Last commit made on 2019-09-11
Get this branch:
git clone -b applied/ubuntu/xenial-security https://git.launchpad.net/ubuntu/+source/curl
Members of Ubuntu Server Dev import team can upload to this branch. Log in for directions.

Branch merges

Branch information


Recent commits

fbbf775... by Alex Murray on 2019-09-06

Import patches-applied version 7.47.0-1ubuntu2.14 to applied/ubuntu/xenial-security

Imported using git-ubuntu import.

Changelog parent: dbb3afb8f015476824c22d84cbcd6c453f742885
Unapplied parent: 46bd4dd600f86dc7d3526e57d52a6137ee48a38e

New changelog entries:
  * SECURITY UPDATE: double-free when using kerberos over FTP may cause
    - debian/patches/CVE-2019-5481.patch: update lib/security.c to avoid
      double-free on large memory allocation failures
    - CVE-2019-5481
  * SECURITY UPDATE: heap buffer overflow when receiving TFTP data may
    cause denial-of-service or remote code-execution
    - debian/patches/CVE-2019-5482.patch: ensure to use the correct block
      size when calling recvfrom() if the server returns an OACK without
      specifying a block size in lib/tftp.c
    - CVE-2019-5482

Some recent commit information could not be fetched.