UbuntuUpdates.org

Package "curl"

Name: curl

Description:

command line tool for transferring data with URL syntax

Latest version: 7.58.0-2ubuntu3.3
Release: bionic (18.04)
Level: security
Repository: main
Homepage: http://curl.haxx.se

Links

Save this URL for the latest version of "curl": https://www.ubuntuupdates.org/curl


Download "curl"


Other versions of "curl" in Bionic

Repository Area Version
base main 7.58.0-2ubuntu3
updates main 7.58.0-2ubuntu3.3

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 7.58.0-2ubuntu3.3 2018-09-17 08:06:37 UTC

  curl (7.58.0-2ubuntu3.3) bionic-security; urgency=medium

  * SECURITY UPDATE: Buffer overrun
    - debian/patches/CVE-2018-14618.patch: fix in
      lib/curl_ntlm_core.c.
    - CVE-2018-14618

 -- <email address hidden> (Leonidas S. Barbosa) Thu, 13 Sep 2018 13:06:47 -0300

Source diff to previous version
CVE-2018-14618 curl before version 7.61.1 is vulnerable to a buffer overrun in the NTLM authentication code. The internal function Curl_ntlm_core_mk_nt_hash multipl

Version: 7.58.0-2ubuntu3.2 2018-07-11 14:07:16 UTC

  curl (7.58.0-2ubuntu3.2) bionic-security; urgency=medium

  * SECURITY UPDATE: SMTP send heap buffer overflow
    - debian/patches/CVE-2018-0500.patch: use the upload buffer size for
      scratch buffer malloc in lib/smtp.c.
    - CVE-2018-0500

 -- Marc Deslauriers <email address hidden> Wed, 04 Jul 2018 10:18:17 -0400

Source diff to previous version
CVE-2018-0500 SMTP send heap buffer overflow

Version: 7.58.0-2ubuntu3.1 2018-05-16 16:07:13 UTC

  curl (7.58.0-2ubuntu3.1) bionic-security; urgency=medium

  * SECURITY UPDATE: FTP shutdown response buffer overflow
    - debian/patches/CVE-2018-1000300.patch: check data size in
      lib/pingpong.c.
    - CVE-2018-1000303
  * SECURITY UPDATE: RTSP bad headers buffer over-read
    - debian/patches/CVE-2018-1000301.patch: restore buffer pointer when
      bad response-line is parsed in lib/http.c.
    - CVE-2018-1000301

 -- Marc Deslauriers <email address hidden> Tue, 08 May 2018 13:47:34 -0400

CVE-2018-1000300 FTP shutdown response buffer overflow
CVE-2018-1000301 RTSP bad headers buffer over-read



About   -   Send Feedback to @ubuntu_updates