Ubuntu
curl package

  1. Saucy (13.10)
  2. Bug #1258366
  3. Activity log

Activity log for bug #1258366

Date Who What changed Old value New value Message
2013-12-06 02:12:29 Pierre Carrier bug added bug
2013-12-06 08:49:53 Launchpad Janitor curl (Ubuntu): status New Confirmed
2013-12-06 09:00:26 Mechiel bug added subscriber Mechiel
2013-12-06 10:55:01 Philipp Kern bug added subscriber Goobuntu Team
2013-12-06 11:56:16 Philipp Kern tags regression-update
2013-12-06 12:33:06 Marc Deslauriers bug watch added http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=729965
2013-12-06 12:33:06 Marc Deslauriers bug task added curl (Debian)
2013-12-06 12:33:32 Marc Deslauriers nominated for series Ubuntu Lucid
2013-12-06 12:33:32 Marc Deslauriers bug task added curl (Ubuntu Lucid)
2013-12-06 12:33:32 Marc Deslauriers nominated for series Ubuntu Precise
2013-12-06 12:33:32 Marc Deslauriers bug task added curl (Ubuntu Precise)
2013-12-06 12:33:32 Marc Deslauriers nominated for series Ubuntu Quantal
2013-12-06 12:33:32 Marc Deslauriers bug task added curl (Ubuntu Quantal)
2013-12-06 12:33:32 Marc Deslauriers nominated for series Ubuntu Raring
2013-12-06 12:33:32 Marc Deslauriers bug task added curl (Ubuntu Raring)
2013-12-06 12:33:32 Marc Deslauriers nominated for series Ubuntu Saucy
2013-12-06 12:33:32 Marc Deslauriers bug task added curl (Ubuntu Saucy)
2013-12-06 12:34:34 Marc Deslauriers curl (Ubuntu Raring): status New Invalid
2013-12-06 12:34:38 Marc Deslauriers curl (Ubuntu Saucy): status New Invalid
2013-12-06 12:35:10 Marc Deslauriers curl (Ubuntu): status Confirmed Invalid
2013-12-06 12:35:15 Marc Deslauriers curl (Ubuntu Lucid): status New Confirmed
2013-12-06 12:35:19 Marc Deslauriers curl (Ubuntu Precise): status New Confirmed
2013-12-06 12:35:24 Marc Deslauriers curl (Ubuntu Quantal): status New Confirmed
2013-12-06 12:35:29 Marc Deslauriers curl (Ubuntu Lucid): assignee Marc Deslauriers (mdeslaur)
2013-12-06 12:35:32 Marc Deslauriers curl (Ubuntu Precise): assignee Marc Deslauriers (mdeslaur)
2013-12-06 12:35:33 Marc Deslauriers curl (Ubuntu Quantal): assignee Marc Deslauriers (mdeslaur)
2013-12-06 14:03:13 Bug Watch Updater curl (Debian): status Unknown Fix Released
2013-12-06 15:09:54 Launchpad Janitor curl (Ubuntu Quantal): status Confirmed Fix Released
2013-12-06 15:09:54 Launchpad Janitor cve linked 2013-4545
2013-12-06 15:15:29 Launchpad Janitor curl (Ubuntu Lucid): status Confirmed Fix Released
2013-12-06 15:15:35 Launchpad Janitor curl (Ubuntu Precise): status Confirmed Fix Released
2013-12-06 15:32:29 Launchpad Janitor branch linked lp:ubuntu/lucid-security/curl
2013-12-06 15:32:31 Launchpad Janitor branch linked lp:ubuntu/precise-security/curl
2013-12-06 15:32:32 Launchpad Janitor branch linked lp:ubuntu/quantal-security/curl
2013-12-06 16:10:37 Launchpad Janitor branch linked lp:ubuntu/lucid-updates/curl
2013-12-06 18:49:34 Pierre Carrier description The bug: $ curl -sS -v -k https://jenkins.musta.ch//job/monorail_build_flow/4940/api/json * About to connect() to jenkins.musta.ch port 443 (#0) * Trying 10.147.129.217... connected * successfully set certificate verify locations: * CAfile: none CApath: /etc/ssl/certs * SSLv3, TLS handshake, Client hello (1): * SSLv3, TLS handshake, Server hello (2): * SSLv3, TLS handshake, CERT (11): * SSLv3, TLS handshake, Server key exchange (12): * SSLv3, TLS handshake, Server finished (14): * SSLv3, TLS handshake, Client key exchange (16): * SSLv3, TLS change cipher, Client hello (1): * SSLv3, TLS handshake, Finished (20): * SSLv3, TLS change cipher, Client hello (1): * SSLv3, TLS handshake, Finished (20): * SSL connection using ECDHE-RSA-AES256-SHA * Server certificate: * subject: O=*.airbnb.com; OU=Domain Control Validated; CN=*.airbnb.com * start date: 2012-10-23 18:01:55 GMT * expire date: 2013-10-24 18:33:00 GMT * subjectAltName does not match jenkins.musta.ch * Closing connection #0 * SSLv3, TLS alert, Client hello (1): * SSL peer certificate or SSH remote key was not OK curl: (51) SSL peer certificate or SSH remote key was not OK ubuntu@i-60bcba0e:~$ curl -sS -v -k https://jenkins.musta.ch/ * About to connect() to jenkins.musta.ch port 443 (#0) * Trying 10.147.129.217... connected * successfully set certificate verify locations: * CAfile: none CApath: /etc/ssl/certs * SSLv3, TLS handshake, Client hello (1): * SSLv3, TLS handshake, Server hello (2): * SSLv3, TLS handshake, CERT (11): * SSLv3, TLS handshake, Server key exchange (12): * SSLv3, TLS handshake, Server finished (14): * SSLv3, TLS handshake, Client key exchange (16): * SSLv3, TLS change cipher, Client hello (1): * SSLv3, TLS handshake, Finished (20): * SSLv3, TLS change cipher, Client hello (1): * SSLv3, TLS handshake, Finished (20): * SSL connection using ECDHE-RSA-AES256-SHA * Server certificate: * subject: O=*.airbnb.com; OU=Domain Control Validated; CN=*.airbnb.com * start date: 2012-10-23 18:01:55 GMT * expire date: 2013-10-24 18:33:00 GMT * subjectAltName does not match jenkins.musta.ch * Closing connection #0 * SSLv3, TLS alert, Client hello (1): * SSL peer certificate or SSH remote key was not OK curl: (51) SSL peer certificate or SSH remote key was not OK The fix: --- a/src/main.c +++ b/src/main.c @@ -5375,7 +5375,7 @@ operate(struct Configurable *config, int argc, argv_item_t argv[]) if(config->insecure_ok) { /* new stuff needed for libcurl 7.10 */ my_setopt(curl, CURLOPT_SSL_VERIFYPEER, FALSE); - my_setopt(curl, CURLOPT_SSL_VERIFYHOST, 1); + my_setopt(curl, CURLOPT_SSL_VERIFYHOST, 0); } else { char *home = homedir(); The bug: ubuntu@i-60bcba0e:~$ curl -sS -v -k https://jenkins.musta.ch/ * About to connect() to jenkins.musta.ch port 443 (#0) * Trying 10.147.129.217... connected * successfully set certificate verify locations: * CAfile: none   CApath: /etc/ssl/certs * SSLv3, TLS handshake, Client hello (1): * SSLv3, TLS handshake, Server hello (2): * SSLv3, TLS handshake, CERT (11): * SSLv3, TLS handshake, Server key exchange (12): * SSLv3, TLS handshake, Server finished (14): * SSLv3, TLS handshake, Client key exchange (16): * SSLv3, TLS change cipher, Client hello (1): * SSLv3, TLS handshake, Finished (20): * SSLv3, TLS change cipher, Client hello (1): * SSLv3, TLS handshake, Finished (20): * SSL connection using ECDHE-RSA-AES256-SHA * Server certificate: * subject: O=*.airbnb.com; OU=Domain Control Validated; CN=*.airbnb.com * start date: 2012-10-23 18:01:55 GMT * expire date: 2013-10-24 18:33:00 GMT * subjectAltName does not match jenkins.musta.ch * Closing connection #0 * SSLv3, TLS alert, Client hello (1): * SSL peer certificate or SSH remote key was not OK curl: (51) SSL peer certificate or SSH remote key was not OK The fix: --- a/src/main.c +++ b/src/main.c @@ -5375,7 +5375,7 @@ operate(struct Configurable *config, int argc, argv_item_t argv[])          if(config->insecure_ok) {            /* new stuff needed for libcurl 7.10 */            my_setopt(curl, CURLOPT_SSL_VERIFYPEER, FALSE); - my_setopt(curl, CURLOPT_SSL_VERIFYHOST, 1); + my_setopt(curl, CURLOPT_SSL_VERIFYHOST, 0);          }          else {            char *home = homedir();
2013-12-07 01:46:19 gail curl (Ubuntu): status Invalid Fix Released