ubuntu/+source/curl:applied/ubuntu/trusty-security

Last commit made on 2019-02-06
Get this branch:
git clone -b applied/ubuntu/trusty-security https://git.launchpad.net/ubuntu/+source/curl
Members of Ubuntu Server Dev import team can upload to this branch. Log in for directions.

Branch merges

Branch information

Name:
applied/ubuntu/trusty-security
Repository:
lp:ubuntu/+source/curl

Recent commits

0867665... by Marc Deslauriers on 2019-01-29

Import patches-applied version 7.35.0-1ubuntu2.20 to applied/ubuntu/trusty-security

Imported using git-ubuntu import.

Changelog parent: 279d527f1bdd56cab5c7fe7cd890204a2e8f639c
Unapplied parent: 32be159a8c0360e6447346c39919a1d8ea7d9aae

New changelog entries:
  * SECURITY UPDATE: SMTP end-of-response out-of-bounds read
    - debian/patches/CVE-2019-3823.patch: avoid risk of buffer overflow in
      strtol in lib/smtp.c.
    - CVE-2019-3823

32be159... by Marc Deslauriers on 2019-01-29

Build with NSS.

Gbp-Pq: 99_nss.patch.

b7fc146... by Marc Deslauriers on 2019-01-29

Build with GnuTLS.

Gbp-Pq: 90_gnutls.patch.

8e44ac9... by Marc Deslauriers on 2019-01-29

[PATCH 3/3] smtp: avoid risk of buffer overflow in strtol

Gbp-Pq: CVE-2019-3823.patch.

1a67581... by Marc Deslauriers on 2019-01-29

[PATCH] voutf: fix bad arethmetic when outputting warnings to stderr

Gbp-Pq: oob-read.patch.

158477c... by Marc Deslauriers on 2019-01-29

[PATCH] Curl_auth_create_plain_message: fix too-large-input-check

Gbp-Pq: CVE-2018-16839.patch.

90853b5... by Marc Deslauriers on 2019-01-29

[PATCH] vauth/cleartext: fix integer overflow check

Gbp-Pq: CVE-2018-16839-pre2.patch.

2749538... by Marc Deslauriers on 2019-01-29

[PATCH] Limit ASN.1 structure sizes to 256K. Prevent some allocation

Gbp-Pq: CVE-2018-16839-pre1.patch.

1a3635a... by Marc Deslauriers on 2019-01-29

[PATCH] Curl_ntlm_core_mk_nt_hash: return error on too long password

Gbp-Pq: CVE-2018-14618.patch.

5e5fd11... by Marc Deslauriers on 2019-01-29

[PATCH] http: restore buffer pointer when bad response-line is parsed

Gbp-Pq: CVE-2018-1000301.patch.