-
Committer:
Bazaar Package Importer
-
Author(s):
Steve Beattie
-
Date:
2011-06-08 16:52:01 UTC
-
Revision ID:
james.westby@ubuntu.com-20110608165201-4iw5jto5bdzah459
Tags: 7.19.7-1ubuntu1.1
* SECURITY UPDATE: libcurl unconditional credential delegation during
GSSAPI authentication vulnerability.
- debian/patches/0001-Curl_input_negotiate-do-not-delegate-credentials.patch:
do not delegate credentials when doing GSSAPI authentication
- CVE-2011-2192
* SECURITY UPDATE: libcurl zlib automatic decompression callback
data buffer overflow
- debian/patches/libcurl-contentencoding.patch: restrict amount of
callback data sent to an application
- CVE-2010-0734