lp:debian/wheezy/curl
- Get this branch:
- bzr branch lp:debian/wheezy/curl
Branch information
- Owner:
- Ubuntu branches
- Status:
- Development
Recent revisions
- 45. By Alessandro Ghedini
-
* Fix re-using authenticated connection when unauthenticated
as per CVE-2015-3143
http://curl.haxx. se/docs/ adv_20150422A. html
* Fix Negotiate not treated as connection-oriented as per CVE-2015-3148
http://curl.haxx. se/docs/ adv_20150422B. html - 44. By Alessandro Ghedini
-
* Fix duphandle read out of bounds as per CVE-2014-3707
http://curl.haxx. se/docs/ adv_20141105. html
* Set urgency=high accordingly - 43. By Alessandro Ghedini
-
* Fix multiple security issues:
- Only use full host matches for hosts used as IP address
as per CVE-2014-3613
- Reject incoming cookies set for TLDs as per CVE-2014-3620
* Set urgency=high accordingly - 42. By Alessandro Ghedini
-
* Fix multiple security issues (Closes: #742728):
- Fix connection re-use when using different log-in credentials
as per CVE-2014-0138
http://curl.haxx. se/docs/ adv_20140326A. html
- Reject IP address wildcard matches as per CVE-2014-0139
http://curl.haxx. se/docs/ adv_20140326B. html
* Set urgency=high accordingly - 41. By Alessandro Ghedini
-
* Fix re-use of wrong HTTP NTLM connection as per CVE-2014-0015
http://curl.haxx. se/docs/ adv_20140129. html
* Set urgency=high accordingly - 40. By Alessandro Ghedini
-
Disable host verification too when using the --insecure option
(Closes: #729965) - 38. By Alessandro Ghedini
-
[ Alessandro Ghedini ]
* Fix cookie domain tailmatch as per CVE-2013-1944
http://curl.haxx. se/docs/ adv_20130412. html (Closes: #705274)
* Set urgency=high accordingly[ Salvatore Bonaccorso ]
* Add testcase for CVE-2013-1944 - 37. By Alessandro Ghedini
-
* Fix buffer overflow when negotiating SMTP DIGEST-MD5 authentication
as per CVE-2013-0249 (Closes: #700002)
http://curl.haxx. se/docs/ adv_20130206. html
* Set urgency=high accordingly - 36. By Alessandro Ghedini
-
* New upstream release
- Reject numerical IPv6 addresses outside brackets (Closes: #670126)
* Email change: Alessandro Ghedini -> <email address hidden>
* Stricter Depends on libcurl3 (Closes: #666089)
* Remove Ramakrishnan (as per his request), move myself to Maintainer
Thank you for all your work so far
* Disable memory tracking, but keep debug enabled
- Remove memdebug symbols (used by curl only)
* Refresh 01_runtests_gdb.patch, 90_gnutls.patch and 99_nss.patch
* Disable not-quite-working symbols hiding
Branch metadata
- Branch format:
- Branch format 7
- Repository format:
- Bazaar repository format 2a (needs bzr 1.16 or later)
- Stacked on:
- lp:debian/curl