ubuntu/+source/curl:applied/debian/jessie

Last commit made on 2018-06-23
Get this branch:
git clone -b applied/debian/jessie https://git.launchpad.net/ubuntu/+source/curl
Members of Ubuntu Server Dev import team can upload to this branch. Log in for directions.

Branch merges

Branch information

Name:
applied/debian/jessie
Repository:
lp:ubuntu/+source/curl

Recent commits

6b5082e... by Alessandro Ghedini on 2018-05-15

Import patches-applied version 7.38.0-4+deb8u11 to applied/debian/jessie

Imported using git-ubuntu import.

Changelog parent: 01125cbd2b9c8e2d6c86fdb934d9c80a7b53459e
Unapplied parent: 896568dac13c1d39e82ca3db9239d1daddf9688f

New changelog entries:
  * Fix heap buffer over-read when parsing bad RTSP headers
    as per CVE-2018-1000301
    https://curl.haxx.se/docs/adv_2018-b138.html
  * Fix NIL byte out of bounds write due to FTP path trickery
    as per CVE-2018-1000120
    https://curl.haxx.se/docs/adv_2018-9cd6.html
  * Fix LDAP NULL pointer dereference as per CVE-2018-1000121
    https://curl.haxx.se/docs/adv_2018-97a2.html
  * Fix RTSP RTP buffer over-read as per CVE-2018-1000122
    https://curl.haxx.se/docs/adv_2018-b047.html
  * Fix HTTP authentication leak in redirects as per CVE-2018-1000007
    https://curl.haxx.se/docs/adv_2018-b3bf.html

896568d... by Alessandro Ghedini on 2018-05-15

Build with NSS.

Gbp-Pq: 99_nss.patch.

cac339a... by Alessandro Ghedini on 2018-05-15

Build with GnuTLS.

Gbp-Pq: 90_gnutls.patch.

29a3ac5... by Alessandro Ghedini on 2018-05-15

[PATCH] pingpong: fix response cache memcpy overflow

Gbp-Pq: 42_CVE-2018-1000301.patch.

9152462... by Alessandro Ghedini on 2018-05-15

[PATCH] readwrite: make sure excess reads don't go beyond buffer end

Gbp-Pq: 41_CVE-2018-1000122.patch.

b03bd29... by Alessandro Ghedini on 2018-05-15

[PATCH] openldap: check ldap_get_attribute_ber() results for NULL

Gbp-Pq: 40_CVE-2018-1000121.patch.

4db439c... by Alessandro Ghedini on 2018-05-15

[PATCH] FTP: reject path components with control codes

Gbp-Pq: 39_CVE-2018-1000120.patch.

d349c36... by Alessandro Ghedini on 2018-05-15

[PATCH] http: prevent custom Authorization headers in redirects

Gbp-Pq: 38_CVE-2018-1000007.patch.

f8fe2a6... by Alessandro Ghedini on 2018-05-15

[PATCH] wildcardmatch: fix heap buffer overflow in setcharset

Gbp-Pq: 37_CVE-2017-8817.patch.

b2b1143... by Alessandro Ghedini on 2018-05-15

[PATCH] ntlm: avoid integer overflow for malloc size

Gbp-Pq: 36_CVE-2017-8816.patch.