lp:ubuntu/dapper-updates/curl

Branch merges

Propose for merging

No branches dependent on this one.

Related source package recipes

No recipes using this branch. (?)

Create packaging recipe

Related snap packages

Related bugs

Related blueprints

10. By Kees Cook on 2009-08-13

* SECURITY UPDATE: SSL cert hostname checking bypass with NULL byte.
  - lib/ssluse.c: backported upstream changes, applied inline.
  - CVE-2009-2417

9. By Marc Deslauriers on 2009-02-26

* SECURITY UPDATE: Local file exposure via redirect
  - docs/libcurl/curl_easy_setopt.3, include/curl/curl.h, lib/{easy,url}.c
    and lib/urldata.h: add logic to limit what protocols curl will
    automatically follow via a redirect. By default, it now follows all
    protocols except FILE.
  - http://curl.haxx.se/CVE-2009-0037/curl-7.15.1-CVE-2009-0037.patch
  - CVE-2009-0037

8. By Kees Cook on 2007-06-27

lib/gtls.c: actually perform expiration and activation verifications
(CVE-2007-3564).

7. By Martin Pitt on 2006-03-16

* SECURITY UPDATE: Arbitrary remote code execution with long tftp:// URLs.
* lib/tftp.c: Fix unbounded sprintf() to avoid buffer overflow. Thanks to
  Ulf Harnhammar for discovering this.
* CVE-2006-1061

6. By Martin Pitt on 2005-12-12

Resynchronise with Debian to get URL parser overflow fix from 7.15.1
(CVE-2005-4077).

5. By Matthias Klose on 2005-07-26

Synchronize with Debian.

4. By LaMont Jones on 2005-03-23

Fix the version numbers internal to debian/rules. Closes; #8088

3. By Domenico Andreoli on 2004-06-04

* Reverted to version 7.11.2 (closes: #252348).
* Disabled support for libidn (closes: #252367). This is to leave
  curl in unstable as much similar as possible to the one in testing.

2. By Domenico Andreoli on 2002-03-12

* New upstream version (Closes: #134608).
* Added autotools-dev to the build dependencies. config.{guess,sub}
  can now be updated automatically in the build process.

1. By Domenico Andreoli on 2002-03-12

Import upstream version 7.9.5