Debian Package Tracker

From: Alessandro Ghedini <ghedo@debian.org>
To: <debian-changes@lists.debian.org>
Subject: Accepted curl 7.52.1-5+deb9u9 (source) into proposed-updates->stable-new, proposed-updates
Date: Sat, 09 Feb 2019 21:47:09 +0000
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Mon, 04 Feb 2019 20:55:32 +0000
Source: curl
Binary: curl libcurl3 libcurl3-gnutls libcurl3-nss libcurl4-openssl-dev libcurl4-gnutls-dev libcurl4-nss-dev libcurl3-dbg libcurl4-doc
Architecture: source
Version: 7.52.1-5+deb9u9
Distribution: stretch-security
Urgency: high
Maintainer: Alessandro Ghedini <ghedo@debian.org>
Changed-By: Alessandro Ghedini <ghedo@debian.org>
Description:
 curl       - command line tool for transferring data with URL syntax
 libcurl3   - easy-to-use client-side URL transfer library (OpenSSL flavour)
 libcurl3-dbg - debugging symbols for libcurl (OpenSSL, GnuTLS and NSS flavours)
 libcurl3-gnutls - easy-to-use client-side URL transfer library (GnuTLS flavour)
 libcurl3-nss - easy-to-use client-side URL transfer library (NSS flavour)
 libcurl4-doc - documentation for libcurl
 libcurl4-gnutls-dev - development files and documentation for libcurl (GnuTLS flavour)
 libcurl4-nss-dev - development files and documentation for libcurl (NSS flavour)
 libcurl4-openssl-dev - development files and documentation for libcurl (OpenSSL flavour)
Changes:
 curl (7.52.1-5+deb9u9) stretch-security; urgency=high
 .
   * Fix NTLM type-2 out-of-bounds buffer read as per CVE-2018-16890
     https://curl.haxx.se/docs/CVE-2018-16890.html
   * Fix NTLMv2 type-3 header stack buffer overflow as per CVE-2019-3822
     https://curl.haxx.se/docs/CVE-2019-3822.html
   * Fix SMTP end-of-response out-of-bounds read as per CVE-2019-3823
     https://curl.haxx.se/docs/CVE-2019-3823.html
Checksums-Sha1:
 8216ff4d1516597458bdd92c7e18c60969eb0d09 2818 curl_7.52.1-5+deb9u9.dsc
 ffd8f53cebead95162cf6c653332ebdc433cea81 42388 curl_7.52.1-5+deb9u9.debian.tar.xz
 37478c0e24ef6402f1f31677c274b66856f1d109 11127 curl_7.52.1-5+deb9u9_amd64.buildinfo
Checksums-Sha256:
 21182689e9ce9d67fff055d61a1c425afa3b7451481bb786382a0d9f171db1d8 2818 curl_7.52.1-5+deb9u9.dsc
 5b0da2572739b3614cac1b266042e05d842aba3c3225949158ddb51e86eb31d8 42388 curl_7.52.1-5+deb9u9.debian.tar.xz
 10eace99e850cd8095ed39c1a27b78d954a4ba185ee3c630c76194bc318867d1 11127 curl_7.52.1-5+deb9u9_amd64.buildinfo
Files:
 a9eec5015145711d234609fd3fb2601f 2818 web optional curl_7.52.1-5+deb9u9.dsc
 f6b3d480de8c458d3ffca53ca006e6ad 42388 web optional curl_7.52.1-5+deb9u9.debian.tar.xz
 0f914d91880d6b68f22aca5b07670a3c 11127 web optional curl_7.52.1-5+deb9u9_amd64.buildinfo

-----BEGIN PGP SIGNATURE-----

iQJFBAEBCgAvFiEEBsId305pBx+F583DbwzL4CFiRygFAlxaE+kRHGdoZWRvQGRl
Ymlhbi5vcmcACgkQbwzL4CFiRyj7/g//R+F5PYJUqLd3oIlBaq5NqzgZwEFxKHLy
7DhSRe78JHhlK2DieYfx/6FV60YyvfnM3PzWQjHik8Dx6h+fI5LDPFfSKNT+Lhkc
EcWm4HDXNq9fpritdkU4m3jwqzIbicjqDy18u/v7SUPtZHY9gmp7SzImPGOr+kn8
v2vIMZN88tW9HcE99SfhBcqb7NWZK5j2glpE+em1tBEZ2bfEyghYclUn+5faQy+P
VazMUJfTSwX+YNRQbGGXWthhnKjOvGcuLMwe/kSRLu1dd8CPM7zO+Ov2rqVSwqXB
OtiOVhzFg3uvTzBWL13ca4q1/qSxCU1+g4fEicwHi8MvM0J0f7wKh87iup7E3WWu
18vu9V/uAZpPKvSVsC51mN0pR9bXYoZvWRDeNXq6a+za39OhGVJhbTCqRJEen4hT
KjoJ4X03Aa8BYo7zsXuz6UTJfULEQnwD9/aTOD2YZ6tH6/sna0A4FH/gO9Gbdaru
zmtWHxHNxejiAW0if44kKM1Ref6JO6O7Pj8fn7u+7VtTJr6qttSYBN1C5E3bbuid
AZylwuaiNmxrVRdTT9rdiJCtcVniFGsw5CHZNLqZDj/Bq7lpWTfFA41WZjBFnPgX
lb1OhuMP5ZULjFbt6Yj8Cri3anQ7PgrWcbop3N1CrpTyP/GzRlvr6DS4NqRxCQqR
aBERO1Ku0tE=
=SDFn
-----END PGP SIGNATURE-----
News for package curl
