-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Tue, 02 Jan 2024 20:09:13 -0300 Source: curl Architecture: source Version: 8.5.0-2~bpo12+1 Distribution: bookworm-backports Urgency: medium Maintainer: Debian Curl Maintainers <team+curl@tracker.debian.org> Changed-By: Samuel Henrique <samueloph@debian.org> Closes: 1057645 1057646 1057855 Changes: curl (8.5.0-2~bpo12+1) bookworm-backports; urgency=medium . * Rebuild for bookworm-backports. . curl (8.5.0-2) unstable; urgency=medium . * d/p/openldap_fix_an_LDAP_crash.patch: New patch to fix ldap segfault (closes: #1057855) . curl (8.5.0-1) unstable; urgency=medium . [ Samuel Henrique ] * New upstream version 8.5.0 - Fix CVE-2023-46218: cookie mixed case PSL bypass (closes: #1057646) - Fix CVE-2023-46219: HSTS long file name clears contents (closes: #1057645) * d/rules: Use pkg-info.mk instead of dpkg-parsechangelog for DEB_VERSION * d/p/90_gnutls.patch: Update patch * d/p/dist_add_tests_errorcodes_pl_to_the_tarball.patch: Upstream patch to fix tests * d/p/add_errorcodes_upstream_file.patch: Include missing file from upstream tarball . [ Carlos Henrique Lima Melara ] * d/control: change Maintainer field to curl packaging team * d/README.Debian: add readme to explain curl's team creation * d/control: add myself to Uploaders Checksums-Sha1: f4b8ae2f445842b6dfb0072c32ffd53e523d5231 3149 curl_8.5.0-2~bpo12+1.dsc d7877b39b6efda66e9ac5f9c28b8b28d8c0b7b7e 4372979 curl_8.5.0.orig.tar.gz 288c3b1cd5819ca35f1659677bdc746c712fc4fb 488 curl_8.5.0.orig.tar.gz.asc c899895a4545a6c664a32630064bbe507928b732 48032 curl_8.5.0-2~bpo12+1.debian.tar.xz d08ae85876c7e87028a41631bf6d16209859eca5 12336 curl_8.5.0-2~bpo12+1_amd64.buildinfo Checksums-Sha256: d1b6f257e34590fbd876b0b753cbe3a96bd64dc373d965193836994068e4720d 3149 curl_8.5.0-2~bpo12+1.dsc 05fc17ff25b793a437a0906e0484b82172a9f4de02be5ed447e0cab8c3475add 4372979 curl_8.5.0.orig.tar.gz e5c4311a86b03daea93290de17cf0e3b46e468a1d99bd5b9934d91af5409d378 488 curl_8.5.0.orig.tar.gz.asc d1aed2e02cd456141dd47a7efcbcd823bfd195538c9701e233f2f2805bb1abf6 48032 curl_8.5.0-2~bpo12+1.debian.tar.xz 1d8008a794df5059f426fb1906066027012f3015495943b290bf46bc7f2ab275 12336 curl_8.5.0-2~bpo12+1_amd64.buildinfo Files: fdf498009cfc7926befbb8ecc5efc529 3149 web optional curl_8.5.0-2~bpo12+1.dsc 0bc69288b20ae165ff4b7d6d7bbe70d2 4372979 web optional curl_8.5.0.orig.tar.gz 436599fb65f4bd57b741a7be077314eb 488 web optional curl_8.5.0.orig.tar.gz.asc 634b1612cda047b4792bdd1b49b03609 48032 web optional curl_8.5.0-2~bpo12+1.debian.tar.xz 633526111fb45421d055db94eac1bf58 12336 web optional curl_8.5.0-2~bpo12+1_amd64.buildinfo -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEBdtqg34QX0sdAsVfu6n6rcz7RwcFAmWUmZ8ACgkQu6n6rcz7 RweH6RAArGLoR8SFrtAMJmEFlS9Ka9jaJeUhDL4Gz0heoDTM7TCftRf5tSvr1GEF tCXcCpbmoUgWIlkCwhP6w48DHJnOBF/4vUXPmreZsmmLuPruvgYGZXKUjbXXbssG Mm7h3wWiL3vjCi3O/BNvGzm0qxmyEzlWUsgRylr5Bl6CoIt51SwbIEQ8t0qB792Z 6ZiAPPqbob0x4WbvsFPpvI8ma2mL5AD/dZrq5aCwbvI2g6746NTFU2zsFQJKGqDS ul+eN8W51kmTr6xNFsJpY0pEZqcO4sogJO1VRqXvgOBG7JI5i+dmOcCQwMMJadYb l+qb/vrALY5CYaSO44tM4iA/TYB7ifYJ1rWfC9tDbJTFd3eNJM/zkVN2Nh/bQ7P/ XFdkGdLfh7HvboCu2XP8cJNE+Aygu9yEXFllpJH92EZ6ECUPL7rSkzDV9W68uB6G BgJ/NPtUEe/rbljGzl0bFDBKjTa9jBlihp51Cy8mnMK+r5zr3Ag8YIEo7dPjJiU1 atuoemXfC0mTg5wnAuDgHkBdvUr3uoPGK1hX9cHfeB/6ZTQcAIviuXmgDlUTCJNw vrDbqX7iWUuuYLrYvzd1X+uZs0z5QyjZKzRY1pw+1wRFCpaejNfIbEe1HkPQHzPK Gs9GSgdNVwQlvvItoEX+ALqegHHEs9tjNDNCiIY/AiyYCxbqRos= =h5xY -----END PGP SIGNATURE-----