← Back to branch summary

~ubuntu-branches/ubuntu/maverick/curl/maverick-security

~ubuntu-branches/ubuntu/maverick/curl/maverick-security

Viewing all changes in revision 43.

Committer: Bazaar Package Importer
Author(s): Steve Beattie
Date: 2011-06-08 14:03:34 UTC
Revision ID: james.westby@ubuntu.com-20110608140334-wrdzdm4px5e98k4n

Tags: 7.21.0-1ubuntu1.1

* SECURITY UPDATE: libcurl unconditional credential delegation during
  GSSAPI authentication vulnerability.
  - debian/patches/0001-Curl_input_negotiate-do-not-delegate-credentials.patch:
    do not delegate credentials when doing GSSAPI authentication
  - CVE-2011-2192

files added:
.pc/0001-Curl_input_negotiate-do-not-delegate-credentials.patch

.pc/0001-Curl_input_negotiate-do-not-delegate-credentials.patch/lib

.pc/0001-Curl_input_negotiate-do-not-delegate-credentials.patch/lib/http_negotiate.c

debian/patches/0001-Curl_input_negotiate-do-not-delegate-credentials.patch

files modified:
.pc/applied-patches

debian/changelog

debian/patches/series

lib/http_negotiate.c

Show diffs side-by-side

added added

removed removed

.pc/0001-Curl_input_negotiate-do-not-delegate-credentials.patch/

.pc/0001-Curl_input_negotiate-do-not-delegate-credentials.patch/lib/

.pc/0001-Curl_input_negotiate-do-not-delegate-credentials.patch/lib/http_negotiate.c

.pc/applied-patches

debian/changelog

debian/patches/0001-Curl_input_negotiate-do-not-delegate-credentials.patch

debian/patches/series

lib/http_negotiate.c

Older »