntu4.1 to applied/ubuntu/jaunty-sec...

Author: Kees Cook
Author Date: 2009-08-13 16:08:28 UTC

Import patches-applied version 7.18.2-8ubuntu4.1 to applied/ubuntu/jaunty-security

Imported using git-ubuntu import.

Changelog parent: e29ae83bf377dae80688d496c525b08b04f6017e
Unapplied parent: 2f7f7f9903b595349dfc83bdeb92bfb8337751b3

New changelog entries:
  * SECURITY UPDATE: SSL cert hostname checking bypass with NULL byte.
    - add debian/patches/cert-null-cn.patch: backported upstream changes.
    - CVE-2009-2417

ubuntu/jaunty-devel 2009-08-17 18:04:38 UTC 2009-08-17
Import patches-unapplied version 7.18.2-8ubuntu4.1 to ubuntu/jaunty-security

Author: Kees Cook
Author Date: 2009-08-13 16:08:28 UTC

Import patches-unapplied version 7.18.2-8ubuntu4.1 to ubuntu/jaunty-security

Imported using git-ubuntu import.

Changelog parent: d63df9f8c350a48529c4795a05613154ad1f8f32

New changelog entries:
  * SECURITY UPDATE: SSL cert hostname checking bypass with NULL byte.
    - add debian/patches/cert-null-cn.patch: backported upstream changes.
    - CVE-2009-2417

ubuntu/jaunty-security 2009-08-17 18:04:38 UTC 2009-08-17
Import patches-unapplied version 7.18.2-8ubuntu4.1 to ubuntu/jaunty-security

Author: Kees Cook
Author Date: 2009-08-13 16:08:28 UTC

Import patches-unapplied version 7.18.2-8ubuntu4.1 to ubuntu/jaunty-security

Imported using git-ubuntu import.

Changelog parent: d63df9f8c350a48529c4795a05613154ad1f8f32

New changelog entries:
  * SECURITY UPDATE: SSL cert hostname checking bypass with NULL byte.
    - add debian/patches/cert-null-cn.patch: backported upstream changes.
    - CVE-2009-2417

ubuntu/jaunty-updates 2009-08-17 18:04:38 UTC 2009-08-17
Import patches-unapplied version 7.18.2-8ubuntu4.1 to ubuntu/jaunty-security

Author: Kees Cook
Author Date: 2009-08-13 16:08:28 UTC

Import patches-unapplied version 7.18.2-8ubuntu4.1 to ubuntu/jaunty-security

Imported using git-ubuntu import.

Changelog parent: d63df9f8c350a48529c4795a05613154ad1f8f32

New changelog entries:
  * SECURITY UPDATE: SSL cert hostname checking bypass with NULL byte.
    - add debian/patches/cert-null-cn.patch: backported upstream changes.
    - CVE-2009-2417

applied/ubuntu/intrepid-security 2009-08-17 18:04:38 UTC 2009-08-17
Import patches-applied version 7.18.2-1ubuntu4.4 to applied/ubuntu/intrepid-s...

Author: Kees Cook
Author Date: 2009-08-13 16:12:09 UTC

Import patches-applied version 7.18.2-1ubuntu4.4 to applied/ubuntu/intrepid-security

Imported using git-ubuntu import.

Changelog parent: 1916e85da85fe1ed3a9b2ebf2c752fa220efb907
Unapplied parent: 63679a48561feb6e2f0b3248dbc81ccac1d1dcf1

New changelog entries:
  * SECURITY UPDATE: SSL cert hostname checking bypass with NULL byte.
    - add debian/patches/cert-null-cn: backported upstream changes.
    - CVE-2009-2417

ubuntu/karmic 2009-08-13 22:04:39 UTC 2009-08-13
Import patches-unapplied version 7.19.5-1ubuntu2 to ubuntu/karmic

Author: Kees Cook
Author Date: 2009-08-13 21:32:50 UTC

Import patches-unapplied version 7.19.5-1ubuntu2 to ubuntu/karmic

Imported using git-ubuntu import.

Changelog parent: 4b54ab0e25e84cbaa571ca8a7daabd6c9bfffbe8

New changelog entries:
  * SECURITY UPDATE: SSL cert hostname checking bypass with NULL byte.
    - add debian/patches/cert-null-cn: backported upstream changes.
    - CVE-2009-2417

ubuntu/karmic-devel 2009-08-13 22:04:39 UTC 2009-08-13
Import patches-unapplied version 7.19.5-1ubuntu2 to ubuntu/karmic

Author: Kees Cook
Author Date: 2009-08-13 21:32:50 UTC

Import patches-unapplied version 7.19.5-1ubuntu2 to ubuntu/karmic

Imported using git-ubuntu import.

Changelog parent: 4b54ab0e25e84cbaa571ca8a7daabd6c9bfffbe8

New changelog entries:
  * SECURITY UPDATE: SSL cert hostname checking bypass with NULL byte.
    - add debian/patches/cert-null-cn: backported upstream changes.
    - CVE-2009-2417

applied/ubuntu/karmic-devel 2009-08-13 22:04:39 UTC 2009-08-13
Import patches-applied version 7.19.5-1ubuntu2 to applied/ubuntu/karmic

Author: Kees Cook
Author Date: 2009-08-13 21:32:50 UTC

Import patches-applied version 7.19.5-1ubuntu2 to applied/ubuntu/karmic

Imported using git-ubuntu import.

Changelog parent: edcafc8647c0a4819acb8372475bca2405aa961c
Unapplied parent: 0daceb2e6b657662ccfbf88c1d90c721019d72c5

New changelog entries:
  * SECURITY UPDATE: SSL cert hostname checking bypass with NULL byte.
    - add debian/patches/cert-null-cn: backported upstream changes.
    - CVE-2009-2417

applied/ubuntu/karmic 2009-08-13 22:04:39 UTC 2009-08-13
Import patches-applied version 7.19.5-1ubuntu2 to applied/ubuntu/karmic

Author: Kees Cook
Author Date: 2009-08-13 21:32:50 UTC

Import patches-applied version 7.19.5-1ubuntu2 to applied/ubuntu/karmic

Imported using git-ubuntu import.

Changelog parent: edcafc8647c0a4819acb8372475bca2405aa961c
Unapplied parent: 0daceb2e6b657662ccfbf88c1d90c721019d72c5

New changelog entries:
  * SECURITY UPDATE: SSL cert hostname checking bypass with NULL byte.
    - add debian/patches/cert-null-cn: backported upstream changes.
    - CVE-2009-2417

applied/ubuntu/jaunty 2009-03-04 02:04:38 UTC 2009-03-04
Import patches-applied version 7.18.2-8ubuntu4 to applied/ubuntu/jaunty

Author: Marc Deslauriers
Author Date: 2009-03-04 00:58:20 UTC

Import patches-applied version 7.18.2-8ubuntu4 to applied/ubuntu/jaunty

Imported using git-ubuntu import.

