-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.8 Date: Sat, 27 Mar 2010 16:06:15 +1100 Source: curl Binary: curl libcurl3 libcurl3-gnutls libcurl4-openssl-dev libcurl4-gnutls-dev libcurl3-dbg Architecture: source i386 Version: 7.18.2-8lenny4 Distribution: stable-security Urgency: high Maintainer: Domenico Andreoli <cavok@debian.org> Changed-By: Steffen Joeris <white@debian.org> Description: curl - Get a file from an HTTP, HTTPS or FTP server libcurl3 - Multi-protocol file transfer library (OpenSSL) libcurl3-dbg - libcurl compiled with debug symbols libcurl3-gnutls - Multi-protocol file transfer library (GnuTLS) libcurl4-gnutls-dev - Development files and documentation for libcurl (GnuTLS) libcurl4-openssl-dev - Development files and documentation for libcurl (OpenSSL) Changes: curl (7.18.2-8lenny4) stable-security; urgency=high . * Non-maintainer upload by the security team * Fix possible buffer overflow via callback function Fixes: CVE-2010-0734 Checksums-Sha1: 982e06f32f7fd754d3914ce00725b7fecf35d9a7 1419 curl_7.18.2-8lenny4.dsc 071e902c820092389a482cb281a768b944fee8ed 29053 curl_7.18.2-8lenny4.diff.gz c5eae4185534deb45eb02241f042596bb4b65d72 208152 curl_7.18.2-8lenny4_i386.deb ee3c7b8d2e6381d74e853d23837927bf1eb0e2f8 228010 libcurl3_7.18.2-8lenny4_i386.deb 11ad3eff5086ad7a9872eff915265b5fce2473bd 210740 libcurl3-gnutls_7.18.2-8lenny4_i386.deb 5a9604262ee306709d0ece43b2ff7164ea563d5b 923556 libcurl4-openssl-dev_7.18.2-8lenny4_i386.deb d67b1f062671b81486723d3497e9743e1fe10a6b 904716 libcurl4-gnutls-dev_7.18.2-8lenny4_i386.deb 89cfb4746facb302ac3dab12ee09b8bff4fe3ee6 1153874 libcurl3-dbg_7.18.2-8lenny4_i386.deb Checksums-Sha256: 146dc5fc0e42c3885076f18f97e0c89a56fb0a86582b626fa1c3f511eda2e5c5 1419 curl_7.18.2-8lenny4.dsc 57febf0dd1efb64c3d0cfba281b71fd2e57e662e8f2e9dfa264031ca32cccb04 29053 curl_7.18.2-8lenny4.diff.gz 255215f1d030e3411427538c087550e50d8f31fd34ba7198281b5be62c0b1f8b 208152 curl_7.18.2-8lenny4_i386.deb c06e43cce7eb8b018c21242c1fba9c892162407fe3f04403d919a8c41332324d 228010 libcurl3_7.18.2-8lenny4_i386.deb c2d1cb4431fce5338bf10fbfd8b4f508d15a6f8468a3e37742fc63887b9ddf44 210740 libcurl3-gnutls_7.18.2-8lenny4_i386.deb df42d2b3c48c1158f7c6bba95192795974d8d4e5ab5527139df28ae58de3b327 923556 libcurl4-openssl-dev_7.18.2-8lenny4_i386.deb 62713abb8e1485e96ed334aab3a94e57d49321f2609ddae33db53bff944efde3 904716 libcurl4-gnutls-dev_7.18.2-8lenny4_i386.deb 3821e762d7e57cd986c5ca368f74f10275490d7d04ff2c045904deacbbd10d17 1153874 libcurl3-dbg_7.18.2-8lenny4_i386.deb Files: 0b91fb707442ec5f1dff454ddd0d2679 1419 web optional curl_7.18.2-8lenny4.dsc 205ea45b37707ca44847a0bb953a108e 29053 web optional curl_7.18.2-8lenny4.diff.gz f83fef1c5bfb45a7cd5d47854edeb3f0 208152 web optional curl_7.18.2-8lenny4_i386.deb 16c4325cb0063e15725c29660067cd10 228010 libs optional libcurl3_7.18.2-8lenny4_i386.deb 150aec717039cbebc74cacd6f0e09819 210740 libs optional libcurl3-gnutls_7.18.2-8lenny4_i386.deb cc8304920dc33fa65519f0dadf3a4222 923556 libdevel optional libcurl4-openssl-dev_7.18.2-8lenny4_i386.deb 7839f8a0998fe1f4d14fb777bc4cf379 904716 libdevel optional libcurl4-gnutls-dev_7.18.2-8lenny4_i386.deb 19e9afe20131d84743550d3fa8408583 1153874 libdevel extra libcurl3-dbg_7.18.2-8lenny4_i386.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iEYEARECAAYFAkutl6UACgkQ62zWxYk/rQdBlgCdH4SIGIq7wX33oAFBUMg8JwSJ jHIAn3KGEAkS51F1tT5iHrJTEzb1sPdz =p51k -----END PGP SIGNATURE----- Accepted: curl_7.18.2-8lenny4.diff.gz to main/c/curl/curl_7.18.2-8lenny4.diff.gz curl_7.18.2-8lenny4.dsc to main/c/curl/curl_7.18.2-8lenny4.dsc curl_7.18.2-8lenny4_i386.deb to main/c/curl/curl_7.18.2-8lenny4_i386.deb libcurl3-dbg_7.18.2-8lenny4_i386.deb to main/c/curl/libcurl3-dbg_7.18.2-8lenny4_i386.deb libcurl3-gnutls_7.18.2-8lenny4_i386.deb to main/c/curl/libcurl3-gnutls_7.18.2-8lenny4_i386.deb libcurl3_7.18.2-8lenny4_i386.deb to main/c/curl/libcurl3_7.18.2-8lenny4_i386.deb libcurl4-gnutls-dev_7.18.2-8lenny4_i386.deb to main/c/curl/libcurl4-gnutls-dev_7.18.2-8lenny4_i386.deb libcurl4-openssl-dev_7.18.2-8lenny4_i386.deb to main/c/curl/libcurl4-openssl-dev_7.18.2-8lenny4_i386.deb