Viewing all changes in revision 3.2.2.
- Committer: Bazaar Package Importer
- Date: 2009-03-11 15:33:08 UTC
- mto: (3.3.1 squeeze) (40.1.1 curl) (1.2.3 upstream) (70.1.1 curl) (76.1.1 utopic)
- mto: This revision was merged to the branch mainline in revision 38.
- Revision ID: james.westby@ubuntu.com-20090311153308-tkk0bx0atrih6e6c
* Non-maintainer upload by the security team.
* Include upstream patch to prevent overwriting and reading arbitrary
local files or command execution via malicious redirects depending on
the setup curl is used in.
NOTE: This update introduces a new option called CURLOPT_REDIR_PROTOCOLS
which includes the protocols curl will follow on redirects, scp and file
are not included by default (CVE-2009-0037; Closes: #518423).
* Include upstream patch to prevent overwriting and reading arbitrary
local files or command execution via malicious redirects depending on
the setup curl is used in.
NOTE: This update introduces a new option called CURLOPT_REDIR_PROTOCOLS
which includes the protocols curl will follow on redirects, scp and file
are not included by default (CVE-2009-0037; Closes: #518423).
- files added:
- debian/patches/CVE-2009-0037
- files modified:
- debian/changelog
expand all
collapse all
added
removed
