Accepted curl 7.83.0-1 (source) into unstable
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Thu, 28 Apr 2022 18:53:32 +0100
Source: curl
Architecture: source
Version: 7.83.0-1
Distribution: unstable
Urgency: medium
Maintainer: Alessandro Ghedini <ghedo@debian.org>
Changed-By: Samuel Henrique <samueloph@debian.org>
Closes: 1010252 1010253 1010254 1010295
Changes:
curl (7.83.0-1) unstable; urgency=medium
.
* New upstream version 7.83.0
- Fix auth/cookie leak on redirect (closes: #1010252, CVE-2022-27776)
- Fix bad local IPv6 connection reuse (closes: #1010253, CVE-2022-27775)
- Fix credential leak on redirect (closes: #1010254, CVE-2022-27774)
- Fix OAUTH2 bearer bypass in connection re-use
(closes: #1010295, CVE-2022-22576)
* d/libcurl*.symbols: update symbols files to add curl_easy_header and
curl_easy_nextheader
* d/patches:
- Refresh patches
- 12_fix_openssl_cm_check.patch: remove patch, applied upstream
Checksums-Sha1:
2e200642ccdc981b903745802a957e961ae38e62 2959 curl_7.83.0-1.dsc
fc00521a2bef4a89cf27a71223aba1cd3ec15c04 4162166 curl_7.83.0.orig.tar.gz
31301abe413107a670e36b476d6b60d7d658724f 488 curl_7.83.0.orig.tar.gz.asc
ee895b17ee7fe63696acba85e6b9f76c5e2b2494 35460 curl_7.83.0-1.debian.tar.xz
90ade519fc183cd5d65c9340ff314aa376daf418 12838 curl_7.83.0-1_amd64.buildinfo
Checksums-Sha256:
0e797893ae93c544b30b06e6b04ca7ae5bf32339e4b194906225d2bb5115fc62 2959 curl_7.83.0-1.dsc
c0e64302a33d2fb79e0fc4e674260a22941e92ee2f11b894bf94d32b8f5531af 4162166 curl_7.83.0.orig.tar.gz
f6ca16283d7713e38a4210044c9dc06ba6ac1d924a7ed4f47abcf95d626ba365 488 curl_7.83.0.orig.tar.gz.asc
beab6cdce7bc9dfe3bbc05810188abc93309b7e84eade72f54189017bc4882eb 35460 curl_7.83.0-1.debian.tar.xz
735c2e9ce588132ce8ef41ecfae549fc8140d69c763b50478a1c55f2503be759 12838 curl_7.83.0-1_amd64.buildinfo
Files:
a65e0178267fea0257bd82a6155af752 2959 web optional curl_7.83.0-1.dsc
1ca789f6ed0f023795301980f0758b39 4162166 web optional curl_7.83.0.orig.tar.gz
c3697e0cbb07ebdb68ba98b7ce5fb107 488 web optional curl_7.83.0.orig.tar.gz.asc
8c02f6e7c26c13b4052db12cd2d2d379 35460 web optional curl_7.83.0-1.debian.tar.xz
8f436f2babea299c7bfa08d43854c126 12838 web optional curl_7.83.0-1_amd64.buildinfo
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEBdtqg34QX0sdAsVfu6n6rcz7RwcFAmJq1uUACgkQu6n6rcz7
RwcHhw/+NbIxIv+VomyRSrGsVYuX92bL/lUgFk3gBv3mdNhsmPvs9t1AJ0cYspHl
YYJRBZT4c2+0cJ/CaRxohnLHC1KYxPIHc2fysbrnuMPbSbaLIybRsq342vpnVqhH
8ppyIkd87s5pT8Cd/0xWzmgAyVKZm2zqXtBFqpU/RLjov6gdZIvAUseMY4viwx3H
ibD22dAHWllFVOSd2UENEjZJWy0NCCkhR1e8ZFU7nK+4XY7uOrrF0k+tHVkdoo8p
jGViQVmpsnQdJcWJaByJCz4XAtnvZtDZNBvJIzNgY785VsK+otoM426DYLQJEqXY
j7uIqSnHGJKRut8UF/DY84CIGtcxVZ0cfxoRbSzQqOY0YQ+wdh8GT8NUjahHDg7C
pJADJfZg7RCbBTcFOxorZ88NmUlySjwX10ARQQ1yJT440FjxpsR5GwC1dqi+DjFb
9PfmIiD72hQ7yYTWHfCDBMy+rEYhpkC74MfIeAakl+PNmbEsWv5C+DzXKsUbBATr
cwyvLMsxOTz8zymGwPKpkjTlpNuHr7vHpZK7sQZd565qFC4y+hPra8G2KNlntkXr
muto4qqG3Vgg+pjxKpKvJVK/NLNRddhg/GCVlcCKpbR+KSCpyCNCham/jCabyo9z
4/upXoiB47vdLmCVDZgIRaI0XGu6KFYIwbat3D9AtTfJFrB3zbs=
=m76A
-----END PGP SIGNATURE-----
Reply to: