-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Tue, 13 Mar 2018 00:46:06 +0000 Source: curl Binary: curl libcurl3 libcurl3-gnutls libcurl3-nss libcurl4-openssl-dev libcurl4-gnutls-dev libcurl4-nss-dev libcurl3-dbg libcurl4-doc Architecture: i386 Version: 7.52.1-5+deb9u5 Distribution: stretch-security Urgency: high Maintainer: amd64 / i386 Build Daemon (x86-csail-01) Changed-By: Alessandro Ghedini Description: curl - command line tool for transferring data with URL syntax libcurl3 - easy-to-use client-side URL transfer library (OpenSSL flavour) libcurl3-dbg - debugging symbols for libcurl (OpenSSL, GnuTLS and NSS flavours) libcurl3-gnutls - easy-to-use client-side URL transfer library (GnuTLS flavour) libcurl3-nss - easy-to-use client-side URL transfer library (NSS flavour) libcurl4-doc - documentation for libcurl libcurl4-gnutls-dev - development files and documentation for libcurl (GnuTLS flavour) libcurl4-nss-dev - development files and documentation for libcurl (NSS flavour) libcurl4-openssl-dev - development files and documentation for libcurl (OpenSSL flavour) Changes: curl (7.52.1-5+deb9u5) stretch-security; urgency=high . * Fix NIL byte out of bounds write due to FTP path trickery as per CVE-2018-1000120 https://curl.haxx.se/docs/adv_2018-9cd6.html * Fix LDAP NULL pointer dereference as per CVE-2018-1000121 https://curl.haxx.se/docs/adv_2018-97a2.html * Fix RTSP RTP buffer over-read as per CVE-2018-1000122 https://curl.haxx.se/docs/adv_2018-b047.html Checksums-Sha1: ec96289781cda485d1e859951ad885069d54bb20 119934 curl-dbgsym_7.52.1-5+deb9u5_i386.deb 6831dc9325c777a8880a70edd1a7f0a07af85de9 10418 curl_7.52.1-5+deb9u5_i386.buildinfo e219e20eb289de6e4130a4f0c7bfbc9693649088 230278 curl_7.52.1-5+deb9u5_i386.deb 8d7bd104af84e004cce52a1a24b484484a143022 4698724 libcurl3-dbg_7.52.1-5+deb9u5_i386.deb bb2d7c7652ee57901455d2926e071790b5860103 311588 libcurl3-gnutls_7.52.1-5+deb9u5_i386.deb a2b51c7d2b7a4e30158e3b63aac200d112a641cc 317706 libcurl3-nss_7.52.1-5+deb9u5_i386.deb 17826807c5d44100de0da83153e8d20c50995a1c 314964 libcurl3_7.52.1-5+deb9u5_i386.deb 54a45c676eabfd6a51a6ae50d2456c0694bfd967 403750 libcurl4-gnutls-dev_7.52.1-5+deb9u5_i386.deb 98146678e86cd55eeca57c2a9bbaae86973fffdf 409442 libcurl4-nss-dev_7.52.1-5+deb9u5_i386.deb 1b044d45a4f0e979f76cb276993ad4906b17790e 406002 libcurl4-openssl-dev_7.52.1-5+deb9u5_i386.deb Checksums-Sha256: e77a36217ff4cedcf1d726fbc7ef17155d9f77f40a4b9203be1454ce94f31b9f 119934 curl-dbgsym_7.52.1-5+deb9u5_i386.deb 116ad0281ce87d1d7a767a8bdb950b92c5988912325c2eef8946928bfa0a7fbe 10418 curl_7.52.1-5+deb9u5_i386.buildinfo de6bba0c749f22cc0cca515a42fdacbaaffdef56879fa85e6d7dc40bba4fab77 230278 curl_7.52.1-5+deb9u5_i386.deb 1fea35f2e1bf28f9c3e281cb175cf7e944b6170fe4e209dfb348f5e1218b71cf 4698724 libcurl3-dbg_7.52.1-5+deb9u5_i386.deb 433eb339d0c81c9da38fc473831a8cd9084c5219cc06f968b0d13771cf61f795 311588 libcurl3-gnutls_7.52.1-5+deb9u5_i386.deb da140ab6d045e5fae59e984a7fdf47d6b13b7838a8242c993f99ea3da9d2c8e0 317706 libcurl3-nss_7.52.1-5+deb9u5_i386.deb e74e476b099fafa447efbd7cf8741588663f946db96ff42993368ac1ae71baa7 314964 libcurl3_7.52.1-5+deb9u5_i386.deb eab8270a6910d4d6c1fbd9a6e06549322d1a939c86b89c7f32e1b2f04886f5c5 403750 libcurl4-gnutls-dev_7.52.1-5+deb9u5_i386.deb 54dc359227cec4c9319650ff75bb94fa4f16a2a18a4d24a59c188517ea4ade01 409442 libcurl4-nss-dev_7.52.1-5+deb9u5_i386.deb c67221eb613ef0b2fefe098b0efdafcc50566741b96a34752faf7aa463e0e2ee 406002 libcurl4-openssl-dev_7.52.1-5+deb9u5_i386.deb Files: e06805726b9d94f415202c66f6fc00c6 119934 debug extra curl-dbgsym_7.52.1-5+deb9u5_i386.deb 12a7f88183d28490848d48227d06a80a 10418 web optional curl_7.52.1-5+deb9u5_i386.buildinfo 9c5ed28a04ee46207b55724631acbe7b 230278 web optional curl_7.52.1-5+deb9u5_i386.deb 2ddff0883c58d33d4531a5cc21042fbb 4698724 debug extra libcurl3-dbg_7.52.1-5+deb9u5_i386.deb 73711c898d9b81c419d508dfb7d34b31 311588 libs optional libcurl3-gnutls_7.52.1-5+deb9u5_i386.deb 91049d34e8581211d800ff0749793b47 317706 libs optional libcurl3-nss_7.52.1-5+deb9u5_i386.deb 2432aa645a06113c363a92c874e720a5 314964 libs optional libcurl3_7.52.1-5+deb9u5_i386.deb 00df8280e63c47b50d74dde58642987e 403750 libdevel optional libcurl4-gnutls-dev_7.52.1-5+deb9u5_i386.deb 50204e25d7818a2c0654445b7f727d7f 409442 libdevel optional libcurl4-nss-dev_7.52.1-5+deb9u5_i386.deb 6988e6093c5fd241fb2c384d4735b491 406002 libdevel optional libcurl4-openssl-dev_7.52.1-5+deb9u5_i386.deb -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEevHXPYnWIBOaTTctFfcBBC0/C0gFAlqoalAACgkQFfcBBC0/ C0iVWA/7BR1+t8irGNPXZFYa8VDTZ1e6mj/TCJNmpwCZQhXOqTiykZ48x4V6NZ3A Ee1f3T4Ll1WCQmtGM3l+kd43e+uVOWbgBaenIqp9kV/7WDbb+zHQ8yGepUcTHXbx W0wxSDQ9BbmT92DMKYlNYIKkGczT3uazJ9Pqzh7KOS3G9VgvogmpUBWD2YexS+y7 srnYFLARbBDBX3aOgAIR9N7swrvqFLcjBiJbwi+za9F7D/XBUDxPKXR06GB+4COe uMCvHykmEk+rt/NKNcS0cdZS1nwxmPRjBP1QzaEwLQsq7JHT1kPuNDFX7WgqbazO mFUShEcM5CXPSnRTAS47WsfKvH7PmBuL1av5iIEH0gvpbhZyF2UEZYp19P645JYd 56959EjoQ9B48lu5stRII3L71W8IqyO+CfWwN0BZu+XDhELcyhALDFENiB4mSY09 3jGpwEjtzFqllRruwlRvjdA17UnzfnHkpoabKyYGfTxtoPCmAgyk34uJwpMExj7X B4UZNViEKWDHWkLlaK+pmKT1JuZ6XmUZLvikM42fyqMSghxyYCt+yj3jygBPTAFi f3Hx3I8ou6rEdcx3E3u4X1s78V2U+f8Fa02XO4Ek6ydbFRA5wfWTA+x8XerLGt7S qrsAZRoIMinEHn6Ua2GKgWpxvgj2oGBjc8XzFFtElCy4XVQWGMc= =x97Y -----END PGP SIGNATURE-----