Changelog parent: 8de4428324777024323f7d92316c5a3eb44fe452
Unapplied parent: d63df9f8c350a48529c4795a05613154ad1f8f32

New changelog entries:
  * SECURITY UPDATE: add fix for CVE-2009-0037 back in
    - debian/patches/security_CVE-2009-0037.patch: updated patch to add missing
      section to lib/easy.c
    - CVE-2009-0037

ubuntu/jaunty 2009-03-04 02:04:38 UTC 2009-03-04
Import patches-unapplied version 7.18.2-8ubuntu4 to ubuntu/jaunty

Author: Marc Deslauriers
Author Date: 2009-03-04 00:58:20 UTC

Import patches-unapplied version 7.18.2-8ubuntu4 to ubuntu/jaunty

Imported using git-ubuntu import.

Changelog parent: 7a47503e4eba0f338af03d7f67c223c3581d6b89

New changelog entries:
  * SECURITY UPDATE: add fix for CVE-2009-0037 back in
    - debian/patches/security_CVE-2009-0037.patch: updated patch to add missing
      section to lib/easy.c
    - CVE-2009-0037

applied/ubuntu/gutsy-security 2009-03-03 18:04:40 UTC 2009-03-03
Import patches-applied version 7.16.4-2ubuntu1.1 to applied/ubuntu/gutsy-secu...

Author: Marc Deslauriers
Author Date: 2009-02-26 20:38:56 UTC

Import patches-applied version 7.16.4-2ubuntu1.1 to applied/ubuntu/gutsy-security

Imported using git-ubuntu import.

Changelog parent: dd514c2da7cc1bcb66a2fca46bd6a4d332650614
Unapplied parent: 63cf64e2ab56172928f8f0279829e134fcc807b2

New changelog entries:
  * SECURITY UPDATE: Local file exposure via redirect
    - debian/patches/security-CVE-2009-0037.patch: add logic to
      include/curl/curl.h, lib/{easy,url}.c and lib/urldata.h to limit what
      protocols curl will automatically follow via a redirect. By default, it
      now follows all protocols except FILE and SCP.
    - CVE-2009-0037

ubuntu/gutsy-security 2009-03-03 18:04:40 UTC 2009-03-03
Import patches-unapplied version 7.16.4-2ubuntu1.1 to ubuntu/gutsy-security

Author: Marc Deslauriers
Author Date: 2009-02-26 20:38:56 UTC

Import patches-unapplied version 7.16.4-2ubuntu1.1 to ubuntu/gutsy-security

Imported using git-ubuntu import.

Changelog parent: e99f38a9b26bd194dee16dc1a233723b9a24d812

New changelog entries:
  * SECURITY UPDATE: Local file exposure via redirect
    - debian/patches/security-CVE-2009-0037.patch: add logic to
      include/curl/curl.h, lib/{easy,url}.c and lib/urldata.h to limit what
      protocols curl will automatically follow via a redirect. By default, it
      now follows all protocols except FILE and SCP.
    - CVE-2009-0037

ubuntu/gutsy-devel 2009-03-03 18:04:40 UTC 2009-03-03
Import patches-unapplied version 7.16.4-2ubuntu1.1 to ubuntu/gutsy-security

Author: Marc Deslauriers
Author Date: 2009-02-26 20:38:56 UTC

Import patches-unapplied version 7.16.4-2ubuntu1.1 to ubuntu/gutsy-security

Imported using git-ubuntu import.

Changelog parent: e99f38a9b26bd194dee16dc1a233723b9a24d812

New changelog entries:
  * SECURITY UPDATE: Local file exposure via redirect
    - debian/patches/security-CVE-2009-0037.patch: add logic to
      include/curl/curl.h, lib/{easy,url}.c and lib/urldata.h to limit what
      protocols curl will automatically follow via a redirect. By default, it
      now follows all protocols except FILE and SCP.
    - CVE-2009-0037

applied/ubuntu/gutsy-devel 2009-03-03 18:04:40 UTC 2009-03-03
Import patches-applied version 7.16.4-2ubuntu1.1 to applied/ubuntu/gutsy-secu...

Author: Marc Deslauriers
Author Date: 2009-02-26 20:38:56 UTC

Import patches-applied version 7.16.4-2ubuntu1.1 to applied/ubuntu/gutsy-security

Imported using git-ubuntu import.

Changelog parent: dd514c2da7cc1bcb66a2fca46bd6a4d332650614
Unapplied parent: 63cf64e2ab56172928f8f0279829e134fcc807b2

New changelog entries:
  * SECURITY UPDATE: Local file exposure via redirect
    - debian/patches/security-CVE-2009-0037.patch: add logic to
      include/curl/curl.h, lib/{easy,url}.c and lib/urldata.h to limit what
      protocols curl will automatically follow via a redirect. By default, it
      now follows all protocols except FILE and SCP.
    - CVE-2009-0037

applied/ubuntu/gutsy-updates 2009-03-03 18:04:40 UTC 2009-03-03
Import patches-applied version 7.16.4-2ubuntu1.1 to applied/ubuntu/gutsy-secu...

Author: Marc Deslauriers
Author Date: 2009-02-26 20:38:56 UTC

Import patches-applied version 7.16.4-2ubuntu1.1 to applied/ubuntu/gutsy-security

Imported using git-ubuntu import.

Changelog parent: dd514c2da7cc1bcb66a2fca46bd6a4d332650614
Unapplied parent: 63cf64e2ab56172928f8f0279829e134fcc807b2

New changelog entries:
  * SECURITY UPDATE: Local file exposure via redirect
    - debian/patches/security-CVE-2009-0037.patch: add logic to
      include/curl/curl.h, lib/{easy,url}.c and lib/urldata.h to limit what
      protocols curl will automatically follow via a redirect. By default, it
      now follows all protocols except FILE and SCP.
    - CVE-2009-0037

ubuntu/gutsy-updates 2009-03-03 18:04:40 UTC 2009-03-03
Import patches-unapplied version 7.16.4-2ubuntu1.1 to ubuntu/gutsy-security

Author: Marc Deslauriers
Author Date: 2009-02-26 20:38:56 UTC

Import patches-unapplied version 7.16.4-2ubuntu1.1 to ubuntu/gutsy-security

Imported using git-ubuntu import.

Changelog parent: e99f38a9b26bd194dee16dc1a233723b9a24d812

New changelog entries:
  * SECURITY UPDATE: Local file exposure via redirect
    - debian/patches/security-CVE-2009-0037.patch: add logic to
      include/curl/curl.h, lib/{easy,url}.c and lib/urldata.h to limit what
      protocols curl will automatically follow via a redirect. By default, it
      now follows all protocols except FILE and SCP.
    - CVE-2009-0037

applied/ubuntu/intrepid 2008-10-15 10:04:59 UTC 2008-10-15
Import patches-applied version 7.18.2-1ubuntu4 to applied/ubuntu/intrepid

Author: Nick Ellery
Author Date: 2008-10-11 06:32:54 UTC

Import patches-applied version 7.18.2-1ubuntu4 to applied/ubuntu/intrepid

Imported using git-ubuntu import.

Changelog parent: 85f9b5838375dbac5ed84035665ac090935fb202
Unapplied parent: d9b57e58b29aba0023a4bcdab05b1c395b5a6409

New changelog entries:
  * Added Recommends: on ca-certificate for curl package (LP: #152781).

ubuntu/intrepid 2008-10-15 10:04:59 UTC 2008-10-15
Import patches-unapplied version 7.18.2-1ubuntu4 to ubuntu/intrepid

Author: Nick Ellery
Author Date: 2008-10-11 06:32:54 UTC

Import patches-unapplied version 7.18.2-1ubuntu4 to ubuntu/intrepid

Imported using git-ubuntu import.

Changelog parent: b9b804fab9930ad05f758c7654ebac8cb649c473

New changelog entries:
  * Added Recommends: on ca-certificate for curl package (LP: #152781).

applied/ubuntu/hardy 2008-02-08 14:04:37 UTC 2008-02-08
Import patches-applied version 7.18.0-1ubuntu2 to applied/ubuntu/hardy

Author: Matthias Klose
Author Date: 2008-02-08 13:24:07 UTC

Import patches-applied version 7.18.0-1ubuntu2 to applied/ubuntu/hardy

Imported using git-ubuntu import.

Changelog parent: c1806ea9e58534f760a45b41edff3c9a94919df5
Unapplied parent: 6d05bb26983717c92b6b667538fccf95d95e49fa

New changelog entries:
  * Use automake-1.9, as used by upstream.

ubuntu/hardy 2008-02-08 14:04:37 UTC 2008-02-08
Import patches-unapplied version 7.18.0-1ubuntu2 to ubuntu/hardy

Author: Matthias Klose
Author Date: 2008-02-08 13:24:07 UTC

Import patches-unapplied version 7.18.0-1ubuntu2 to ubuntu/hardy

Imported using git-ubuntu import.

Changelog parent: cfcb63a77239bfe2cf5d7f947c0068d3ee4a1256

New changelog entries:
  * Use automake-1.9, as used by upstream.

ubuntu/dapper-proposed 2007-09-11 22:03:29 UTC 2007-09-11
Import patches-unapplied version 7.15.1-1ubuntu3 to ubuntu/dapper-proposed

Author: Gustavo Niemeyer
Author Date: 2007-09-11 15:21:00 UTC

Import patches-unapplied version 7.15.1-1ubuntu3 to ubuntu/dapper-proposed

Imported using git-ubuntu import.

Changelog parent: 12b3fa144fba7dc89cfc2d41b58f5f5aacec5837

New changelog entries:
  * Fix POST corruption when using gnutls (LP: #137849).

applied/ubuntu/dapper-proposed 2007-09-11 22:03:29 UTC 2007-09-11
Import patches-applied version 7.15.1-1ubuntu3 to applied/ubuntu/dapper-proposed

Author: Gustavo Niemeyer
Author Date: 2007-09-11 15:21:00 UTC

Import patches-applied version 7.15.1-1ubuntu3 to applied/ubuntu/dapper-proposed

Imported using git-ubuntu import.

Changelog parent: 72b47c916beb8759fdff0756e017ab8f633798ab
Unapplied parent: e509dfb26c9fba41620be0cc8a62ee3cb27b85a2

New changelog entries:
  * Fix POST corruption when using gnutls (LP: #137849).

ubuntu/gutsy 2007-08-09 14:04:41 UTC 2007-08-09
Import patches-unapplied version 7.16.4-2ubuntu1 to ubuntu/gutsy

Author: Matthias Klose
Author Date: 2007-08-09 07:16:47 UTC

Import patches-unapplied version 7.16.4-2ubuntu1 to ubuntu/gutsy

Imported using git-ubuntu import.

Changelog parent: fe1925ab1a3f8c5450abba426a18e2a2261953d0

New changelog entries:
  * Merge with Debian; remaining changes:
    - Drop the stunnel build dependency.
  * Fixed regression with FTP sites not requesting PASS (closes: #435771).

applied/ubuntu/gutsy 2007-08-09 14:04:41 UTC 2007-08-09
Import patches-applied version 7.16.4-2ubuntu1 to applied/ubuntu/gutsy

Author: Matthias Klose
Author Date: 2007-08-09 07:16:47 UTC

Import patches-applied version 7.16.4-2ubuntu1 to applied/ubuntu/gutsy

Imported using git-ubuntu import.

Changelog parent: 611406572915a85bfce10b27d7d630d4466b1a2f
Unapplied parent: e99f38a9b26bd194dee16dc1a233723b9a24d812

New changelog entries:
  * Merge with Debian; remaining changes:
    - Drop the stunnel build dependency.
  * Fixed regression with FTP sites not requesting PASS (closes: #435771).

ubuntu/edgy-security 2007-07-17 15:59:10 UTC 2007-07-17
Import patches-unapplied version 7.15.4-1ubuntu2.2 to ubuntu/edgy-security

Author: Kees Cook
Author Date: 2007-06-27 19:16:00 UTC

Import patches-unapplied version 7.15.4-1ubuntu2.2 to ubuntu/edgy-security

Imported using git-ubuntu import.

Changelog parent: a9819239be075a9872961da603b487feca82cdf7

New changelog entries:
  * lib/gtls.c: actually perform expiration and activation verifications
    (CVE-2007-3564).

applied/ubuntu/edgy-devel 2007-07-17 15:59:10 UTC 2007-07-17
Import patches-applied version 7.15.4-1ubuntu2.2 to applied/ubuntu/edgy-security

Author: Kees Cook
Author Date: 2007-06-27 19:16:00 UTC

Import patches-applied version 7.15.4-1ubuntu2.2 to applied/ubuntu/edgy-security

Imported using git-ubuntu import.

Changelog parent: eac00d788d2ecc048a81bd213f30deaeda3d3649
Unapplied parent: 916053c81a6a06198e9933c225cd932c3da4eb84

New changelog entries:
  * lib/gtls.c: actually perform expiration and activation verifications
    (CVE-2007-3564).

applied/ubuntu/edgy-security 2007-07-17 15:59:10 UTC 2007-07-17
Import patches-applied version 7.15.4-1ubuntu2.2 to applied/ubuntu/edgy-security

Author: Kees Cook
Author Date: 2007-06-27 19:16:00 UTC

Import patches-applied version 7.15.4-1ubuntu2.2 to applied/ubuntu/edgy-security

Imported using git-ubuntu import.

Changelog parent: eac00d788d2ecc048a81bd213f30deaeda3d3649
Unapplied parent: 916053c81a6a06198e9933c225cd932c3da4eb84

New changelog entries:
  * lib/gtls.c: actually perform expiration and activation verifications
    (CVE-2007-3564).

applied/ubuntu/edgy-updates 2007-07-17 15:59:10 UTC 2007-07-17
Import patches-applied version 7.15.4-1ubuntu2.2 to applied/ubuntu/edgy-security

Author: Kees Cook
Author Date: 2007-06-27 19:16:00 UTC

Import patches-applied version 7.15.4-1ubuntu2.2 to applied/ubuntu/edgy-security

Imported using git-ubuntu import.

Changelog parent: eac00d788d2ecc048a81bd213f30deaeda3d3649
Unapplied parent: 916053c81a6a06198e9933c225cd932c3da4eb84

New changelog entries:
  * lib/gtls.c: actually perform expiration and activation verifications
    (CVE-2007-3564).

applied/ubuntu/feisty-updates 2007-07-17 15:59:10 UTC 2007-07-17
Import patches-applied version 7.15.5-1ubuntu2.1 to applied/ubuntu/feisty-sec...

