Accepted curl 8.9.1-2~bpo12+1 (source) into stable-backports

[Debian FTP Masters <ftpmaster@ftp-master.debian.org>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Sun, 25 Aug 2024 22:32:02 +0100
Source: curl
Architecture: source
Version: 8.9.1-2~bpo12+1
Distribution: bookworm-backports
Urgency: medium
Maintainer: Debian Curl Maintainers <team+curl@tracker.debian.org>
Changed-By: Samuel Henrique <samueloph@debian.org>
Closes: 1075796 1075802 1076996 1077190 1077197 1077650 1077656 1077854
Changes:
 curl (8.9.1-2~bpo12+1) bookworm-backports; urgency=medium
 .
   * Rebuild for bookworm-backports.
 .
 curl (8.9.1-2) unstable; urgency=medium
 .
   [ Steve McIntyre ]
   * Improve the patch for the gnutls build. Instead of calling quilt
     during the binary package build, use autotools to do the work we
     need when calling configure etc. Closes: #1077650
 .
   [ Carlos Henrique Lima Melara ]
   * debian/control: bump Standards-Version to 4.7.0, no changes needed.
   * debian/patches/ignore-SIGPIPE-after-init.patch: add new patch from
     upstream. (Closes: #1077854)
   * debian/tests/build-using-libcurl*: add tests to check if libcurl headers
     and pkgconf info are correct.
 .
 curl (8.9.1-1) unstable; urgency=medium
 .
   * New upstream version 8.9.1. (Closes: 1077656)
     - fix CVE-2024-7264: ASN.1 date parser overread.
   * debian/patch/build-Divide-mit-[...].patch: refresh patch.
 .
 curl (8.9.0-3) unstable; urgency=medium
 .
   * debian/control: make libcurl*-dev packages Depends on -dev packages.
     (Closes: #1077197, #1077190)
   * debian/rules: decrease tests parallelism multiplier.
 .
 curl (8.9.0-2) unstable; urgency=medium
 .
   * debian/control: make libcurl*-dev packages Recommends -dev packages.
     (Closes: #1077197, #1077190)
 .
 curl (8.9.0-1) unstable; urgency=medium
 .
   [ Samuel Henrique ]
   * debian/curl.NEWS: Update wcurl description.
 .
   [ Carlos Henrique Lima Melara ]
   * New upstream version 8.9.0. (Closes: #1076996)
     - fix CVE-2024-6197: freeing stack buffer in utf8asn1str.
     - fix CVE-2024-6874: macidn punycode buffer overread.
   * debian/copyright: drop copyright from removed file.
   * debian/patches/: drop merged patches and refresh patches against new
     upstream release.
       - docs_makefile_am_make_curl_config_1_install.patch: drop.
       - fix-x509asn1-fallback-to-dotted-OID-representation.patch: drop.
   * debian/gbp.conf: add upstream-branch definition.
 .
 curl (8.8.0-4) unstable; urgency=medium
 .
   [ Adrian Bunk ]
   * Revert "Temporarily disable build-time tests on 32-bit non-x86"
   * Don't use python3-impacket on non-Rust architectures that lack
     python-cryptography
 .
   [ Lev Lazinskiy ]
   * Use SALSA_CI_DPKG_BUILDPACKAGE_ARGS in pipeline
 .
   [ Samuel Henrique ]
   * Update wcurl to 2024.07.10
 .
 curl (8.8.0-3) unstable; urgency=medium
 .
   [ Carlos Henrique Lima Melara ]
   * d/p/fix-x509asn1-fallback-to-dotted-OID-representation.patch: add patch
     (Closes: #1075796)
   * d/p/11_omit-directories-from-config.patch: update to remove new issue
     (Closes: #1075802)
   * d/p/04_workaround_as_needed_bug.patch: drop patch, not needed anymore
 .
   [ Samuel Henrique ]
   * Update wcurl to 2024-07-07
 .
 curl (8.8.0-2) unstable; urgency=medium
 .
