Debian: DSA-1738-1: New curl packages fix arbitrary file access

    Date11 Mar 2009
    CategoryDebian
    61
    Posted ByLinuxSecurity Advisories
    David Kierznowski discovered that libcurl, a multi-protocol file transfer library, when configured to follow URL redirects automatically, does not question the new target location. As libcurl also supports file:// and scp:// URLs - depending on the setup - an untrusted server could use that
    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA1
    
    - --------------------------------------------------------------------------
    Debian Security Advisory DSA-1738-1                    This email address is being protected from spambots. You need JavaScript enabled to view it.
    http://www.debian.org/security/                                 Nico Golde
    March 11th, 2009                        http://www.debian.org/security/faq
    - --------------------------------------------------------------------------
    
    Package        : curl
    Vulnerability  : arbitrary file access
    Problem type   : remote
    Debian-specific: no
    CVE ID         : CVE-2009-0037
    Debian Bug     : 518423
    BugTraq ID     : 33962
    
    David Kierznowski discovered that libcurl, a multi-protocol file transfer
    library, when configured to follow URL redirects automatically, does not
    question the new target location.  As libcurl also supports file:// and
    scp:// URLs - depending on the setup - an untrusted server could use that
    to expose local files, overwrite local files or even execute arbitrary
    code via a malicious URL redirect.
    
    This update introduces a new option called CURLOPT_REDIR_PROTOCOLS which by
    default does not include the scp and file protocol handlers.
    
    
    For the oldstable distribution (etch) this problem has been fixed in
    version 7.15.5-1etch2.
    
    For the stable distribution (lenny) this problem has been fixed in
    version 7.18.2-8lenny2.
    
    For the unstable distribution (sid) this problem has been fixed in
    version 7.18.2-8.1.
    
    We recommend that you upgrade your curl packages.
    
    
    Upgrade instructions
    - --------------------
    
    wget url
            will fetch the file for you
    dpkg -i file.deb
            will install the referenced file.
    
    If you are using the apt-get package manager, use the line for
    sources.list as given below:
    
    apt-get update
            will update the internal database
    apt-get upgrade
            will install corrected packages
    
    You may use an automated update by adding the resources from the
    footer to the proper configuration.
    
    
    Debian GNU/Linux 4.0 alias etch
    - -------------------------------
    
    Debian (oldstable)
    - ------------------
    
    Oldstable updates are available for alpha, amd64, arm, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.
    
    Source archives:
    
      http://security.debian.org/pool/updates/main/c/curl/curl_7.15.5-1etch2.dsc
        Size/MD5 checksum:      956 0a164bd43dbfb582a049fe3a737a375b
      http://security.debian.org/pool/updates/main/c/curl/curl_7.15.5.orig.tar.gz
        Size/MD5 checksum:  1897973 61997c0d852d38c3a85b445f4fc02892
      http://security.debian.org/pool/updates/main/c/curl/curl_7.15.5-1etch2.diff.gz
        Size/MD5 checksum:    21635 47c30162c60f8192bce199f5fab0012d
    
    Architecture independent packages:
    
      http://security.debian.org/pool/updates/main/c/curl/libcurl3-dev_7.15.5-1etch2_all.deb
        Size/MD5 checksum:    22244 752d541336f513b3bfd0841e0868b472
    
    alpha architecture (DEC Alpha)
    
      http://security.debian.org/pool/updates/main/c/curl/curl_7.15.5-1etch2_alpha.deb
        Size/MD5 checksum:   166256 709d02b9dae8f4b0c7333d6f03c31628
      http://security.debian.org/pool/updates/main/c/curl/libcurl3-dbg_7.15.5-1etch2_alpha.deb
        Size/MD5 checksum:   816206 a36046c7827322a14d257bd3fb74010b
      http://security.debian.org/pool/updates/main/c/curl/libcurl3-openssl-dev_7.15.5-1etch2_alpha.deb
        Size/MD5 checksum:   818778 967acf1522d86fdf56e84e1c5b22f147
      http://security.debian.org/pool/updates/main/c/curl/libcurl3-gnutls-dev_7.15.5-1etch2_alpha.deb
        Size/MD5 checksum:   809316 af0f20647d1a91d799dcbed6980428b7
      http://security.debian.org/pool/updates/main/c/curl/libcurl3_7.15.5-1etch2_alpha.deb
        Size/MD5 checksum:   181392 78c3b97fba2c35b5c5d1bf1eb5f1d908
      http://security.debian.org/pool/updates/main/c/curl/libcurl3-gnutls_7.15.5-1etch2_alpha.deb
        Size/MD5 checksum:   174310 433c7e16f748f83db01989e8a249a101
    
    amd64 architecture (AMD x86_64 (AMD64))
    
      http://security.debian.org/pool/updates/main/c/curl/libcurl3-gnutls_7.15.5-1etch2_amd64.deb
        Size/MD5 checksum:   164766 6f3f68c322aa54a5000975530ded729e
      http://security.debian.org/pool/updates/main/c/curl/libcurl3_7.15.5-1etch2_amd64.deb
        Size/MD5 checksum:   170058 f6fd6e8f7a3e030ca028a6750f666061
      http://security.debian.org/pool/updates/main/c/curl/libcurl3-gnutls-dev_7.15.5-1etch2_amd64.deb
        Size/MD5 checksum:   772142 5d3cdfcfdaf0604aeebfc395703d6df7
      http://security.debian.org/pool/updates/main/c/curl/libcurl3-openssl-dev_7.15.5-1etch2_amd64.deb
        Size/MD5 checksum:   778626 490801518500a00caec9e45fb755c524
      http://security.debian.org/pool/updates/main/c/curl/libcurl3-dbg_7.15.5-1etch2_amd64.deb
        Size/MD5 checksum:   824964 a57398dfcbd49c33060a48671bed8a02
      http://security.debian.org/pool/updates/main/c/curl/curl_7.15.5-1etch2_amd64.deb
        Size/MD5 checksum:   163446 7eaaea76d628e03e8ebdc580bff0b72b
    
    arm architecture (ARM)
    
      http://security.debian.org/pool/updates/main/c/curl/libcurl3-gnutls-dev_7.15.5-1etch2_arm.deb
        Size/MD5 checksum:   756884 8eed02667e02867ad3d130a40ad4f330
      http://security.debian.org/pool/updates/main/c/curl/libcurl3-openssl-dev_7.15.5-1etch2_arm.deb
        Size/MD5 checksum:   762352 b5720175a10c9f7333a2e8a298aac91d
      http://security.debian.org/pool/updates/main/c/curl/libcurl3-dbg_7.15.5-1etch2_arm.deb
        Size/MD5 checksum:   783552 72af9664d85d8aa4ca0960da19554333
      http://security.debian.org/pool/updates/main/c/curl/libcurl3-gnutls_7.15.5-1etch2_arm.deb
        Size/MD5 checksum:   160536 c9fb486fd46228488f391d57a9d6edc8
      http://security.debian.org/pool/updates/main/c/curl/libcurl3_7.15.5-1etch2_arm.deb
        Size/MD5 checksum:   165914 b1188bf4e4da054e04b77c4e8f27ca73
      http://security.debian.org/pool/updates/main/c/curl/curl_7.15.5-1etch2_arm.deb
        Size/MD5 checksum:   162598 a60ef14833ef5f5bad0bffbda329e326
    
    hppa architecture (HP PA RISC)
    
      http://security.debian.org/pool/updates/main/c/curl/curl_7.15.5-1etch2_hppa.deb
        Size/MD5 checksum:   164866 73bdea9c0a854221204e7d232a464ad7
      http://security.debian.org/pool/updates/main/c/curl/libcurl3_7.15.5-1etch2_hppa.deb
        Size/MD5 checksum:   184262 c681c1b066c2210aa0d84f1763a14bdb
      http://security.debian.org/pool/updates/main/c/curl/libcurl3-openssl-dev_7.15.5-1etch2_hppa.deb
        Size/MD5 checksum:   798798 29f2ee940a221a567c8f9568202f6f85
      http://security.debian.org/pool/updates/main/c/curl/libcurl3-gnutls_7.15.5-1etch2_hppa.deb
        Size/MD5 checksum:   178932 76c87584e67d0e9957110bb805a15946
      http://security.debian.org/pool/updates/main/c/curl/libcurl3-gnutls-dev_7.15.5-1etch2_hppa.deb
        Size/MD5 checksum:   791220 9d0a1827c563e72951420d6e869a348f
      http://security.debian.org/pool/updates/main/c/curl/libcurl3-dbg_7.15.5-1etch2_hppa.deb
        Size/MD5 checksum:   815004 47b6884a2e5ce2224d64fdc9c5852325
    
    i386 architecture (Intel ia32)
    
      http://security.debian.org/pool/updates/main/c/curl/libcurl3-gnutls_7.15.5-1etch2_i386.deb
        Size/MD5 checksum:   163604 16def6f8c4d5068be2bba466f89dc329
      http://security.debian.org/pool/updates/main/c/curl/libcurl3-gnutls-dev_7.15.5-1etch2_i386.deb
        Size/MD5 checksum:   759150 613d3cfa2de22d73706c4158f45a9380
      http://security.debian.org/pool/updates/main/c/curl/libcurl3-openssl-dev_7.15.5-1etch2_i386.deb
        Size/MD5 checksum:   766468 c32cd1d31c6078d4676b8046ddc56f07
      http://security.debian.org/pool/updates/main/c/curl/libcurl3_7.15.5-1etch2_i386.deb
        Size/MD5 checksum:   168800 1fc225d65db9eb6508481bf2e5985d5d
      http://security.debian.org/pool/updates/main/c/curl/curl_7.15.5-1etch2_i386.deb
        Size/MD5 checksum:   163240 362b7152f99699f68c93ab89e821d8d0
      http://security.debian.org/pool/updates/main/c/curl/libcurl3-dbg_7.15.5-1etch2_i386.deb
        Size/MD5 checksum:   800506 984abe71ca0999c8a587ed1b0042299a
    
    ia64 architecture (Intel ia64)
    
      http://security.debian.org/pool/updates/main/c/curl/libcurl3-dbg_7.15.5-1etch2_ia64.deb
        Size/MD5 checksum:   811254 1992183aa065d3782a2992ea98c22a5a
      http://security.debian.org/pool/updates/main/c/curl/libcurl3-gnutls-dev_7.15.5-1etch2_ia64.deb
        Size/MD5 checksum:   838550 350899a4e4f86a672aeb2c3a2d011e94
      http://security.debian.org/pool/updates/main/c/curl/curl_7.15.5-1etch2_ia64.deb
        Size/MD5 checksum:   174484 ac0a064f867f61c30ebd1cd7da6ea845
      http://security.debian.org/pool/updates/main/c/curl/libcurl3-gnutls_7.15.5-1etch2_ia64.deb
        Size/MD5 checksum:   217504 032debd42a9a3cc08f65ee17097fe9d7
      http://security.debian.org/pool/updates/main/c/curl/libcurl3_7.15.5-1etch2_ia64.deb
        Size/MD5 checksum:   225458 a6beeb5551ffe3d09341160b368bf4f6
      http://security.debian.org/pool/updates/main/c/curl/libcurl3-openssl-dev_7.15.5-1etch2_ia64.deb
        Size/MD5 checksum:   848606 b339d6517e49af9a30b5bed9a42c9222
    
    mips architecture (MIPS (Big Endian))
    
      http://security.debian.org/pool/updates/main/c/curl/libcurl3-gnutls-dev_7.15.5-1etch2_mips.deb
        Size/MD5 checksum:   784292 439b960fc26cd382f86bbfb20478d7b0
      http://security.debian.org/pool/updates/main/c/curl/libcurl3-dbg_7.15.5-1etch2_mips.deb
        Size/MD5 checksum:   831916 dcfa7a779ae3cdac67cecf847dac0162
      http://security.debian.org/pool/updates/main/c/curl/libcurl3-openssl-dev_7.15.5-1etch2_mips.deb
        Size/MD5 checksum:   792482 357d60661e80f1ee887d2345a119b547
      http://security.debian.org/pool/updates/main/c/curl/curl_7.15.5-1etch2_mips.deb
        Size/MD5 checksum:   164020 c91e5b7e745e2179301d2e75be7d8ee2
      http://security.debian.org/pool/updates/main/c/curl/libcurl3-gnutls_7.15.5-1etch2_mips.deb
        Size/MD5 checksum:   165474 eff09f808ce9a23ce659aeeffea398f1
      http://security.debian.org/pool/updates/main/c/curl/libcurl3_7.15.5-1etch2_mips.deb
        Size/MD5 checksum:   170646 650b55f89ad5530208e49e211f5aebeb
    
    mipsel architecture (MIPS (Little Endian))
    
      http://security.debian.org/pool/updates/main/c/curl/curl_7.15.5-1etch2_mipsel.deb
        Size/MD5 checksum:   164056 b2cbeec53d1eef3e9d0e29adf797548b
      http://security.debian.org/pool/updates/main/c/curl/libcurl3-openssl-dev_7.15.5-1etch2_mipsel.deb
        Size/MD5 checksum:   792108 4fe7f7e85d02706503d1064895607831
      http://security.debian.org/pool/updates/main/c/curl/libcurl3-gnutls_7.15.5-1etch2_mipsel.deb
        Size/MD5 checksum:   165674 500cb0c319ee13c14f8d010b3c4457cc
      http://security.debian.org/pool/updates/main/c/curl/libcurl3-dbg_7.15.5-1etch2_mipsel.deb
        Size/MD5 checksum:   811082 c61871a4ac26252046b4e161aeef2dd7
      http://security.debian.org/pool/updates/main/c/curl/libcurl3-gnutls-dev_7.15.5-1etch2_mipsel.deb
        Size/MD5 checksum:   784546 b8ba2732071c34bbfe5c10927317f589
      http://security.debian.org/pool/updates/main/c/curl/libcurl3_7.15.5-1etch2_mipsel.deb
        Size/MD5 checksum:   170522 0919591347253f65b44ddea61f49cbc7
    
    powerpc architecture (PowerPC)
    
      http://security.debian.org/pool/updates/main/c/curl/libcurl3-gnutls-dev_7.15.5-1etch2_powerpc.deb
        Size/MD5 checksum:   774490 f804de8b26ea6914f0283f79f71d72b2
      http://security.debian.org/pool/updates/main/c/curl/libcurl3-openssl-dev_7.15.5-1etch2_powerpc.deb
        Size/MD5 checksum:   781844 b53e33260b02761cd26c8780b8e81f2b
      http://security.debian.org/pool/updates/main/c/curl/libcurl3_7.15.5-1etch2_powerpc.deb
        Size/MD5 checksum:   173906 edf0a2342f93af56ffb18a45a934ace3
      http://security.debian.org/pool/updates/main/c/curl/libcurl3-dbg_7.15.5-1etch2_powerpc.deb
        Size/MD5 checksum:   841666 5df4b820f0f196560bd5796d0ad1bad7
      http://security.debian.org/pool/updates/main/c/curl/curl_7.15.5-1etch2_powerpc.deb
        Size/MD5 checksum:   165134 c62f63233f70e51a732c36492fd04ae9
      http://security.debian.org/pool/updates/main/c/curl/libcurl3-gnutls_7.15.5-1etch2_powerpc.deb
        Size/MD5 checksum:   169130 44d2765d66141ceb6c6626750a098aaa
    
    s390 architecture (IBM S/390)
    
      http://security.debian.org/pool/updates/main/c/curl/libcurl3-dbg_7.15.5-1etch2_s390.deb
        Size/MD5 checksum:   836322 26db7bd743a5c2141c6aee251a9cede0
      http://security.debian.org/pool/updates/main/c/curl/libcurl3_7.15.5-1etch2_s390.deb
        Size/MD5 checksum:   179832 487db999849a4ac171d86d87d12d3f7f
      http://security.debian.org/pool/updates/main/c/curl/curl_7.15.5-1etch2_s390.deb
        Size/MD5 checksum:   163182 7be52b66b1f79a0d0f76d0183da4104a
      http://security.debian.org/pool/updates/main/c/curl/libcurl3-gnutls-dev_7.15.5-1etch2_s390.deb
        Size/MD5 checksum:   768888 87b9a0f806f25692cd2f9a30bd0be9eb
      http://security.debian.org/pool/updates/main/c/curl/libcurl3-gnutls_7.15.5-1etch2_s390.deb
        Size/MD5 checksum:   172444 3d9a0b971714e2f9f6c7d15ce387bc93
      http://security.debian.org/pool/updates/main/c/curl/libcurl3-openssl-dev_7.15.5-1etch2_s390.deb
        Size/MD5 checksum:   774446 9c7cf8ac1154f4b8b71615ad8d48ed99
    
    sparc architecture (Sun SPARC/UltraSPARC)
    
      http://security.debian.org/pool/updates/main/c/curl/libcurl3-gnutls_7.15.5-1etch2_sparc.deb
        Size/MD5 checksum:   160204 433e751e98d9010f793cfacf4c809996
      http://security.debian.org/pool/updates/main/c/curl/libcurl3-dbg_7.15.5-1etch2_sparc.deb
        Size/MD5 checksum:   788794 2c4e9c34ccf365fa02bc1f1657e68f35
      http://security.debian.org/pool/updates/main/c/curl/curl_7.15.5-1etch2_sparc.deb
        Size/MD5 checksum:   162412 1bab2e9e64b655babb5f1ef1b7271090
      http://security.debian.org/pool/updates/main/c/curl/libcurl3-openssl-dev_7.15.5-1etch2_sparc.deb
        Size/MD5 checksum:   766110 cc724da5e7cc8b38376d1644d98a144e
      http://security.debian.org/pool/updates/main/c/curl/libcurl3_7.15.5-1etch2_sparc.deb
        Size/MD5 checksum:   165224 671413f03a06041a824630be23ded9e9
      http://security.debian.org/pool/updates/main/c/curl/libcurl3-gnutls-dev_7.15.5-1etch2_sparc.deb
        Size/MD5 checksum:   759596 2070bf93dadb3b3fe1aa387fb0f8e6c7
    
    Debian GNU/Linux 5.0 alias lenny
    - --------------------------------
    
    Debian (stable)
    - ---------------
    
    Stable updates are available for alpha, amd64, arm, armel, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.
    
    Source archives:
    
      http://security.debian.org/pool/updates/main/c/curl/curl_7.18.2-8lenny2.diff.gz
        Size/MD5 checksum:    27675 3cc8e00a5145e9f8f35823f89170ed4e
      http://security.debian.org/pool/updates/main/c/curl/curl_7.18.2-8lenny2.dsc
        Size/MD5 checksum:     1418 02c706202a50b3358769c4c1e9f1a120
      http://security.debian.org/pool/updates/main/c/curl/curl_7.18.2.orig.tar.gz
        Size/MD5 checksum:  2273077 4fe99398a64a34613c9db7bd61bf6e3c
    
    alpha architecture (DEC Alpha)
    
      http://security.debian.org/pool/updates/main/c/curl/curl_7.18.2-8lenny2_alpha.deb
        Size/MD5 checksum:   211250 dcccf85073a2826d5af6e6d438f6c9f6
      http://security.debian.org/pool/updates/main/c/curl/libcurl3-gnutls_7.18.2-8lenny2_alpha.deb
        Size/MD5 checksum:   224420 33ead51af60c4e6ea8f08b16ebde1e06
      http://security.debian.org/pool/updates/main/c/curl/libcurl4-openssl-dev_7.18.2-8lenny2_alpha.deb
        Size/MD5 checksum:   985930 c90004e19361846cbded2fb615eb60ec
      http://security.debian.org/pool/updates/main/c/curl/libcurl3-dbg_7.18.2-8lenny2_alpha.deb
        Size/MD5 checksum:  1150080 c3436b5c4979764699a7236674df93cf
      http://security.debian.org/pool/updates/main/c/curl/libcurl3_7.18.2-8lenny2_alpha.deb
        Size/MD5 checksum:   241558 7d28ddb21b9a23f2e4b6302dea9ffc36
      http://security.debian.org/pool/updates/main/c/curl/libcurl4-gnutls-dev_7.18.2-8lenny2_alpha.deb
        Size/MD5 checksum:   957810 49c87cfe63e61d4c905c2c481b1a88a2
    
    amd64 architecture (AMD x86_64 (AMD64))
    
      http://security.debian.org/pool/updates/main/c/curl/libcurl3-gnutls_7.18.2-8lenny2_amd64.deb
        Size/MD5 checksum:   214620 3d0a0aa6453df3486b5910e198275f84
      http://security.debian.org/pool/updates/main/c/curl/libcurl3-dbg_7.18.2-8lenny2_amd64.deb
        Size/MD5 checksum:  1182662 c7a8138e99e78dd772758e4d1db098fe
      http://security.debian.org/pool/updates/main/c/curl/libcurl3_7.18.2-8lenny2_amd64.deb
        Size/MD5 checksum:   230526 1d8262e5c8ce1baddb748a76b836ff79
      http://security.debian.org/pool/updates/main/c/curl/libcurl4-openssl-dev_7.18.2-8lenny2_amd64.deb
        Size/MD5 checksum:   951202 76dd51652be02ad2972cbb32df9cbe60
      http://security.debian.org/pool/updates/main/c/curl/curl_7.18.2-8lenny2_amd64.deb
        Size/MD5 checksum:   208912 e66d007bbedba4d7e838045e549c64b1
      http://security.debian.org/pool/updates/main/c/curl/libcurl4-gnutls-dev_7.18.2-8lenny2_amd64.deb
        Size/MD5 checksum:   928736 6f66f5283ad91d0a2b4d56bd629e8305
    
    armel architecture (ARM EABI)
    
      http://security.debian.org/pool/updates/main/c/curl/libcurl3_7.18.2-8lenny2_armel.deb
        Size/MD5 checksum:   223972 d139a82972490d1f706ec27cacddadac
      http://security.debian.org/pool/updates/main/c/curl/libcurl4-openssl-dev_7.18.2-8lenny2_armel.deb
        Size/MD5 checksum:   920298 d740b279b624e6a475cb7d391f7b2c10
      http://security.debian.org/pool/updates/main/c/curl/libcurl4-gnutls-dev_7.18.2-8lenny2_armel.deb
        Size/MD5 checksum:   903750 c81c5db454d3263cd6ae51d16c933a6d
      http://security.debian.org/pool/updates/main/c/curl/libcurl3-gnutls_7.18.2-8lenny2_armel.deb
        Size/MD5 checksum:   209142 e9f8cea7ff20b90a27e1a72a523b3d47
      http://security.debian.org/pool/updates/main/c/curl/curl_7.18.2-8lenny2_armel.deb
        Size/MD5 checksum:   209082 a906ad9c5f72efd9cdd561aed4ca8dc9
      http://security.debian.org/pool/updates/main/c/curl/libcurl3-dbg_7.18.2-8lenny2_armel.deb
        Size/MD5 checksum:  1151506 7c7546f135977a859ddc976f73b6542d
    
    hppa architecture (HP PA RISC)
    
      http://security.debian.org/pool/updates/main/c/curl/libcurl4-gnutls-dev_7.18.2-8lenny2_hppa.deb
        Size/MD5 checksum:   939250 04c83feddcf78eaca8136bd4b15bee90
      http://security.debian.org/pool/updates/main/c/curl/curl_7.18.2-8lenny2_hppa.deb
        Size/MD5 checksum:   209462 8e62f5740ba733a9a8cde83f045873e2
      http://security.debian.org/pool/updates/main/c/curl/libcurl3-gnutls_7.18.2-8lenny2_hppa.deb
        Size/MD5 checksum:   227528 9905b63e7ffb02e1b6da0443ad99bbf6
      http://security.debian.org/pool/updates/main/c/curl/libcurl3_7.18.2-8lenny2_hppa.deb
        Size/MD5 checksum:   244642 f127b127e9783af96664f67fab940458
      http://security.debian.org/pool/updates/main/c/curl/libcurl4-openssl-dev_7.18.2-8lenny2_hppa.deb
        Size/MD5 checksum:   960844 5c3918da2bdb2bcb6e5775935d101600
      http://security.debian.org/pool/updates/main/c/curl/libcurl3-dbg_7.18.2-8lenny2_hppa.deb
        Size/MD5 checksum:  1173380 ef0c131c585f50dd3b1d494be681ad4c
    
    i386 architecture (Intel ia32)
    
      http://security.debian.org/pool/updates/main/c/curl/libcurl4-gnutls-dev_7.18.2-8lenny2_i386.deb
        Size/MD5 checksum:   903896 766d2afb93354dc6cfccc719ca5d3a32
      http://security.debian.org/pool/updates/main/c/curl/libcurl4-openssl-dev_7.18.2-8lenny2_i386.deb
        Size/MD5 checksum:   923838 54e2efa56e08277cd061ec142167b8f8
      http://security.debian.org/pool/updates/main/c/curl/libcurl3-dbg_7.18.2-8lenny2_i386.deb
        Size/MD5 checksum:  1155810 b481158475101fe14cd7086dd09b00ba
      http://security.debian.org/pool/updates/main/c/curl/libcurl3_7.18.2-8lenny2_i386.deb
        Size/MD5 checksum:   228434 806b581b9cb3e7b74b4c5b38d952d496
      http://security.debian.org/pool/updates/main/c/curl/curl_7.18.2-8lenny2_i386.deb
        Size/MD5 checksum:   208184 310da7a3545fdd174ae3f7cf7a05d84e
      http://security.debian.org/pool/updates/main/c/curl/libcurl3-gnutls_7.18.2-8lenny2_i386.deb
        Size/MD5 checksum:   210964 fde8c7b507ef8fca75b3b95557443568
    
    ia64 architecture (Intel ia64)
    
      http://security.debian.org/pool/updates/main/c/curl/libcurl3-gnutls_7.18.2-8lenny2_ia64.deb
        Size/MD5 checksum:   274076 a242056cc5928023e19189e0dad47a54
      http://security.debian.org/pool/updates/main/c/curl/libcurl3-dbg_7.18.2-8lenny2_ia64.deb
        Size/MD5 checksum:  1165456 63a88f4853c990bf6a26744b25ffcd65
      http://security.debian.org/pool/updates/main/c/curl/libcurl4-gnutls-dev_7.18.2-8lenny2_ia64.deb
        Size/MD5 checksum:   991418 a81c668fb270734005c855f77fbaa1b2
      http://security.debian.org/pool/updates/main/c/curl/libcurl3_7.18.2-8lenny2_ia64.deb
        Size/MD5 checksum:   296182 959638d94a18a01ee393a5388af95e9a
      http://security.debian.org/pool/updates/main/c/curl/curl_7.18.2-8lenny2_ia64.deb
        Size/MD5 checksum:   222326 8f7d1012c7920a818ff3387fd672582b
      http://security.debian.org/pool/updates/main/c/curl/libcurl4-openssl-dev_7.18.2-8lenny2_ia64.deb
        Size/MD5 checksum:  1019228 f1ee83304b03f4e168a3077577aee4ca
    
    mips architecture (MIPS (Big Endian))
    
      http://security.debian.org/pool/updates/main/c/curl/libcurl3-dbg_7.18.2-8lenny2_mips.deb
        Size/MD5 checksum:  1193134 69792abd2ebb8ae27741fd5380a15c7d
      http://security.debian.org/pool/updates/main/c/curl/libcurl3_7.18.2-8lenny2_mips.deb
        Size/MD5 checksum:   227940 f59a95b1a51411e2df9f7646166b8bb0
      http://security.debian.org/pool/updates/main/c/curl/libcurl3-gnutls_7.18.2-8lenny2_mips.deb
        Size/MD5 checksum:   212670 38196676b77101edb8d75e050ccdfa83
      http://security.debian.org/pool/updates/main/c/curl/libcurl4-openssl-dev_7.18.2-8lenny2_mips.deb
        Size/MD5 checksum:   950332 3d0b559a946b285580c626796bd79619
      http://security.debian.org/pool/updates/main/c/curl/curl_7.18.2-8lenny2_mips.deb
        Size/MD5 checksum:   208940 c4b370ba4637c34fb90b7241d94ad26e
      http://security.debian.org/pool/updates/main/c/curl/libcurl4-gnutls-dev_7.18.2-8lenny2_mips.deb
        Size/MD5 checksum:   929246 a3250ee1c064f637f4f8b80fe67cc126
    
    mipsel architecture (MIPS (Little Endian))
    
      http://security.debian.org/pool/updates/main/c/curl/curl_7.18.2-8lenny2_mipsel.deb
        Size/MD5 checksum:   208632 8e7b0faa4d0fcf82d4832c88040644a4
      http://security.debian.org/pool/updates/main/c/curl/libcurl3-dbg_7.18.2-8lenny2_mipsel.deb
        Size/MD5 checksum:  1169800 fec90115dd8a0a4159eb0b32f9d2f547
      http://security.debian.org/pool/updates/main/c/curl/libcurl4-openssl-dev_7.18.2-8lenny2_mipsel.deb
        Size/MD5 checksum:   949916 4c476dd885c52cc5de342bf739d84f65
      http://security.debian.org/pool/updates/main/c/curl/libcurl3-gnutls_7.18.2-8lenny2_mipsel.deb
        Size/MD5 checksum:   212332 d9cccbe468c2228b96c662fab496a06e
      http://security.debian.org/pool/updates/main/c/curl/libcurl4-gnutls-dev_7.18.2-8lenny2_mipsel.deb
        Size/MD5 checksum:   928636 b3e28a026e7deb8cce632c63b2a7a140
      http://security.debian.org/pool/updates/main/c/curl/libcurl3_7.18.2-8lenny2_mipsel.deb
        Size/MD5 checksum:   227638 75ad8b0dd97c093ff56338d856df7383
    
    powerpc architecture (PowerPC)
    
      http://security.debian.org/pool/updates/main/c/curl/libcurl4-openssl-dev_7.18.2-8lenny2_powerpc.deb
        Size/MD5 checksum:   941020 0f242ff442fea24f03c33af08d9e6c75
      http://security.debian.org/pool/updates/main/c/curl/libcurl3-dbg_7.18.2-8lenny2_powerpc.deb
        Size/MD5 checksum:  1179540 551daec15eb2ce16e000b2201dba167c
      http://security.debian.org/pool/updates/main/c/curl/curl_7.18.2-8lenny2_powerpc.deb
        Size/MD5 checksum:   212734 57c377e5cbef3618e283a1e187045598
      http://security.debian.org/pool/updates/main/c/curl/libcurl3_7.18.2-8lenny2_powerpc.deb
        Size/MD5 checksum:   238114 440e40511e414c3a0c3a4f4bfd479a41
      http://security.debian.org/pool/updates/main/c/curl/libcurl4-gnutls-dev_7.18.2-8lenny2_powerpc.deb
        Size/MD5 checksum:   922274 73c54c0b54c83950728f60d8cc1727ea
      http://security.debian.org/pool/updates/main/c/curl/libcurl3-gnutls_7.18.2-8lenny2_powerpc.deb
        Size/MD5 checksum:   222642 74220c8c71a4a5d9af54694d9777a9b0
    
    s390 architecture (IBM S/390)
    
      http://security.debian.org/pool/updates/main/c/curl/libcurl3-gnutls_7.18.2-8lenny2_s390.deb
        Size/MD5 checksum:   223330 8c5ca7bc3655a68e2fc33d11ecc06865
      http://security.debian.org/pool/updates/main/c/curl/curl_7.18.2-8lenny2_s390.deb
        Size/MD5 checksum:   209294 e28839caee56080274e61541e035af52
      http://security.debian.org/pool/updates/main/c/curl/libcurl3-dbg_7.18.2-8lenny2_s390.deb
        Size/MD5 checksum:  1190688 bd391c517d8ec4b5179f753ef73825a9
      http://security.debian.org/pool/updates/main/c/curl/libcurl4-openssl-dev_7.18.2-8lenny2_s390.deb
        Size/MD5 checksum:   931312 dc473f1db5201689c7cb15f41929f780
      http://security.debian.org/pool/updates/main/c/curl/libcurl3_7.18.2-8lenny2_s390.deb
        Size/MD5 checksum:   239904 5f08a1a17220525e249e6dec32a21bfb
      http://security.debian.org/pool/updates/main/c/curl/libcurl4-gnutls-dev_7.18.2-8lenny2_s390.deb
        Size/MD5 checksum:   912728 368e5d51de6826fce49b35e728a52dda
    
    sparc architecture (Sun SPARC/UltraSPARC)
    
      http://security.debian.org/pool/updates/main/c/curl/libcurl3-gnutls_7.18.2-8lenny2_sparc.deb
        Size/MD5 checksum:   207660 84f75b95a33d19a1027b281c136f38ca
      http://security.debian.org/pool/updates/main/c/curl/curl_7.18.2-8lenny2_sparc.deb
        Size/MD5 checksum:   208576 4ac3ac2bb012ba68a1872620cc90e3a3
      http://security.debian.org/pool/updates/main/c/curl/libcurl3-dbg_7.18.2-8lenny2_sparc.deb
        Size/MD5 checksum:  1134708 3403c94f0c0c32c1e964364337132456
      http://security.debian.org/pool/updates/main/c/curl/libcurl3_7.18.2-8lenny2_sparc.deb
        Size/MD5 checksum:   222562 990364878bde2699a2af470013f90fce
      http://security.debian.org/pool/updates/main/c/curl/libcurl4-gnutls-dev_7.18.2-8lenny2_sparc.deb
        Size/MD5 checksum:   902436 8f221c8abaab29401bd0434b9add83c8
      http://security.debian.org/pool/updates/main/c/curl/libcurl4-openssl-dev_7.18.2-8lenny2_sparc.deb
        Size/MD5 checksum:   918590 2d0b3f1dc2882cc2446ed708c2f2b55e
    
    
      These files will probably be moved into the stable distribution on
      its next update.
    
    - ---------------------------------------------------------------------------------
    For apt-get: deb http://security.debian.org/ stable/updates main
    For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
    Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it.
    Package info: `apt-cache show ' and http://packages.debian.org/
    
    You are not authorised to post comments.

    Comments powered by CComment

    LinuxSecurity Poll

    What do you think of the articles on LinuxSecurity?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 3 answer(s).
    /main-polls/24-what-do-you-think-of-the-quality-of-the-articles-on-linuxsecurity?task=poll.vote&format=json
    24
    radio
    [{"id":"87","title":"Excellent, don't change a thing!","votes":"40","type":"x","order":"1","pct":48.78,"resources":[]},{"id":"88","title":"Should be more technical","votes":"13","type":"x","order":"2","pct":15.85,"resources":[]},{"id":"89","title":"Should include more HOWTOs","votes":"29","type":"x","order":"3","pct":35.37,"resources":[]}]["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"]["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"]350
    bottom200

    Advisories

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.