lp:ubuntu/utopic/curl
- Get this branch:
- bzr branch lp:ubuntu/utopic/curl
Branch merges
Branch information
- Owner:
- Ubuntu branches
- Status:
- Mature
Recent revisions
- 83. By Brian Murray
-
debian/
patches/ 09_fix- timeout- in-poll- and-wait. patch: apply upstream
commit fixing timeout return value for curl_poll and curl_wait_ms.
Thanks to Grzegorz Gutowski for finding the patch. (LP: #1375663) - 82. By Marc Deslauriers
-
* SECURITY UPDATE: incorrect cookie handling via partial literal IP
addresses
- debian/patches/ CVE-2014- 3613.patch: only use full host matches for
hosts used as IP address in lib/cookie.c, added tests to
tests/data/test1105, tests/data/test31, tests/data/test8.
- CVE-2014-3613
* SECURITY UPDATE: incorrect cookie handling for TLDs
- debian/patches/ CVE-2014- 3620.patch: reject incoming cookies set for
TLDs in lib/cookie.c, added test to tests/data/test61.
- CVE-2014-3620 - 81. By Gianfranco Costamagna
-
* Merge from Debian unstable (LP: #1348564). Remaining changes:
- Drop dependencies not in main:
+ Build-Depends: Drop stunnel4 and libssh2-1-dev.
+ Drop libssh2-1-dev from binary package Depends.
- Add new libcurl3-udeb package.
- Add new curl-udeb package. - 80. By Michael Vogt
-
* Merge from Debian unstable. Remaining changes:
- Drop dependencies not in main:
+ Build-Depends: Drop stunnel4 and libssh2-1-dev.
+ Drop libssh2-1-dev from binary package Depends.
- Add new libcurl3-udeb package.
- Add new curl-udeb package. - 78. By Michael Vogt
-
* Merge from Debian unstable. Remaining changes:
- Drop dependencies not in main:
+ Build-Depends: Drop stunnel4 and libssh2-1-dev.
+ Drop libssh2-1-dev from binary package Depends.
- Add new libcurl3-udeb package.
- Add new curl-udeb package. - 76. By Marc Deslauriers
-
* SECURITY UPDATE: wrong re-use of connections
- debian/patches/ CVE-2014- 0138.patch: fix possible issues with NTLM
HTTP logic, and extend new connection logic to other protocols in
lib/http.c, lib/url.c, lib/urldata.h, add new tests to
tests/data/Makefile. am, tests/data/ test1418, tests/data/ test1419.
- CVE-2014-0138
* SECURITY UPDATE: incorrect wildcard SSL certificate validation with
literal IP addresses
- debian/patches/ CVE-2014- 0139.patch: fix wildcard logic in
lib/hostcheck. c, added tests to tests/data/ Makefile. am,
tests/data/test1397, tests/unit/ Makefile. inc, tests/unit/ unit1397. c.
- CVE-2014-0139
* debian/patches/ fix_test172. path: fix expired cookie causing test to
fail. - 75. By Marc Deslauriers
-
* Resynchronize on Debian, remaining changes:
- Drop dependencies not in main:
+ Build-Depends: Drop stunnel4 and libssh2-1-dev.
+ Drop libssh2-1-dev from binary package Depends.
- Add new libcurl3-udeb package.
- Add new curl-udeb package. - 74. By Marc Deslauriers
-
* Resynchronize on Debian, remaining changes
- Drop dependencies not in main:
+ Build-Depends: Drop stunnel4 and libssh2-1-dev.
+ Drop libssh2-1-dev from binary package Depends.
- Add new libcurl3-udeb package.
- Add new curl-udeb package.
* Dropped undocumented Build-Depends change to automake1.9.
Branch metadata
- Branch format:
- Branch format 7
- Repository format:
- Bazaar repository format 2a (needs bzr 1.16 or later)
- Stacked on:
- lp:ubuntu/vivid/curl