please merge from debian instable 8.4 to address vulnerability
Bug #2039798 reported by
madigal
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
curl (Ubuntu) |
Fix Released
|
Undecided
|
Unassigned |
Bug Description
Actually Mantic has 8.2.1 version
A huge security issue is fixed with 8.4 : https:/
changelog: https:/
Available on Debian Sid: https:/
Related branches
~danilogondolfo/ubuntu/+source/curl:merge-lp2039798-noble
Ready for review
for merging
into
ubuntu/+source/curl:debian/sid
- Sergio Durigan Junior (community): Approve
- git-ubuntu import: Pending requested
-
Diff: 254 lines (+163/-2)2 files modifieddebian/changelog (+160/-0)
debian/control (+3/-2)
CVE References
tags: | added: community-security mantic |
description: | updated |
Changed in curl (Ubuntu): | |
status: | New → Confirmed |
summary: |
- please upgrade to 8.4 to address vulnerability + please merge from debian instable 8.4 to address vulnerability |
To post a comment you must log in.
This bug was fixed in the package curl - 8.4.0-2ubuntu1
---------------
curl (8.4.0-2ubuntu1) noble; urgency=medium
* Merge from Debian unstable (LP: #2039798). Remaining changes: patches/ CVE-2023- 38039.patch patches/ CVE-2023- 38545.patch patches/ CVE-2023- 38546.patch tests/control tests/curl- ldapi-test
- debian/control: Don't build-depend on python3-impacket on i386
so we can drop it (and its dependencies) from the i386 partial port.
It's only used for the tests, which do not block the build in any case.
* Drop patches for CVEs fixed upstream:
- debian/
- debian/
- debian/
* Drop delta merged in Debian
- debian/
- debian/
-- Danilo Egea Gondolfo <email address hidden> Wed, 01 Nov 2023 12:06:23 +0000