Accepted curl 7.42.0-1 (source amd64 all) into unstable
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Wed, 22 Apr 2015 11:07:32 +0200
Source: curl
Binary: curl libcurl3 libcurl3-gnutls libcurl3-nss libcurl4-openssl-dev libcurl4-gnutls-dev libcurl4-nss-dev libcurl3-dbg libcurl4-doc
Architecture: source amd64 all
Version: 7.42.0-1
Distribution: unstable
Urgency: medium
Maintainer: Alessandro Ghedini <ghedo@debian.org>
Changed-By: Alessandro Ghedini <ghedo@debian.org>
Description:
curl - command line tool for transferring data with URL syntax
libcurl3 - easy-to-use client-side URL transfer library (OpenSSL flavour)
libcurl3-dbg - debugging symbols for libcurl (OpenSSL, GnuTLS and NSS flavours)
libcurl3-gnutls - easy-to-use client-side URL transfer library (GnuTLS flavour)
libcurl3-nss - easy-to-use client-side URL transfer library (NSS flavour)
libcurl4-doc - documentation for libcurl
libcurl4-gnutls-dev - development files and documentation for libcurl (GnuTLS flavour)
libcurl4-nss-dev - development files and documentation for libcurl (NSS flavour)
libcurl4-openssl-dev - development files and documentation for libcurl (OpenSSL flavour)
Closes: 768562
Changes:
curl (7.42.0-1) unstable; urgency=medium
.
* New upstream release
- Fix re-using authenticated connection when unauthenticated
as per CVE-2015-3143
http://curl.haxx.se/docs/adv_20150422A.html
- Fix host name out of boundary memory access as per CVE-2015-3144
http://curl.haxx.se/docs/adv_20150422D.html
- Fix cookie parser out of boundary memory access as per CVE-2015-3145
http://curl.haxx.se/docs/adv_20150422C.html
- Fix Negotiate not treated as connection-oriented as per CVE-2015-3148
http://curl.haxx.se/docs/adv_20150422B.html
- Disable SSLv3 in the OpenSSL backend when OPENSSL_NO_SSL3_METHOD is
defined (Closes: #768562)
* Drop patches merged upstream
* Refresh patches
* Bump Standards-Version to 3.9.6 (no changes needed)
Checksums-Sha1:
4bb2b51839a7cfa34b7a3dcef03f71c37c6cdb7d 2627 curl_7.42.0-1.dsc
df8b70841d6e500617dc0434c15436f5bddb03c8 4293938 curl_7.42.0.orig.tar.gz
c2bc0ffb496ab234f9bb9661a9613dcd40095af9 25704 curl_7.42.0-1.debian.tar.xz
8fd38a1cd6be5d64ed66ece39fe689736b1bc284 205266 curl_7.42.0-1_amd64.deb
7e856c23b35e0ce19a8bf2202ce4a6ab1b3f735b 265244 libcurl3_7.42.0-1_amd64.deb
d9a2337e5f1855d9a8b3f49b11e94a64f93d5fae 262174 libcurl3-gnutls_7.42.0-1_amd64.deb
2a6d5fbea5a712bdfc8a52624c3d833e1524bef3 269002 libcurl3-nss_7.42.0-1_amd64.deb
49dcf2de2076605bff60ff8c1e660c9ff9f0dbde 344454 libcurl4-openssl-dev_7.42.0-1_amd64.deb
ce98be947fbafda984d61e877f2865d121f0cd12 340832 libcurl4-gnutls-dev_7.42.0-1_amd64.deb
1b96fb713994575cfbc9f9e949b845664947f3ad 348030 libcurl4-nss-dev_7.42.0-1_amd64.deb
36144fc1f02a001d8e16f413c302a460005655f0 3527174 libcurl3-dbg_7.42.0-1_amd64.deb
0ed80749c4984c419133174dcf966cfeed70d270 1142660 libcurl4-doc_7.42.0-1_all.deb
Checksums-Sha256:
eb0efb60d48771d5b008bff602070980a8d2ff3b06ccbedfbefd94c94616b30d 2627 curl_7.42.0-1.dsc
088f6a63289dbdcf23d692fdfaaf6262c19e373beb5237b9b9e7bcf9815a8f49 4293938 curl_7.42.0.orig.tar.gz
b99eb4e6296193c245ed308177f65547cf69e7974f91b101c5da8697acced637 25704 curl_7.42.0-1.debian.tar.xz
ae8ebfa06ed3d020d7db6df17ad45b5ebd43a5fafe5651d062a659f075393273 205266 curl_7.42.0-1_amd64.deb
729516a577605c2bac2f61178bd99a09c422157f589f0a9425e334b43f0c5a9d 265244 libcurl3_7.42.0-1_amd64.deb
f2a60a26b3fcb2cda989916aae416c0ea2eb52a21941fdbeef6aec5ae7e8531a 262174 libcurl3-gnutls_7.42.0-1_amd64.deb
3d0895be740bc624e27c6720685417951bc44a1b71138df5520406c907443f93 269002 libcurl3-nss_7.42.0-1_amd64.deb
ced4d89ccd99d4b2ef20678ce63480b98975c2b0feedbb7e0dfc3fe339cbbebe 344454 libcurl4-openssl-dev_7.42.0-1_amd64.deb
e5c253d6bc8d4f19a1dd25ae78fc86db56c137c079f4a08bfa85dd4fddecd5b0 340832 libcurl4-gnutls-dev_7.42.0-1_amd64.deb
533a6268ecbdf61de03f69236606ce2752be4aecb47e82cd779b5898352e7ee4 348030 libcurl4-nss-dev_7.42.0-1_amd64.deb
3b13528afaa7e8944acd10d0704b5f9d287a9b08b535316148501e24b25b4c01 3527174 libcurl3-dbg_7.42.0-1_amd64.deb
4e0ae745ad744dcd8ae332580bb65464602813ef58a7beade1721cb99835bc11 1142660 libcurl4-doc_7.42.0-1_all.deb
Files:
0373909b69217d861d1f7eb2cab296c7 2627 web optional curl_7.42.0-1.dsc
e941e7a1f3c06d002152bf775c678b35 4293938 web optional curl_7.42.0.orig.tar.gz
9a422d760ba680ab87f71cc68024abcf 25704 web optional curl_7.42.0-1.debian.tar.xz
900df4bd54ebff6bec663466aa915f72 205266 web optional curl_7.42.0-1_amd64.deb
d005edcb0cbf33b3e513603012d78691 265244 libs optional libcurl3_7.42.0-1_amd64.deb
5c5b6282ddf404b758e0f97615a15025 262174 libs optional libcurl3-gnutls_7.42.0-1_amd64.deb
a24d76373ac1baff3f99a919d8b4fb7d 269002 libs optional libcurl3-nss_7.42.0-1_amd64.deb
4a22f973d236199aa37a752a54807e05 344454 libdevel optional libcurl4-openssl-dev_7.42.0-1_amd64.deb
7079ca8e9e1e27d1ba657f4ce06bcf26 340832 libdevel optional libcurl4-gnutls-dev_7.42.0-1_amd64.deb
44d664bab206efc0ec5fefe78d4baa16 348030 libdevel optional libcurl4-nss-dev_7.42.0-1_amd64.deb
cdf2ee6d6a834adc906f0cc86819dce0 3527174 debug extra libcurl3-dbg_7.42.0-1_amd64.deb
1e111560f742b95f983559f0669c8282 1142660 doc optional libcurl4-doc_7.42.0-1_all.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIcBAEBCgAGBQJVN2x0AAoJEK+lG9bN5XPLRT4QAIRKoO2UaFassirX9gfX5E67
HGMPhHfNBxNQB1VG2EPj4hYoj+JL4MAu1tyEipE+yBnAIQ2jM3P3aajBahlv+smb
l0vous1B8Zp1uPvxT2J+QqtIe/NfLqaK4HLz2ANX0CwnN+r0YAAOhZX1U7XQ5MX7
Z3hMA7X8iRLVR4TYRBVuDmzRrH5iopO5fzVgVbHNLg6fa15dmg5IXIqyBblgBSwn
B2gws7fYrOi6Yrkbw5rtA21BbtQvfOl/kdc/S5jqNZL7Ted2jSUJuMSq3RH1/rs5
TdNTGhmf8oTu8zlvoZeL28N+D5dj4Y4GHehA8T6l2jvX3+eWTl1l77fgYmUtdNbq
Bnqih9WkH5VPx16UCrDgdGHhP+4nf8Z7SauDCJvxCnRKdjO3kjeOSWPig7QNqiXe
SSTBejcEKNkwKOaQER4mruA4kB6AvqPNUvh4iCxCkCjaBjDWfpaMH6gGfy0jdCdL
zLEGMhJQuT0AOsO60yxCAoqIDh2dGplj3BLQkujYNZsPPt0xr400IIpSLl0Agu2Y
sz9pbMxd/kDFwZeWu7ZzhnMSyS/Jvnt64U0pKtyzKhDTsFCqP2pgckileAOBhAjN
xx8fbHqhAakYTUqp9kewBnoVsnmA98dlSeRvz8wMhymw1P4Cb61uU0hmB8GvIIN/
gBG4rApRBO1OW/ZHYcOE
=L/Wm
-----END PGP SIGNATURE-----
Reply to: