ubuntu/+source/curl:applied/debian/stretch

Last commit made on 2019-02-16
Get this branch:
git clone -b applied/debian/stretch https://git.launchpad.net/ubuntu/+source/curl
Members of Ubuntu Server Dev import team can upload to this branch. Log in for directions.

Branch merges

Branch information

Name:
applied/debian/stretch
Repository:
lp:ubuntu/+source/curl

Recent commits

a592039... by Alessandro Ghedini on 2019-02-04

Import patches-applied version 7.52.1-5+deb9u9 to applied/debian/stretch

Imported using git-ubuntu import.

Changelog parent: 4529e3e06a61b3a45eaabecd26175ea5d37c4725
Unapplied parent: 762c78527bc489d44ae08c93f8f8df9643a91cee

New changelog entries:
  * Fix NTLM type-2 out-of-bounds buffer read as per CVE-2018-16890
    https://curl.haxx.se/docs/CVE-2018-16890.html
  * Fix NTLMv2 type-3 header stack buffer overflow as per CVE-2019-3822
    https://curl.haxx.se/docs/CVE-2019-3822.html
  * Fix SMTP end-of-response out-of-bounds read as per CVE-2019-3823
    https://curl.haxx.se/docs/CVE-2019-3823.html

762c785... by Alessandro Ghedini on 2019-02-04

Build with NSS.

Gbp-Pq: 99_nss.patch.

f021d43... by Alessandro Ghedini on 2019-02-04

Build with GnuTLS.

Gbp-Pq: 90_gnutls.patch.

87b8814... by Alessandro Ghedini on 2019-02-04

[PATCH 3/3] smtp: avoid risk of buffer overflow in strtol

Gbp-Pq: 34_CVE-2019-3823.patch.

b2da4cb... by Alessandro Ghedini on 2019-02-04

[PATCH 2/3] ntlm: fix *_type3_message size check to avoid buffer

Gbp-Pq: 33_CVE-2019-3822.patch.

5d015f9... by Alessandro Ghedini on 2019-02-04

[PATCH 1/3] NTLM: fix size check condition for type2 received data

Gbp-Pq: 32_CVE-2018-16890.patch.

5080b52... by Alessandro Ghedini on 2019-02-04

[PATCH] voutf: fix bad arethmetic when outputting warnings to stderr

Gbp-Pq: 31_CVE-2018-16842.patch.

31830ec... by Alessandro Ghedini on 2019-02-04

[PATCH] Curl_auth_create_plain_message: fix too-large-input-check

Gbp-Pq: 30_CVE-2018-16839.patch.

237f92f... by Alessandro Ghedini on 2019-02-04

[PATCH] Curl_ntlm_core_mk_nt_hash: return error on too long password

Gbp-Pq: 29_CVE-2018-14618.patch.

e9ada6e... by Alessandro Ghedini on 2019-02-04

[PATCH] pingpong: fix response cache memcpy overflow

Gbp-Pq: 28_CVE-2018-1000301.patch.