DSA-1738-1

Name	DSA-1738-1
Source	Debian
Description	curl - arbitrary file access
References	CVE-2009-0037
Debian/oldstable	not vulnerable
Debian/stable	not vulnerable
Debian/testing	not known to be vulnerable
Debian/unstable	not known to be vulnerable.

Vulnerable and fixed packages

The table below lists information on source packages.

Source Package	Release	Version	Status
curl (PTS)	etch	7.15.5-1etch2	fixed
	etch (security)	7.15.5-1etch3	fixed
	lenny, lenny (security)	7.18.2-8lenny3	fixed

The next table lists affected binary packages.

Binary Package	Release	Version	Status	Architecures
curl, libcurl3, libcurl3-dbg, libcurl3-gnutls, libcurl3-gnutls-dev, libcurl3-openssl-dev	etch	7.15.5-1etch2	fixed	alpha, amd64, arm, hppa, i386, ia64, mips, mipsel, powerpc, s390, sparc
	etch (security)	7.15.5-1etch3	fixed	alpha, amd64, arm, hppa, i386, ia64, mips, mipsel, powerpc, s390, sparc
curl, libcurl3, libcurl3-dbg, libcurl3-gnutls, libcurl4-gnutls-dev, libcurl4-openssl-dev	lenny, lenny (security)	7.18.2-8lenny3	fixed	alpha, amd64, arm, armel, hppa, i386, ia64, mips, mipsel, powerpc, s390, sparc
libcurl3-dev	etch	7.15.5-1etch2	fixed	all
	etch (security)	7.15.5-1etch3	fixed	all

The information above is based on the following data on fixed versions.

Package	Type	Release	Fixed Version	Urgency	Origin	Debian Bugs
curl	source	etch	7.15.5-1etch2	unknown
curl	source	lenny	7.18.2-8lenny2	unknown

Home - Testing Security Team - Debian Security - Imprint