Author: Kees Cook
Author Date: 2007-06-27 19:16:00 UTC

Import patches-applied version 7.15.5-1ubuntu2.1 to applied/ubuntu/feisty-security

Imported using git-ubuntu import.

Changelog parent: c992c1c113a0284874dd3db73042b1bd41a60518
Unapplied parent: 421efd6c7af2efbd62c42510c8158f4d91d55ba7

New changelog entries:
  * lib/gtls.c: actually perform expiration and activation verifications
    (CVE-2007-3564).

applied/ubuntu/feisty-security 2007-07-17 15:59:10 UTC 2007-07-17
Import patches-applied version 7.15.5-1ubuntu2.1 to applied/ubuntu/feisty-sec...

Author: Kees Cook
Author Date: 2007-06-27 19:16:00 UTC

Import patches-applied version 7.15.5-1ubuntu2.1 to applied/ubuntu/feisty-security

Imported using git-ubuntu import.

Changelog parent: c992c1c113a0284874dd3db73042b1bd41a60518
Unapplied parent: 421efd6c7af2efbd62c42510c8158f4d91d55ba7

New changelog entries:
  * lib/gtls.c: actually perform expiration and activation verifications
    (CVE-2007-3564).

applied/ubuntu/feisty-devel 2007-07-17 15:59:10 UTC 2007-07-17
Import patches-applied version 7.15.5-1ubuntu2.1 to applied/ubuntu/feisty-sec...

Author: Kees Cook
Author Date: 2007-06-27 19:16:00 UTC

Import patches-applied version 7.15.5-1ubuntu2.1 to applied/ubuntu/feisty-security

Imported using git-ubuntu import.

Changelog parent: c992c1c113a0284874dd3db73042b1bd41a60518
Unapplied parent: 421efd6c7af2efbd62c42510c8158f4d91d55ba7

New changelog entries:
  * lib/gtls.c: actually perform expiration and activation verifications
    (CVE-2007-3564).

ubuntu/feisty-updates 2007-07-17 15:59:10 UTC 2007-07-17
Import patches-unapplied version 7.15.5-1ubuntu2.1 to ubuntu/feisty-security

Author: Kees Cook
Author Date: 2007-06-27 19:16:00 UTC

Import patches-unapplied version 7.15.5-1ubuntu2.1 to ubuntu/feisty-security

Imported using git-ubuntu import.

Changelog parent: 340379135fb5cff03aed600839b6469290be1486

New changelog entries:
  * lib/gtls.c: actually perform expiration and activation verifications
    (CVE-2007-3564).

ubuntu/edgy-updates 2007-07-17 15:59:10 UTC 2007-07-17
Import patches-unapplied version 7.15.4-1ubuntu2.2 to ubuntu/edgy-security

Author: Kees Cook
Author Date: 2007-06-27 19:16:00 UTC

Import patches-unapplied version 7.15.4-1ubuntu2.2 to ubuntu/edgy-security

Imported using git-ubuntu import.

Changelog parent: a9819239be075a9872961da603b487feca82cdf7

New changelog entries:
  * lib/gtls.c: actually perform expiration and activation verifications
    (CVE-2007-3564).

ubuntu/feisty-devel 2007-07-17 15:59:10 UTC 2007-07-17
Import patches-unapplied version 7.15.5-1ubuntu2.1 to ubuntu/feisty-security

Author: Kees Cook
Author Date: 2007-06-27 19:16:00 UTC

Import patches-unapplied version 7.15.5-1ubuntu2.1 to ubuntu/feisty-security

Imported using git-ubuntu import.

Changelog parent: 340379135fb5cff03aed600839b6469290be1486

New changelog entries:
  * lib/gtls.c: actually perform expiration and activation verifications
    (CVE-2007-3564).

ubuntu/edgy-devel 2007-07-17 15:59:10 UTC 2007-07-17
Import patches-unapplied version 7.15.4-1ubuntu2.2 to ubuntu/edgy-security

Author: Kees Cook
Author Date: 2007-06-27 19:16:00 UTC

Import patches-unapplied version 7.15.4-1ubuntu2.2 to ubuntu/edgy-security

Imported using git-ubuntu import.

Changelog parent: a9819239be075a9872961da603b487feca82cdf7

New changelog entries:
  * lib/gtls.c: actually perform expiration and activation verifications
    (CVE-2007-3564).

ubuntu/feisty-security 2007-07-17 15:59:10 UTC 2007-07-17
Import patches-unapplied version 7.15.5-1ubuntu2.1 to ubuntu/feisty-security

Author: Kees Cook
Author Date: 2007-06-27 19:16:00 UTC

Import patches-unapplied version 7.15.5-1ubuntu2.1 to ubuntu/feisty-security

Imported using git-ubuntu import.

Changelog parent: 340379135fb5cff03aed600839b6469290be1486

New changelog entries:
  * lib/gtls.c: actually perform expiration and activation verifications
    (CVE-2007-3564).

ubuntu/feisty 2007-03-05 02:03:38 UTC 2007-03-05
Import patches-unapplied version 7.15.5-1ubuntu2 to ubuntu/feisty

Author: Matthias Klose
Author Date: 2007-03-05 01:14:05 UTC

Import patches-unapplied version 7.15.5-1ubuntu2 to ubuntu/feisty

Imported using git-ubuntu import.

Changelog parent: 96c19378396d82fcc28123290851fe7aad869ce5

New changelog entries:
  * Rebuild for changes in the amd64 toolchain.
  * Set Ubuntu maintainer address.

applied/ubuntu/feisty 2007-03-05 02:03:38 UTC 2007-03-05
Import patches-applied version 7.15.5-1ubuntu2 to applied/ubuntu/feisty

Author: Matthias Klose
Author Date: 2007-03-05 01:14:05 UTC

Import patches-applied version 7.15.5-1ubuntu2 to applied/ubuntu/feisty

Imported using git-ubuntu import.

Changelog parent: ac60402570240a7966ae45f970ffc3833a835e46
Unapplied parent: 340379135fb5cff03aed600839b6469290be1486

New changelog entries:
  * Rebuild for changes in the amd64 toolchain.
  * Set Ubuntu maintainer address.

applied/ubuntu/edgy-proposed 2007-01-23 16:03:17 UTC 2007-01-23
Import patches-applied version 7.15.4-1ubuntu2.1~proposed1 to applied/ubuntu/...

Author: Cody A.W. Somerville
Author Date: 2006-11-27 11:12:42 UTC

Import patches-applied version 7.15.4-1ubuntu2.1~proposed1 to applied/ubuntu/edgy-proposed

Imported using git-ubuntu import.

Changelog parent: 7eed1129fb1cdf635b95ccd0a3289b88d4d82e09
Unapplied parent: e50246c2a81b489b057d902c2837732dd22a9aff

New changelog entries:
  * lib/multi.c: Upstream patch to fix segmentation fault.
   (Closes Ubuntu: #68074, SRU bug #73447).
  * Reference: http://sourceforge.net/support/tracker.php?aid=1523466.

ubuntu/edgy-proposed 2007-01-23 16:03:17 UTC 2007-01-23
Import patches-unapplied version 7.15.4-1ubuntu2.1~proposed1 to ubuntu/edgy-p...

Author: Cody A.W. Somerville
Author Date: 2006-11-27 11:12:42 UTC

Import patches-unapplied version 7.15.4-1ubuntu2.1~proposed1 to ubuntu/edgy-proposed

Imported using git-ubuntu import.

Changelog parent: ff6b2876b92592e338b9a27780dc8d378a7a2c3b

New changelog entries:
  * lib/multi.c: Upstream patch to fix segmentation fault.
   (Closes Ubuntu: #68074, SRU bug #73447).
  * Reference: http://sourceforge.net/support/tracker.php?aid=1523466.

applied/ubuntu/edgy 2006-07-04 15:14:58 UTC 2006-07-04
Import patches-applied version 7.15.4-1ubuntu2 to applied/ubuntu/edgy

Author: Martin Pitt
Author Date: 2006-07-04 13:23:50 UTC

Import patches-applied version 7.15.4-1ubuntu2 to applied/ubuntu/edgy

Imported using git-ubuntu import.

Changelog parent: 059a1a224b4e84b99b3c03e072ba5c8a8c4795f1
Unapplied parent: ff6b2876b92592e338b9a27780dc8d378a7a2c3b

New changelog entries:
  * Bump libgnutls-dev dependency to >= 1.4 to build against gnutls13.

ubuntu/edgy 2006-07-04 15:14:58 UTC 2006-07-04
Import patches-unapplied version 7.15.4-1ubuntu2 to ubuntu/edgy

Author: Martin Pitt
Author Date: 2006-07-04 13:23:50 UTC

Import patches-unapplied version 7.15.4-1ubuntu2 to ubuntu/edgy

Imported using git-ubuntu import.

Changelog parent: 279a4b5fa2d343fea884af916f645655995ee72f

New changelog entries:
  * Bump libgnutls-dev dependency to >= 1.4 to build against gnutls13.

applied/ubuntu/dapper 2006-03-20 10:02:31 UTC 2006-03-20
Import patches-applied version 7.15.1-1ubuntu2 to applied/ubuntu/dapper

Author: Martin Pitt
Author Date: 2006-03-16 10:30:25 UTC

Import patches-applied version 7.15.1-1ubuntu2 to applied/ubuntu/dapper

Imported using git-ubuntu import.

Changelog parent: ff9ee2277d43cf4895049161b4a313d3057a7e3d
Unapplied parent: 031b35975cb513b808fcb14e64dec193c394dc4a

New changelog entries:
  * SECURITY UPDATE: Arbitrary remote code execution with long tftp:// URLs.
  * lib/tftp.c: Fix unbounded sprintf() to avoid buffer overflow. Thanks to
    Ulf Harnhammar for discovering this.
  * CVE-2006-1061

ubuntu/dapper 2006-03-20 10:02:31 UTC 2006-03-20
Import patches-unapplied version 7.15.1-1ubuntu2 to ubuntu/dapper

Author: Martin Pitt
Author Date: 2006-03-16 10:30:25 UTC

Import patches-unapplied version 7.15.1-1ubuntu2 to ubuntu/dapper

Imported using git-ubuntu import.

Changelog parent: ef4fe1f338b87fccbe6e279227c8422c40f55943

New changelog entries:
  * SECURITY UPDATE: Arbitrary remote code execution with long tftp:// URLs.
  * lib/tftp.c: Fix unbounded sprintf() to avoid buffer overflow. Thanks to
    Ulf Harnhammar for discovering this.
  * CVE-2006-1061

applied/ubuntu/breezy-devel 2005-12-21 15:57:16 UTC 2005-12-21
Import patches-applied version 7.14.0-2ubuntu1.2 to applied/ubuntu/breezy-sec...

Author: Martin Pitt
Author Date: 2005-12-12 14:01:23 UTC

Import patches-applied version 7.14.0-2ubuntu1.2 to applied/ubuntu/breezy-security

Imported using git-ubuntu import.

Changelog parent: d38dd50b28912714c77349c9e3c6c3db873f6ef7
Unapplied parent: 7845bd749a52564a4c825be66562056a0ab14f2e

New changelog entries:
  * SECURITY UPDATE:
  * lib/url.c: Allocate two extra bytes for short URL string to allow room for
    extra slash and 0 terminator.
  * CVE-2005-4077
  * SECURITY UPDATE: Remote arbitrary code execution.
  * lib/http_ntlm.c: Make sure that the user and domain strings fit in the
    target buffer before copying them there, to avoid buffer overflow.
  * CAN-2005-3185

ubuntu/breezy-devel 2005-12-21 15:57:16 UTC 2005-12-21
Import patches-unapplied version 7.14.0-2ubuntu1.2 to ubuntu/breezy-security

Author: Martin Pitt
Author Date: 2005-12-12 14:01:23 UTC

Import patches-unapplied version 7.14.0-2ubuntu1.2 to ubuntu/breezy-security

Imported using git-ubuntu import.

Changelog parent: e944418728e7953aaee0f5d7893d88b5b974f442

New changelog entries:
  * SECURITY UPDATE:
  * lib/url.c: Allocate two extra bytes for short URL string to allow room for
    extra slash and 0 terminator.
  * CVE-2005-4077
  * SECURITY UPDATE: Remote arbitrary code execution.
  * lib/http_ntlm.c: Make sure that the user and domain strings fit in the
    target buffer before copying them there, to avoid buffer overflow.
  * CAN-2005-3185

applied/ubuntu/breezy-security 2005-12-21 15:57:16 UTC 2005-12-21
Import patches-applied version 7.14.0-2ubuntu1.2 to applied/ubuntu/breezy-sec...

Author: Martin Pitt
Author Date: 2005-12-12 14:01:23 UTC

Import patches-applied version 7.14.0-2ubuntu1.2 to applied/ubuntu/breezy-security

Imported using git-ubuntu import.

Changelog parent: d38dd50b28912714c77349c9e3c6c3db873f6ef7
Unapplied parent: 7845bd749a52564a4c825be66562056a0ab14f2e

New changelog entries:
  * SECURITY UPDATE:
  * lib/url.c: Allocate two extra bytes for short URL string to allow room for
    extra slash and 0 terminator.
  * CVE-2005-4077
  * SECURITY UPDATE: Remote arbitrary code execution.
  * lib/http_ntlm.c: Make sure that the user and domain strings fit in the
    target buffer before copying them there, to avoid buffer overflow.
  * CAN-2005-3185

ubuntu/breezy-security 2005-12-21 15:57:16 UTC 2005-12-21
Import patches-unapplied version 7.14.0-2ubuntu1.2 to ubuntu/breezy-security

Author: Martin Pitt
Author Date: 2005-12-12 14:01:23 UTC

Import patches-unapplied version 7.14.0-2ubuntu1.2 to ubuntu/breezy-security

Imported using git-ubuntu import.

Changelog parent: e944418728e7953aaee0f5d7893d88b5b974f442

New changelog entries:
  * SECURITY UPDATE:
  * lib/url.c: Allocate two extra bytes for short URL string to allow room for
    extra slash and 0 terminator.
  * CVE-2005-4077
  * SECURITY UPDATE: Remote arbitrary code execution.
  * lib/http_ntlm.c: Make sure that the user and domain strings fit in the
    target buffer before copying them there, to avoid buffer overflow.
  * CAN-2005-3185

ubuntu/breezy 2005-12-21 04:48:49 UTC 2005-12-21
Import patches-unapplied version 7.14.0-2ubuntu1 to ubuntu/breezy

Author: Matthias Klose
Author Date: 2005-07-26 17:03:01 UTC

Import patches-unapplied version 7.14.0-2ubuntu1 to ubuntu/breezy

Imported using git-ubuntu import.

Changelog parent: 160bea347f867d4094ffc7dcca1fb3ff3d1a2a4c

New changelog entries:
  * Synchronize with Debian.
  * Rebuilt and uploaded to unstable.
  * New upstream release.
  * HTTP response headers with null bytes are now correctly managed
    (closes: #310948).
  * Fixed conditional build of package libcurl3-gssapi
    (closes: #303939, #303953).
  * New upstream release:
    - fixed curl man page typos (closes: #302820).
  * Fixed hanging of some SSL connections (closes: #302366).
  * Rebuilt to get the correct libidn11 dependency (closes: #299348).
  * Added some missing documentation files (closes: #298855).
  * New upstream release.
  * Bumped up shlibs version for libcurl3 because of new curl options.
  * Fixed NTLM Authentication buffer overflow (closes: #296678).
    Patch courtesy of Daniel Stenberg. This handles CAN-2005-0490.
  * Removed libcurl2* packages and all the scary stuff used to build them
    (closes: #274631).
  * New upstream release.
  * libcurl3 now suggests package libldap2-dev to enable support for
    LDAP protocol.
  * Bumped up shlibs version for libcurl3 because of new curl options.

applied/ubuntu/breezy 2005-12-21 04:48:49 UTC 2005-12-21
Import patches-applied version 7.14.0-2ubuntu1 to applied/ubuntu/breezy

Author: Matthias Klose
Author Date: 2005-07-26 17:03:01 UTC

Import patches-applied version 7.14.0-2ubuntu1 to applied/ubuntu/breezy

Imported using git-ubuntu import.

Changelog parent: 55b559e9f609ffff0b5a5eda89faa7a0faf6af62
Unapplied parent: e944418728e7953aaee0f5d7893d88b5b974f442

New changelog entries:
  * Synchronize with Debian.
  * Rebuilt and uploaded to unstable.
  * New upstream release.
  * HTTP response headers with null bytes are now correctly managed
    (closes: #310948).
  * Fixed conditional build of package libcurl3-gssapi
    (closes: #303939, #303953).
  * New upstream release:
    - fixed curl man page typos (closes: #302820).
  * Fixed hanging of some SSL connections (closes: #302366).
  * Rebuilt to get the correct libidn11 dependency (closes: #299348).
  * Added some missing documentation files (closes: #298855).
  * New upstream release.
  * Bumped up shlibs version for libcurl3 because of new curl options.
  * Fixed NTLM Authentication buffer overflow (closes: #296678).
    Patch courtesy of Daniel Stenberg. This handles CAN-2005-0490.
  * Removed libcurl2* packages and all the scary stuff used to build them
    (closes: #274631).
  * New upstream release.
  * libcurl3 now suggests package libldap2-dev to enable support for
    LDAP protocol.
  * Bumped up shlibs version for libcurl3 because of new curl options.

ubuntu/hoary-devel 2005-12-21 03:50:12 UTC 2005-12-21
Import patches-unapplied version 7.12.3-2ubuntu3.5 to ubuntu/hoary-security

Author: Martin Pitt
Author Date: 2005-12-12 17:48:09 UTC

Import patches-unapplied version 7.12.3-2ubuntu3.5 to ubuntu/hoary-security

Imported using git-ubuntu import.

Changelog parent: 160bea347f867d4094ffc7dcca1fb3ff3d1a2a4c

New changelog entries:
  * debian/rules: Bump libcurl2 version.
  * Fix debian/to-curl-7.11.2.diff to apply against patched source.
  * SECURITY UPDATE: Local arbitrary code execution.
  * lib/url.c: Allocate two extra bytes for short URL string to allow room for
    extra slash and 0 terminator.
  * CVE-2005-4077
  * debian/rules: Bump the libcurl2 version number.
  * SECURITY UPDATE: Remote arbitrary code execution.
  * lib/http_ntlm.c: Make sure that the user and domain strings fit in the
    target buffer before copying them there, to avoid buffer overflow.
  * CAN-2005-3185

applied/ubuntu/hoary-security 2005-12-21 03:50:12 UTC 2005-12-21
Import patches-applied version 7.12.3-2ubuntu3.5 to applied/ubuntu/hoary-secu...

Author: Martin Pitt
Author Date: 2005-12-12 17:48:09 UTC

Import patches-applied version 7.12.3-2ubuntu3.5 to applied/ubuntu/hoary-security

Imported using git-ubuntu import.

Changelog parent: 55b559e9f609ffff0b5a5eda89faa7a0faf6af62
Unapplied parent: 734ef35a3bcff25eba8910d9ff6eba68ac85108c

New changelog entries:
  * debian/rules: Bump libcurl2 version.
  * Fix debian/to-curl-7.11.2.diff to apply against patched source.
  * SECURITY UPDATE: Local arbitrary code execution.
  * lib/url.c: Allocate two extra bytes for short URL string to allow room for
    extra slash and 0 terminator.
  * CVE-2005-4077
  * debian/rules: Bump the libcurl2 version number.
  * SECURITY UPDATE: Remote arbitrary code execution.
  * lib/http_ntlm.c: Make sure that the user and domain strings fit in the
    target buffer before copying them there, to avoid buffer overflow.
  * CAN-2005-3185

applied/ubuntu/hoary-devel 2005-12-21 03:50:12 UTC 2005-12-21
Import patches-applied version 7.12.3-2ubuntu3.5 to applied/ubuntu/hoary-secu...

Author: Martin Pitt
Author Date: 2005-12-12 17:48:09 UTC

Import patches-applied version 7.12.3-2ubuntu3.5 to applied/ubuntu/hoary-security

Imported using git-ubuntu import.

Changelog parent: 55b559e9f609ffff0b5a5eda89faa7a0faf6af62
Unapplied parent: 734ef35a3bcff25eba8910d9ff6eba68ac85108c

New changelog entries:
  * debian/rules: Bump libcurl2 version.
  * Fix debian/to-curl-7.11.2.diff to apply against patched source.
  * SECURITY UPDATE: Local arbitrary code execution.
  * lib/url.c: Allocate two extra bytes for short URL string to allow room for
    extra slash and 0 terminator.
  * CVE-2005-4077
  * debian/rules: Bump the libcurl2 version number.
  * SECURITY UPDATE: Remote arbitrary code execution.
  * lib/http_ntlm.c: Make sure that the user and domain strings fit in the
    target buffer before copying them there, to avoid buffer overflow.
  * CAN-2005-3185

ubuntu/hoary-security 2005-12-21 03:50:12 UTC 2005-12-21
Import patches-unapplied version 7.12.3-2ubuntu3.5 to ubuntu/hoary-security

Author: Martin Pitt
Author Date: 2005-12-12 17:48:09 UTC

Import patches-unapplied version 7.12.3-2ubuntu3.5 to ubuntu/hoary-security

Imported using git-ubuntu import.

Changelog parent: 160bea347f867d4094ffc7dcca1fb3ff3d1a2a4c

New changelog entries:
  * debian/rules: Bump libcurl2 version.
  * Fix debian/to-curl-7.11.2.diff to apply against patched source.
  * SECURITY UPDATE: Local arbitrary code execution.
  * lib/url.c: Allocate two extra bytes for short URL string to allow room for
    extra slash and 0 terminator.
  * CVE-2005-4077
  * debian/rules: Bump the libcurl2 version number.
  * SECURITY UPDATE: Remote arbitrary code execution.
  * lib/http_ntlm.c: Make sure that the user and domain strings fit in the
    target buffer before copying them there, to avoid buffer overflow.
  * CAN-2005-3185

ubuntu/hoary 2005-12-20 20:44:33 UTC 2005-12-20
Import patches-unapplied version 7.12.3-2ubuntu3 to ubuntu/hoary

Author: LaMont Jones
Author Date: 2005-03-24 01:41:29 UTC

Import patches-unapplied version 7.12.3-2ubuntu3 to ubuntu/hoary

Imported using git-ubuntu import.

Changelog parent: aaec69d8d12e23cbafa40a142bcef34b5d9ccfbc

New changelog entries:
  * Fix the version numbers internal to debian/rules. Closes; #8088
  * Remove build dependency on stunnel (blacklisted on the buildd's).
    Addresses Ubuntu #6552.
  * Adjust 7.11.2 diff, causing build failure.
  * SECURITY UPDATE: Fix remote buffer overflow.
  * lib/http_ntlm.c, Curl_input_ntlm(): Replace static 1024 byte "buffer" with
    a dynamically allocated one to avoid overflows by malicious long NTLM
    payloads.
  * References:
    CAN-2005-0490
    http://www.idefense.com/application/poi/display?id=202&type=vulnerabilities
  * Note: Kerberos 4 is disabled, so we are not vulnerable against
    http://www.idefense.com/application/poi/display?id=203&type=vulnerabilities
  * Disabled test suite on m68k, it stalls.
  * New upstream release:
    - fixed debug tracing to network socket is stderr is closed
      (closes: #278691).
  * Applied patch to fix getpass license problems (closes: #286794).
    Patch courtesy of Daniel Stenberg.
  * Bumped up shlibs version for libcurl3 because of new curl options.
  * libcurl3-dbg package is now built by dh_strip --dbg-package
    (closes: #274710).
  * Added build dependency on libdb4.2-dev.
  * New upstream version.
  * Update diff to 7.11.2.
  * Add debian/watch file.
  * Add myself as a uploader.
  * New upstream release:
    - workaround for ASN1_STRING_to_UTF8 failing if input is already
      UTF-8 encoded (closes: #264711).
  * Bumped up shlibs version for libcurl3 because of the introduction
    of FTP 3rd party transfer support options.
  * In rebuilding the 7.11.2 tree starting from the 7.12.0 one,
    lib/getdate.y is patched before lib/getdate.c (closes: #262597).
  * Tests are performed only if build target and building host are the
    same and are not kfreebsd-gnu or knetbsd-gnu (closes: #261591).
  * On hurd-i386 libcurl3-gssapi is not built.
  * Added build dependency on groff-base to really build the built-in
    manual.
  * libcurl3 now replaces old libcurl2 versions (closes: #255262).
  * Enabled curl's built-in manual.
  * configure script for 7.11.2 is now managed correctly.
  * libcurl2 uses curl-ca-bundle-7.11.2.crt (closes: #255262).
    Yes, it is a hack to not add libcurl-common package right now.
  * Version 7.12.0 is back with proper libcurl3* packages.
  * libcurl2* 7.11.2 packages are still provided (closes: #252879).
  * Enabled again the support for libidn.

applied/ubuntu/hoary 2005-12-20 20:44:33 UTC 2005-12-20
Import patches-applied version 7.12.3-2ubuntu3 to applied/ubuntu/hoary

Author: LaMont Jones
Author Date: 2005-03-24 01:41:29 UTC

Import patches-applied version 7.12.3-2ubuntu3 to applied/ubuntu/hoary

Imported using git-ubuntu import.

Changelog parent: e2e9b16d4d89ad6643de030866f7b2b578cd79d7
Unapplied parent: 160bea347f867d4094ffc7dcca1fb3ff3d1a2a4c

New changelog entries:
  * Fix the version numbers internal to debian/rules. Closes; #8088
  * Remove build dependency on stunnel (blacklisted on the buildd's).
    Addresses Ubuntu #6552.
  * Adjust 7.11.2 diff, causing build failure.
  * SECURITY UPDATE: Fix remote buffer overflow.
  * lib/http_ntlm.c, Curl_input_ntlm(): Replace static 1024 byte "buffer" with
    a dynamically allocated one to avoid overflows by malicious long NTLM
    payloads.
  * References:
    CAN-2005-0490
    http://www.idefense.com/application/poi/display?id=202&type=vulnerabilities
  * Note: Kerberos 4 is disabled, so we are not vulnerable against
    http://www.idefense.com/application/poi/display?id=203&type=vulnerabilities
  * Disabled test suite on m68k, it stalls.
  * New upstream release:
    - fixed debug tracing to network socket is stderr is closed
      (closes: #278691).
  * Applied patch to fix getpass license problems (closes: #286794).
    Patch courtesy of Daniel Stenberg.
  * Bumped up shlibs version for libcurl3 because of new curl options.
  * libcurl3-dbg package is now built by dh_strip --dbg-package
    (closes: #274710).
  * Added build dependency on libdb4.2-dev.
  * New upstream version.
  * Update diff to 7.11.2.
  * Add debian/watch file.
  * Add myself as a uploader.
  * New upstream release:
    - workaround for ASN1_STRING_to_UTF8 failing if input is already
      UTF-8 encoded (closes: #264711).
  * Bumped up shlibs version for libcurl3 because of the introduction
    of FTP 3rd party transfer support options.
  * In rebuilding the 7.11.2 tree starting from the 7.12.0 one,
    lib/getdate.y is patched before lib/getdate.c (closes: #262597).
  * Tests are performed only if build target and building host are the
    same and are not kfreebsd-gnu or knetbsd-gnu (closes: #261591).
  * On hurd-i386 libcurl3-gssapi is not built.
  * Added build dependency on groff-base to really build the built-in
    manual.
  * libcurl3 now replaces old libcurl2 versions (closes: #255262).
  * Enabled curl's built-in manual.
  * configure script for 7.11.2 is now managed correctly.
  * libcurl2 uses curl-ca-bundle-7.11.2.crt (closes: #255262).
    Yes, it is a hack to not add libcurl-common package right now.
  * Version 7.12.0 is back with proper libcurl3* packages.
  * libcurl2* 7.11.2 packages are still provided (closes: #252879).
  * Enabled again the support for libidn.

applied/ubuntu/warty-security 2005-12-20 20:08:20 UTC 2005-12-20
Import patches-applied version 7.12.0.is.7.11.2-1ubuntu0.3 to applied/ubuntu/...

