-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Tue, 13 Mar 2018 00:46:06 +0000 Source: curl Binary: curl libcurl3 libcurl3-gnutls libcurl3-nss libcurl4-openssl-dev libcurl4-gnutls-dev libcurl4-nss-dev libcurl3-dbg libcurl4-doc Architecture: armhf Version: 7.52.1-5+deb9u5 Distribution: stretch-security Urgency: high Maintainer: armhf / armel Build Daemon (hoiby) Changed-By: Alessandro Ghedini Description: curl - command line tool for transferring data with URL syntax libcurl3 - easy-to-use client-side URL transfer library (OpenSSL flavour) libcurl3-dbg - debugging symbols for libcurl (OpenSSL, GnuTLS and NSS flavours) libcurl3-gnutls - easy-to-use client-side URL transfer library (GnuTLS flavour) libcurl3-nss - easy-to-use client-side URL transfer library (NSS flavour) libcurl4-doc - documentation for libcurl libcurl4-gnutls-dev - development files and documentation for libcurl (GnuTLS flavour) libcurl4-nss-dev - development files and documentation for libcurl (NSS flavour) libcurl4-openssl-dev - development files and documentation for libcurl (OpenSSL flavour) Changes: curl (7.52.1-5+deb9u5) stretch-security; urgency=high . * Fix NIL byte out of bounds write due to FTP path trickery as per CVE-2018-1000120 https://curl.haxx.se/docs/adv_2018-9cd6.html * Fix LDAP NULL pointer dereference as per CVE-2018-1000121 https://curl.haxx.se/docs/adv_2018-97a2.html * Fix RTSP RTP buffer over-read as per CVE-2018-1000122 https://curl.haxx.se/docs/adv_2018-b047.html Checksums-Sha1: 2ba5231d6d6652b300951af4e971d77e1f350af2 129168 curl-dbgsym_7.52.1-5+deb9u5_armhf.deb 234ea91474a09c6b1c1bfae35a3bd73e4b718bb7 10318 curl_7.52.1-5+deb9u5_armhf.buildinfo efa966c70fad4d7fdb060dcd195c12951afbae45 223556 curl_7.52.1-5+deb9u5_armhf.deb 7402bb902fa80a5455f8ca337e5dab2ea0cd6e99 4934540 libcurl3-dbg_7.52.1-5+deb9u5_armhf.deb e20d058569dd0c517c6b04570bf47aad833eaf27 261816 libcurl3-gnutls_7.52.1-5+deb9u5_armhf.deb f46d081f8dd8216c10d21d8ae0de1c05cf7f352c 266624 libcurl3-nss_7.52.1-5+deb9u5_armhf.deb de4002ab4b2c6018a104e8dbbd0d22731de80ce8 263824 libcurl3_7.52.1-5+deb9u5_armhf.deb f47e94b1e45d23486dd61ab7ecef73c2df6fa1e0 348790 libcurl4-gnutls-dev_7.52.1-5+deb9u5_armhf.deb 24111b7f6fe9535b5c5b0f129263669e38f2cccf 354106 libcurl4-nss-dev_7.52.1-5+deb9u5_armhf.deb 1d853d1c9b27827740cee7f48d3bf2936c2d2764 350454 libcurl4-openssl-dev_7.52.1-5+deb9u5_armhf.deb Checksums-Sha256: 70c2a96a612ccda9d7a407282ed4cdb0d0d9ee97b24b65071419cdea564a4b8e 129168 curl-dbgsym_7.52.1-5+deb9u5_armhf.deb 8ece58c420ed763e128822f72ed4010ab980a8bf1c35923d1211c8094a6f0b7f 10318 curl_7.52.1-5+deb9u5_armhf.buildinfo dba75d1621e82d8fc408a9b941731b6172a78f10a58753f083d91bd6c4bfe372 