{"update": {"autokarma": false, "autotime": false, "stable_karma": 3, "stable_days": 0, "unstable_karma": -3, "require_bugs": false, "require_testcases": false, "display_name": "", "notes": "- require credentials to match for NTLM re-use (CVE-2015-3143)\r\n- fix invalid write with a zero-length host name in URL (CVE-2015-3144)\r\n- fix invalid write in cookie path sanitization code (CVE-2015-3145)\r\n- close Negotiate connections when done (CVE-2015-3148)", "type": "security", "status": "stable", "request": null, "severity": "unspecified", "suggest": "unspecified", "locked": false, "pushed": true, "critpath": true, "critpath_groups": null, "close_bugs": true, "date_submitted": "2015-04-22 14:35:57", "date_modified": null, "date_approved": null, "date_testing": "2015-04-23 16:03:51", "date_stable": "2015-04-26 12:42:55", "alias": "FEDORA-2015-6695", "test_gating_status": null, "from_tag": null, "date_pushed": "2015-04-26 12:42:55", "meets_testing_requirements": false, "url": "https://bodhi.stg.fedoraproject.org/updates/FEDORA-2015-6695", "title": "curl-7.40.0-3.fc22", "version_hash": "c8234ce3cd6bb75330753dd8278a99755dea4cea", "release": {"name": "F22", "long_name": "Fedora 22", "version": "22", "id_prefix": "FEDORA", "branch": "f22", "dist_tag": "f22", "stable_tag": "f22-updates", "testing_tag": "f22-updates-testing", "candidate_tag": "f22-updates-candidate", "pending_signing_tag": "", "pending_testing_tag": "f22-updates-testing-pending", "pending_stable_tag": "f22-updates-pending", "override_tag": "f22-override", "mail_template": "fedora_errata_template", "state": "archived", "composed_by_bodhi": true, "create_automatic_updates": null, "package_manager": "dnf", "testing_repository": "updates-testing", "released_on": null, "eol": null, "critpath_mandatory_days_in_testing": 14, "mandatory_days_in_testing": 7, "critpath_min_karma": 2, "min_karma": 1, "setting_status": null}, "user": {"name": "kdudka", "email": "kdudka@redhat.com", "id": 576, "avatar": "https://seccdn.libravatar.org/avatar/81b8a3402cb4e17c69f622fa0a54731bb27b625f8fbd396a7583318619a15395?s=24&d=retro", "openid": "kdudka.id.stg.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "gitcgt"}, {"name": "gitcsmock"}, {"name": "gitnsspem"}, {"name": "fedorabugs"}, {"name": "aufover"}, {"name": "gitcscppc"}, {"name": "signed_fpca"}, {"name": "ipausers"}, {"name": "gitcswrap"}, {"name": "gitcodescan-diff"}, {"name": "fedora-contributor"}, {"name": "openscanhub"}]}, "comments": [{"karma": 0, "karma_critpath": 0, "text": "This update has been submitted for testing by kdudka. ", "timestamp": "2015-04-22 14:38:29", "update_id": 34059, "user_id": 91, "id": 282960, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.stg.fedoraproject.org", "groups": []}}, {"karma": 0, "karma_critpath": 0, "text": "Taskotron: depcheck test PASSED on i386. Result log:\nhttps://taskotron.fedoraproject.org/taskmaster//builders/x86_64/builds/60969/steps/runtask/logs/stdio\n(results are informative only)", "timestamp": "2015-04-22 14:53:12", "update_id": 34059, "user_id": 100, "id": 282961, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "taskotron", "email": "taskotron@fedoraproject.org", "id": 100, "avatar": "https://seccdn.libravatar.org/avatar/8cba34b3793397cca75782c70d6a4c3af6fc4c8e7d502fad36609e3b4b4670f9?s=24&d=retro", "openid": "taskotron.id.stg.fedoraproject.org", "groups": [{"name": ""}]}}, {"karma": 0, "karma_critpath": 0, "text": "Taskotron: depcheck test PASSED on x86_64. Result log:\nhttps://taskotron.fedoraproject.org/taskmaster//builders/x86_64/builds/60969/steps/runtask/logs/stdio\n(results are informative only)", "timestamp": "2015-04-22 14:54:18", "update_id": 34059, "user_id": 100, "id": 282962, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "taskotron", "email": "taskotron@fedoraproject.org", "id": 100, "avatar": "https://seccdn.libravatar.org/avatar/8cba34b3793397cca75782c70d6a4c3af6fc4c8e7d502fad36609e3b4b4670f9?s=24&d=retro", "openid": "taskotron.id.stg.fedoraproject.org", "groups": [{"name": ""}]}}, {"karma": 1, "karma_critpath": 0, "text": "", "timestamp": "2015-04-22 16:07:26", "update_id": 34059, "user_id": 1087, "id": 282963, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "potty", "email": "abdel.g.martinez.l@gmail.com", "id": 1087, "avatar": "https://seccdn.libravatar.org/avatar/26656c8fef89125da8e1668a1d887e7c80f89c94f1f07d33e07e26e6809dc65e?s=24&d=retro", "openid": "potty.id.stg.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "python-sig"}]}}, {"karma": 0, "karma_critpath": 0, "text": "Critical path update approved", "timestamp": "2015-04-22 16:07:29", "update_id": 34059, "user_id": 91, "id": 282964, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.stg.fedoraproject.org", "groups": []}}, {"karma": 0, "karma_critpath": 0, "text": "This update is currently being pushed to the Fedora 22 testing updates repository.", "timestamp": "2015-04-22 23:41:57", "update_id": 34059, "user_id": 91, "id": 282965, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.stg.fedoraproject.org", "groups": []}}, {"karma": 0, "karma_critpath": 0, "text": "This update has been pushed to testing", "timestamp": "2015-04-23 16:03:51", "update_id": 34059, "user_id": 91, "id": 282966, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.stg.fedoraproject.org", "groups": []}}, {"karma": 1, "karma_critpath": 0, "text": "Works for me", "timestamp": "2015-04-23 18:07:02", "update_id": 34059, "user_id": 308, "id": 282967, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "chr77", "email": "chr77@protonmail.com", "id": 308, "avatar": "https://seccdn.libravatar.org/avatar/c9ddae9d692ab2ea6cecd787db18332407bb29982c8a1eae39771bfb270b71fd?s=24&d=retro", "openid": "chr77.id.stg.