Author: Martin Pitt
Author Date: 2005-12-12 14:22:32 UTC

Import patches-applied version 7.12.0.is.7.11.2-1ubuntu0.3 to applied/ubuntu/warty-security

Imported using git-ubuntu import.

Changelog parent: e2e9b16d4d89ad6643de030866f7b2b578cd79d7
Unapplied parent: 9cd34c851f352e2edaefd82a0fb46b119aaa72b4

New changelog entries:
  * SECURITY UPDATE: Local arbitrary code execution.
  * lib/url.c: Allocate two extra bytes for short URL string to allow room for
    extra slash and 0 terminator.
  * CVE-2005-4077
  * SECURITY UPDATE: Remote arbitrary code execution.
  * lib/http_ntlm.c: Make sure that the user and domain strings fit in the
    target buffer before copying them there, to avoid buffer overflow.
  * CAN-2005-3185
  * SECURITY UPDATE: Fix remote buffer overflow.
  * lib/http_ntlm.c, Curl_input_ntlm(): Replace static 1024 byte "buffer" with
    a dynamically allocated one to avoid overflows by malicious long NTLM
    payloads.
  * References:
    CAN-2005-0490
    http://www.idefense.com/application/poi/display?id=202&type=vulnerabilities
  * Note: Kerberos authentication is disabled, so we are not vulnerable
    against
    http://www.idefense.com/application/poi/display?id=203&type=vulnerabilities

ubuntu/warty-security 2005-12-20 20:08:20 UTC 2005-12-20
Import patches-unapplied version 7.12.0.is.7.11.2-1ubuntu0.3 to ubuntu/warty-...

Author: Martin Pitt
Author Date: 2005-12-12 14:22:32 UTC

Import patches-unapplied version 7.12.0.is.7.11.2-1ubuntu0.3 to ubuntu/warty-security

Imported using git-ubuntu import.

Changelog parent: aaec69d8d12e23cbafa40a142bcef34b5d9ccfbc

New changelog entries:
  * SECURITY UPDATE: Local arbitrary code execution.
  * lib/url.c: Allocate two extra bytes for short URL string to allow room for
    extra slash and 0 terminator.
  * CVE-2005-4077
  * SECURITY UPDATE: Remote arbitrary code execution.
  * lib/http_ntlm.c: Make sure that the user and domain strings fit in the
    target buffer before copying them there, to avoid buffer overflow.
  * CAN-2005-3185
  * SECURITY UPDATE: Fix remote buffer overflow.
  * lib/http_ntlm.c, Curl_input_ntlm(): Replace static 1024 byte "buffer" with
    a dynamically allocated one to avoid overflows by malicious long NTLM
    payloads.
  * References:
    CAN-2005-0490
    http://www.idefense.com/application/poi/display?id=202&type=vulnerabilities
  * Note: Kerberos authentication is disabled, so we are not vulnerable
    against
    http://www.idefense.com/application/poi/display?id=203&type=vulnerabilities

applied/ubuntu/warty-devel 2005-12-20 20:08:20 UTC 2005-12-20
Import patches-applied version 7.12.0.is.7.11.2-1ubuntu0.3 to applied/ubuntu/...

Author: Martin Pitt
Author Date: 2005-12-12 14:22:32 UTC

Import patches-applied version 7.12.0.is.7.11.2-1ubuntu0.3 to applied/ubuntu/warty-security

Imported using git-ubuntu import.

Changelog parent: e2e9b16d4d89ad6643de030866f7b2b578cd79d7
Unapplied parent: 9cd34c851f352e2edaefd82a0fb46b119aaa72b4

New changelog entries:
  * SECURITY UPDATE: Local arbitrary code execution.
  * lib/url.c: Allocate two extra bytes for short URL string to allow room for
    extra slash and 0 terminator.
  * CVE-2005-4077
  * SECURITY UPDATE: Remote arbitrary code execution.
  * lib/http_ntlm.c: Make sure that the user and domain strings fit in the
    target buffer before copying them there, to avoid buffer overflow.
  * CAN-2005-3185
  * SECURITY UPDATE: Fix remote buffer overflow.
  * lib/http_ntlm.c, Curl_input_ntlm(): Replace static 1024 byte "buffer" with
    a dynamically allocated one to avoid overflows by malicious long NTLM
    payloads.
  * References:
    CAN-2005-0490
    http://www.idefense.com/application/poi/display?id=202&type=vulnerabilities
  * Note: Kerberos authentication is disabled, so we are not vulnerable
    against
    http://www.idefense.com/application/poi/display?id=203&type=vulnerabilities

ubuntu/warty-devel 2005-12-20 20:08:20 UTC 2005-12-20
Import patches-unapplied version 7.12.0.is.7.11.2-1ubuntu0.3 to ubuntu/warty-...

Author: Martin Pitt
Author Date: 2005-12-12 14:22:32 UTC

Import patches-unapplied version 7.12.0.is.7.11.2-1ubuntu0.3 to ubuntu/warty-security

Imported using git-ubuntu import.

Changelog parent: aaec69d8d12e23cbafa40a142bcef34b5d9ccfbc

New changelog entries:
  * SECURITY UPDATE: Local arbitrary code execution.
  * lib/url.c: Allocate two extra bytes for short URL string to allow room for
    extra slash and 0 terminator.
  * CVE-2005-4077
  * SECURITY UPDATE: Remote arbitrary code execution.
  * lib/http_ntlm.c: Make sure that the user and domain strings fit in the
    target buffer before copying them there, to avoid buffer overflow.
  * CAN-2005-3185
  * SECURITY UPDATE: Fix remote buffer overflow.
  * lib/http_ntlm.c, Curl_input_ntlm(): Replace static 1024 byte "buffer" with
    a dynamically allocated one to avoid overflows by malicious long NTLM
    payloads.
  * References:
    CAN-2005-0490
    http://www.idefense.com/application/poi/display?id=202&type=vulnerabilities
  * Note: Kerberos authentication is disabled, so we are not vulnerable
    against
    http://www.idefense.com/application/poi/display?id=203&type=vulnerabilities

ubuntu/warty 2005-12-20 14:25:59 UTC 2005-12-20
Import patches-unapplied version 7.12.0.is.7.11.2-1 to ubuntu/warty

Author: Domenico Andreoli
Author Date: 2004-06-04 17:09:25 UTC

Import patches-unapplied version 7.12.0.is.7.11.2-1 to ubuntu/warty

Imported using git-ubuntu import.

applied/ubuntu/warty 2005-12-20 14:25:59 UTC 2005-12-20
Import patches-applied version 7.12.0.is.7.11.2-1 to applied/ubuntu/warty

Author: Domenico Andreoli
Author Date: 2004-06-04 17:09:25 UTC

Import patches-applied version 7.12.0.is.7.11.2-1 to applied/ubuntu/warty

Imported using git-ubuntu import.

Unapplied parent: aaec69d8d12e23cbafa40a142bcef34b5d9ccfbc

201294 of 294 results

Other repositories

Name Last Modified
lp:ubuntu/+source/curl 2019-09-17
lp:~paelzer/ubuntu/+source/curl 2017-12-07
12 of 2 results
You can't create new repositories for curl in Ubuntu.