---------------------------------------------------------------------- Did you know? Our assessment and impact rating along with detailed information such as exploit code availability, or if an updated patch is released by the vendor, is not part of this mailing-list? Click here to learn more about our commercial solutions: http://secunia.com/advisories/business_solutions/ Click here to trial our solutions: http://secunia.com/advisories/try_vi/ ---------------------------------------------------------------------- TITLE: Ubuntu update for curl SECUNIA ADVISORY ID: SA34118 VERIFY ADVISORY: http://secunia.com/advisories/34118/ DESCRIPTION: Ubuntu has issued an update for curl. This fixes a vulnerability, which can be exploited by malicious people to bypass certain security restrictions. For more information: SA34138 SOLUTION: Apply updated packages. -- Ubuntu 8.10 -- Source archives: http://security.ubuntu.com/ubuntu/pool/main/c/curl/curl_7.18.2-1ubuntu4..3.diff.gz Size/MD5: 22444 f03a34d199a3dfe6862d4f93b6704e10 http://security.ubuntu.com/ubuntu/pool/main/c/curl/curl_7.18.2-1ubuntu4..3.dsc Size/MD5: 1491 906af0232a5e1c0a02e921eb508eff57 http://security.ubuntu.com/ubuntu/pool/main/c/curl/curl_7.18.2.orig.tar..gz Size/MD5: 2273077 4fe99398a64a34613c9db7bd61bf6e3c amd64 architecture (Athlon64, Opteron, EM64T Xeon): http://security.ubuntu.com/ubuntu/pool/main/c/curl/curl_7.18.2-1ubuntu4..3_amd64.deb Size/MD5: 210392 605f35f7ab21dc4ed16205f73f5ce335 http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl3-dbg_7.18.2-1ubuntu4.3_amd64.deb Size/MD5: 1124818 52b6531b8d0ba56e47844b90faaa7d88 http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl3-gnutls_7.18..2-1ubuntu4.3_amd64.deb Size/MD5: 216220 700b648d0e4b4346da9dd4ba9421962f http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl3_7.18.2-1ubuntu4.3_amd64.deb Size/MD5: 223312 58580fc77cdd1a93439ee92875aee1fc http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl4-gnutls-dev_7.18.2-1ubuntu4.3_amd64.deb Size/MD5: 926208 16822154e80a941fd4305169d7979379 http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl4-openssl-dev_7.18.2-1ubuntu4.3_amd64.deb Size/MD5: 933192 ae5cc0e338e4f2d9f43ceac6c92303f0 i386 architecture (x86 compatible Intel/AMD): http://security.ubuntu.com/ubuntu/pool/main/c/curl/curl_7.18.2-1ubuntu4..3_i386.deb Size/MD5: 209182 e34d8187746e820d6328fdc4540e7e73 http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl3-dbg_7.18.2-1ubuntu4.3_i386.deb Size/MD5: 1092044 3d9e9bf04f0dd77c09ff967ce0822011 http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl3-gnutls_7.18..2-1ubuntu4.3_i386.deb Size/MD5: 212674 bdad3624169c184cdee7153dfdc61a16 http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl3_7.18.2-1ubuntu4.3_i386.deb Size/MD5: 219586 e9b3008f8cb5047b326b4d3f1f6e0323 http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl4-gnutls-dev_7.18.2-1ubuntu4.3_i386.deb Size/MD5: 899702 6dd63d112bdc8055636b2c8edfdd24a2 http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl4-openssl-dev_7.18.2-1ubuntu4.3_i386.deb Size/MD5: 905420 ff0b8f23fd90555ffe215698ac644cdf lpia architecture (Low Power Intel Architecture): http://ports.ubuntu.com/pool/main/c/curl/curl_7.18.2-1ubuntu4.3_lpia.deb Size/MD5: 208850 1c452ad9122b12518bf1b5c8b3996c3b http://ports.ubuntu.com/pool/main/c/curl/libcurl3-dbg_7.18.2-1ubuntu4.3_lpia.deb Size/MD5: 1099132 7735bb7e7c240be1a5f9ee749a67eb6e http://ports.ubuntu.com/pool/main/c/curl/libcurl3-gnutls_7.18.2-1ubuntu4.3_lpia.deb Size/MD5: 210934 5f3eea9bf9eece8f91200332c6f41b6a http://ports.ubuntu.com/pool/main/c/curl/libcurl3_7.18.2-1ubuntu4.3_lpia.deb Size/MD5: 217456 eebef9ad6914c70cb38b0fa08875233c http://ports.ubuntu.com/pool/main/c/curl/libcurl4-gnutls-dev_7.18.2-1ubuntu4.3_lpia.deb Size/MD5: 898570 21805c5b24e9477670aad07d167d56ab http://ports.ubuntu.com/pool/main/c/curl/libcurl4-openssl-dev_7.18.2-1ubuntu4.3_lpia.deb Size/MD5: 903918 90628d272b4301c968ef5cf446c778fe powerpc architecture (Apple Macintosh G3/G4/G5): http://ports.ubuntu.com/pool/main/c/curl/curl_7.18.2-1ubuntu4.3_powerpc..deb Size/MD5: 212598 4003e25fccb2f67b75f451e60d7e9362 http://ports.ubuntu.com/pool/main/c/curl/libcurl3-dbg_7.18.2-1ubuntu4.3_powerpc.deb Size/MD5: 1130394 f755328b6c0df8b6963ea39255594cfb http://ports.ubuntu.com/pool/main/c/curl/libcurl3-gnutls_7.18.2-1ubuntu4.3_powerpc.deb Size/MD5: 223766 b72e7008472791b08bba97fc57857f1b http://ports.ubuntu.com/pool/main/c/curl/libcurl3_7.18.2-1ubuntu4.3_powerpc.deb Size/MD5: 229632 d891ef64864441ba7f2496c29b57d49a http://ports.ubuntu.com/pool/main/c/curl/libcurl4-gnutls-dev_7.18.2-1ubuntu4.3_powerpc.deb Size/MD5: 925530 35c2284ab719cb773592ea4bc8679af6 http://ports.ubuntu.com/pool/main/c/curl/libcurl4-openssl-dev_7.18.2-1ubuntu4.3_powerpc.deb Size/MD5: 931828 f29cf3a604d660801e1b011fa409af90 sparc architecture (Sun SPARC/UltraSPARC): http://ports.ubuntu.com/pool/main/c/curl/curl_7.18.2-1ubuntu4.3_sparc.deb Size/MD5: 209654 b25b0908a500fb1c6ba5e9af876249ac http://ports.ubuntu.com/pool/main/c/curl/libcurl3-dbg_7.18.2-1ubuntu4.3_sparc.deb Size/MD5: 1072608 7c3c67a9fcd09e1807a22d6ba110790e http://ports.ubuntu.com/pool/main/c/curl/libcurl3-gnutls_7.18.2-1ubuntu4.3_sparc.deb Size/MD5: 209368 cb36362b891401548905671dee5057db http://ports.ubuntu.com/pool/main/c/curl/libcurl3_7.18.2-1ubuntu4.3_sparc.deb Size/MD5: 214076 49e05a9531109bcc7cbbce75adb29681 http://ports.ubuntu.com/pool/main/c/curl/libcurl4-gnutls-dev_7.18.2-1ubuntu4.3_sparc.deb Size/MD5: 904932 56300cb1c407a1b90d23b72a22df0b56 http://ports.ubuntu.com/pool/main/c/curl/libcurl4-openssl-dev_7.18.2-1ubuntu4.3_sparc.deb Size/MD5: 909964 92dc9ddcf638da3dcac80c7f90373b10 ORIGINAL ADVISORY: USN-726-2: http://www.ubuntu.com/usn/USN-726-2 OTHER REFERENCES: SA34138: http://secunia.com/advisories/34138/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------