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}]}}, {"karma": 1, "karma_critpath": 0, "text": "works for me", "timestamp": "2015-04-23 21:19:12", "update_id": 34059, "user_id": 182, "id": 282968, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "hreindl", "email": "h.reindl@thelounge.net", "id": 182, "avatar": "https://seccdn.libravatar.org/avatar/664e0d25c0404b7a153b4dbc5dc1f3d1be6a2e9fd91115fbb929fe16a55d21d7?s=24&d=retro", "openid": "hreindl.id.stg.fedoraproject.org", "groups": []}}, {"karma": 0, "karma_critpath": 0, "text": "This update has reached the stable karma threshold and will be pushed to the stable updates repository", "timestamp": "2015-04-23 21:19:19", "update_id": 34059, "user_id": 91, "id": 282969, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.stg.fedoraproject.org", "groups": []}}, {"karma": 0, "karma_critpath": 0, "text": "Taskotron: upgradepath test PASSED on noarch. Result log:\nhttps://taskotron.fedoraproject.org/taskmaster//builders/x86_64/builds/61585/steps/runtask/logs/stdio\n(results are informative only)", "timestamp": "2015-04-23 21:27:11", "update_id": 34059, "user_id": 100, "id": 282970, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "taskotron", "email": "taskotron@fedoraproject.org", "id": 100, "avatar": "https://seccdn.libravatar.org/avatar/8cba34b3793397cca75782c70d6a4c3af6fc4c8e7d502fad36609e3b4b4670f9?s=24&d=retro", "openid": "taskotron.id.stg.fedoraproject.org", "groups": [{"name": ""}]}}, {"karma": 0, "karma_critpath": 0, "text": "This update is currently being pushed to the Fedora 22 stable updates repository.", "timestamp": "2015-04-25 16:47:32", "update_id": 34059, "user_id": 91, "id": 282971, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.stg.fedoraproject.org", "groups": []}}, {"karma": 0, "karma_critpath": 0, "text": "This update is currently being pushed to the Fedora 22 stable updates repository.", "timestamp": "2015-04-25 17:45:20", "update_id": 34059, "user_id": 91, "id": 282972, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.stg.fedoraproject.org", "groups": []}}, {"karma": 0, "karma_critpath": 0, "text": "This update has been pushed to stable", "timestamp": "2015-04-26 12:42:55", "update_id": 34059, "user_id": 91, "id": 282973, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.stg.fedoraproject.org", "groups": []}}, {"karma": 0, "karma_critpath": 0, "text": "Thanks for the feedback!", "timestamp": "2015-04-26 17:09:11", "update_id": 34059, "user_id": 576, "id": 282974, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "kdudka", "email": "kdudka@redhat.com", "id": 576, "avatar": "https://seccdn.libravatar.org/avatar/81b8a3402cb4e17c69f622fa0a54731bb27b625f8fbd396a7583318619a15395?s=24&d=retro", "openid": "kdudka.id.stg.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "gitcgt"}, {"name": "gitcsmock"}, {"name": "gitnsspem"}, {"name": "fedorabugs"}, {"name": "aufover"}, {"name": "gitcscppc"}, {"name": "signed_fpca"}, {"name": "ipausers"}, {"name": "gitcswrap"}, {"name": "gitcodescan-diff"}, {"name": "fedora-contributor"}, {"name": "openscanhub"}]}}], "builds": [{"nvr": "curl-7.40.0-3.fc22", "signed": true, "release_id": null, "type": "rpm", "epoch": null}], "bugs": [{"bug_id": 1213306, "title": "CVE-2015-3143 curl: re-using authenticated connection when unauthenticated", "security": true, "parent": true, "feedback": []}, {"bug_id": 1213335, "title": "CVE-2015-3144 curl: host name out of boundary memory access", "security": true, "parent": true, "feedback": []}, {"bug_id": 1213347, "title": "CVE-2015-3145 curl: cookie parser out of boundary memory access", "security": true, "parent": true, "feedback": []}, {"bug_id": 1213351, "title": "CVE-2015-3148 curl: Negotiate not treated as connection-oriented", "security": true, "parent": true, "feedback": []}, {"bug_id": 1214181, "title": "CVE-2015-3144 curl: host name out of boundary memory access [fedora-all]", "security": true, "parent": false, "feedback": []}, {"bug_id": 1214182, "title": "CVE-2015-3145 curl: cookie parser out of boundary memory access [fedora-all]", "security": true, "parent": false, "feedback": []}, {"bug_id": 1214183, "title": "CVE-2015-3148 curl: \"Negotiate\" not treated as connection-oriented [fedora-all]", "security": true, "parent": false, "feedback": []}, {"bug_id": 1214184, "title": "CVE-2015-3143 curl: re-using authenticated connection when unauthenticated [fedora-all]", "security": true, "parent": false, "feedback": []}], "updateid": "FEDORA-2015-6695", "karma": 3, "content_type": "rpm", "test_cases": []}, "can_edit": false, "ci_allowed": false}