   * curl.NEWS: Announce switch to GnuTLS, HTTP3 support and wcurl
   * Switch curl package/binary to use gnutls, now with HTTP3 support
   * Build libcurl-gnutls with HTTP3 support (build-dep on nghttp3 and ngtcp2)
   * Build libcurl-gnutls with ca-bundle=/etc/ssl/certs/ca-certificates.crt
   * Build with websockets support
   * Ship fish completion file
   * Ship wcurl and its manpage
Checksums-Sha1:
 a6dbc1615e3ac98e47d1ac52acbf0794eee73004 3240 curl_8.9.1-2~bpo12+1.dsc
 9bcf387f274ae96ad591115d9f9f23700ec76ceb 4200000 curl_8.9.1.orig.tar.gz
 b0dca9b3ce73c7fda6087c928d63aa5be6c56111 488 curl_8.9.1.orig.tar.gz.asc
 992c8ae717ef6c245c1b69541290eadcda6db5e8 52000 curl_8.9.1-2~bpo12+1.debian.tar.xz
 da6a19561b649eb2bc974ecc044d0be17a29ecd1 12695 curl_8.9.1-2~bpo12+1_amd64.buildinfo
Checksums-Sha256:
 4120039609c1decbc0317d422e940b85a99976120dc79171175c182ee8109e99 3240 curl_8.9.1-2~bpo12+1.dsc
 291124a007ee5111997825940b3876b3048f7d31e73e9caa681b80fe48b2dcd5 4200000 curl_8.9.1.orig.tar.gz
 0bff807d70e37880e89c539439d86e1004a7f8a011b06c713de9bd64afb550e5 488 curl_8.9.1.orig.tar.gz.asc
 293a9a8c0620d7a4ac2df2a28e941e31834811231c76b469f4153e6bc46fbd2e 52000 curl_8.9.1-2~bpo12+1.debian.tar.xz
 46774054565a31cf257259bcac9e3eee641f4f80f33ccc51da191e4c361fd23f 12695 curl_8.9.1-2~bpo12+1_amd64.buildinfo
Files:
 a645c937908a72fb0f120809f7650692 3240 web optional curl_8.9.1-2~bpo12+1.dsc
 2570f590c998d65d52b93141edb521e1 4200000 web optional curl_8.9.1.orig.tar.gz
 636855a28a2f01a0ea9f2c809d3115d7 488 web optional curl_8.9.1.orig.tar.gz.asc
 df28570a22b22fa46856627807a2bb03 52000 web optional curl_8.9.1-2~bpo12+1.debian.tar.xz
 06bd79a2b791ff4e2166f7dc83ad90d3 12695 web optional curl_8.9.1-2~bpo12+1_amd64.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEBdtqg34QX0sdAsVfu6n6rcz7RwcFAmbLpJwACgkQu6n6rcz7
RwcK8w/+JBGFaiBEzDHATFZMRYDGgCgxrdkTRuDXPeQkdkLfWe3fZW92TYVMm8eU
mfDCJaV9KWE9eui4eh0FxjaVNnhgd0IG39UN+I47qYJtbstLeiGIBEKDj9AjVdEA
9uCs9um3q6c65p2OhYzkUnDhSFUu+cB4NttuLi1u1hlDCjdlS1+zAqRVjNYMMX6/
2PNFkwJIYdt1Z6cwhRMrmgco9RlClvAU3Bu6C2SXMAn5rILjOwl46mH0dExBjS2w
5QQtp65dIE8ZErt/wKxxhdUj98Ca6m/8UG4oJcF5r+m0z8o1qBsBS0ZuJZ/DjlC9
LPoTpypBZBk2ziQ3/xnEak5iIgCu5+qvspclbw5/M3qi+HSWGJampAn+oRuGX9A2
xmr9gGQjt20Kfr+DwXPAexZL5aS1Ps5iCS/C6rQt0kJVO/vHIeDQuDCl82kfZ/EG
Pq1oxvwytfaFmAxKs+y0DVvGBk3toO6x2l3iyWQy2tTqa1T3mjTJujV6JLTXJ6Hj
rXxYSgIUrb4NxyuPE5OLKRFG/e8aq4dN15knvbbaL9yu3a2mI+Jo2sRAhzgdSNN+
R0feCAaHs4m5wdCIUJYLJaCj4c5xq8CUaq2fTY66NAACCCqhcYVovPMGp5Kqt7/S
+fvG8vlV18EtOkGou5+SH8t4fudRu+tqGu5w6J0eRTCFtG2JsxE=
=Do6h
-----END PGP SIGNATURE-----

Attachment: pgpo1IWlecc2y.pgp
Description: PGP signature