223556 curl_7.52.1-5+deb9u5_armhf.deb 37a2ef8800214407d1d531b4cf9fe11cc521e3592f3ce47406b515425c4914fd 4934540 libcurl3-dbg_7.52.1-5+deb9u5_armhf.deb c9878e0483adaf7b38b23de7b4ee65bca9ed0c97cdc6af8350803b11ef3b07da 261816 libcurl3-gnutls_7.52.1-5+deb9u5_armhf.deb a1c0e43cca93b0e7a6a19509f8766efd20c22846b4cd1c449125f896e91b83f9 266624 libcurl3-nss_7.52.1-5+deb9u5_armhf.deb 4119a4003a3539a7130ad6c17caa3aba6cc7bfcc2f92950d418183af18e224df 263824 libcurl3_7.52.1-5+deb9u5_armhf.deb 0751e815c56e08f11951addc5dbfae1445f2707b945432fc3123921e6c43444a 348790 libcurl4-gnutls-dev_7.52.1-5+deb9u5_armhf.deb 6c4570cce303697e6ee09e6ad861f7cb857e1cb752152a2e60076edcfd6629f5 354106 libcurl4-nss-dev_7.52.1-5+deb9u5_armhf.deb 5e0e2d69b7160d6e66b1a7d9ac4dab2db2dfdf5b327feefce80d277d6bc0dd42 350454 libcurl4-openssl-dev_7.52.1-5+deb9u5_armhf.deb Files: 59d8a6c961ef3d94162104cdc6ac4341 129168 debug extra curl-dbgsym_7.52.1-5+deb9u5_armhf.deb e05f48ee7fadbc8324a6554c6ffa46ee 10318 web optional curl_7.52.1-5+deb9u5_armhf.buildinfo 5b25980dd9c50d29a0c7542b14c01d3f 223556 web optional curl_7.52.1-5+deb9u5_armhf.deb 53bc9ef350467f4e802ae450f4ff3a5a 4934540 debug extra libcurl3-dbg_7.52.1-5+deb9u5_armhf.deb f0fd95afbd19234817d05ea879494c5c 261816 libs optional libcurl3-gnutls_7.52.1-5+deb9u5_armhf.deb b4a5884deb8e3e642a091e86f36b0bf5 266624 libs optional libcurl3-nss_7.52.1-5+deb9u5_armhf.deb f4a84e278ac1342eec766ed0b68c4348 263824 libs optional libcurl3_7.52.1-5+deb9u5_armhf.deb 4e6c3aa1e9ef015a680bd3667c653aa8 348790 libdevel optional libcurl4-gnutls-dev_7.52.1-5+deb9u5_armhf.deb c6a75cc841d026b5b08efe31771a75a8 354106 libdevel optional libcurl4-nss-dev_7.52.1-5+deb9u5_armhf.deb 20c6b02d1e9c84fcee8b8d3d5f09fb4d 350454 libdevel optional libcurl4-openssl-dev_7.52.1-5+deb9u5_armhf.deb -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEVYCP4cbgoWh38jdBrdWfmkaD7C0FAlqoc1gACgkQrdWfmkaD 7C3BoA/8C1sf94dJ1PKhv8BqBppFySHMCoQr7LZamtSkwHe8S9IWnpAoPXXeL/Sf 3sa5cxXMqQT62puk8LFkYP53zA/LJ9nBm+lYdVwCC1BDkYmENpEoAhAWpnAEWKNa +fHdcXId9h5QcTy2JI1FCufPfhK1Kk+M1dhPKSZOJvQonWylRPE6/UIodRvC7aSg y5KPyUgQUQcAoyWPIKXjHOAiSgIfouXfiHWV4a+atp3TqffHVzOXAsEXTte3ktXB pemT4tNrJP3sLN7j5LwljiAbAYjhqbc8rB5q12hA//3qFKLNEKF8y0o9L/D02Usu quvWUG2KdpeqxUR0S65BESwMwooBt6wV5RXkK5j5csnmNX+EjoPN17yufIALgxaB aObgw0jecAMGcb8yI55LY5QpnE3kWxML4ISURoKzXjNPdlXGEsRRuS0MDn0BlIp7 C1UPwkIHA2CgjGRYzmLW5S8UKbE0OAouGK/G1Zrbiw+GBBjAE4tAxAUzo+oGS41N YEs6k2KBFCjxKdoxeRe2aTfUlv4q1YxxdnTvjyrVecWDn38koYtiTOXKsSAUAL7Z jykJ0+A0Mz5Er1WUR7vVUpzhW+zs7gh1OKHakA/hk+Dz1baBFoPA+oyZhJeeeyJE gxp/lYs8aIcj2wYtzGh3gGTPGcMN462eVjp41JGA2UK3UNBBlq8= =u1+m -----END PGP SIGNATURE-----