lp:~ubuntu-branches/ubuntu/lucid/curl/lucid-201010031940
- Get this branch:
- bzr branch lp:~ubuntu-branches/ubuntu/lucid/curl/lucid-201010031940
Branch merges
Branch information
- Owner:
- Ubuntu branches
- Status:
- Development
Recent revisions
- 40. By Kees Cook
-
* SECURITY UPDATE: SSL cert hostname checking bypass with NULL byte.
- add debian/patches/ cert-null- cn: backported upstream changes.
- CVE-2009-2417 - 39. By Bhavani Shankar
-
* Merge from Debian unstable (LP: #380281), remaining changes:
- Drop build dependencies: stunnel, libdb4.6-dev, libssh2-1-dev
- Add build-dependency on openssh-server
- Drop libssh2-1-dev from libcurl4-openssl- dev's Depends.
- Call automake-1.9 with --add-missing --copy --force
* Fixes LP: #379477 - 38. By Michael Vogt
-
* Merge from debian unstable, remaining changes:
- Drop build dependencies: stunnel, libdb4.6-dev, libssh2-1-dev
- Add build-dependency on openssh-server
- Drop libssh2-1-dev from libcurl4-openssl- dev's Depends.
- Call automake-1.9 with --add-missing --copy --force
* drop debian/patches/ security_ CVE-2009- 0037.patch
- this patch is part of 7.19.4 - 37. By Marc Deslauriers
-
* SECURITY UPDATE: add fix for CVE-2009-0037 back in
- debian/patches/ security_ CVE-2009- 0037.patch: updated patch to add missing
section to lib/easy.c
- CVE-2009-0037 - 35. By Marc Deslauriers
-
* SECURITY UPDATE: Local file exposure via redirect
- debian/patches/ security_ CVE-2009- 0037.patch: add logic to lib/url.c and
lib/urldata.h to limit what protocols curl will automatically follow via a
redirect. By default, it now follows all protocols except FILE and SCP.
- CVE-2009-0037 - 34. By Bhavani Shankar
-
* Merge from debian unstable, remaining changes: LP: #314279
- Drop the stunnel build dependency.
- Drop the build-dependency on libdb4.5-dev
- Add build-dependency on openssh-server
- Call automake-1.9 with --add-missing --copy --force.
- Drop libssh2-1-dev from libcurl4-openssl- dev's Depends. - 33. By Michael Vogt
-
* drop change:
- "Added Recommends: on ca-certificate for curl package", libcurl3
has a depends on ca-certificates already
Branch metadata
- Branch format:
- Branch format 7
- Repository format:
- Bazaar repository format 2a (needs bzr 1.16 or later)
- Stacked on:
- lp:ubuntu/maverick/curl