Debian Package Tracker

From: Alessandro Ghedini <ghedo@debian.org>
To: <debian-devel-changes@lists.debian.org>
Subject: Accepted curl 7.66.0-1 (source) into unstable
Date: Sun, 15 Sep 2019 17:19:17 +0000
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Sun, 15 Sep 2019 15:47:05 +0100
Source: curl
Architecture: source
Version: 7.66.0-1
Distribution: unstable
Urgency: medium
Maintainer: Alessandro Ghedini <ghedo@debian.org>
Changed-By: Alessandro Ghedini <ghedo@debian.org>
Closes: 940009 940010 940024 940129
Changes:
 curl (7.66.0-1) unstable; urgency=medium
 .
   * New upstream release (Closes: #940024)
     + Fix FTP-KRB double-free as per CVE-2019-5481 (Closes: #940009)
       https://curl.haxx.se/docs/CVE-2019-5481.html
     + Fix TFTP small blocksize heap buffer overflow as per CVE-2019-5482
       (Closes: #940010)
       https://curl.haxx.se/docs/CVE-2019-5482.html
   * Refresh patches
   * Enable brotli support (Closes: #940129)
   * Update *.symbols files
Checksums-Sha1:
 e3b80986cd7de7a42c9aea7ff34d0fd808fc0699 2645 curl_7.66.0-1.dsc
 bae80018d31ae3a8b56505907ab8a2c69270326e 4066716 curl_7.66.0.orig.tar.gz
 02ec2231d48c0086cbeddbb5666938c94e626352 29132 curl_7.66.0-1.debian.tar.xz
 b9dc336b01a59f064f5999cfbf33c6cc9d9145ba 10987 curl_7.66.0-1_amd64.buildinfo
Checksums-Sha256:
 ccbb6c4afc1cd645588c7df71bac4e5927d921044add1db5f44237e40c9217d2 2645 curl_7.66.0-1.dsc
 d0393da38ac74ffac67313072d7fe75b1fa1010eb5987f63f349b024a36b7ffb 4066716 curl_7.66.0.orig.tar.gz
 c2de2c6f4de94b74ae78e9d2ebff10172a2c38609389b691de3e9638c775fd8f 29132 curl_7.66.0-1.debian.tar.xz
 943903618b1615abb270805e6883f07d10da054b876d2bda51834f9e95bd6119 10987 curl_7.66.0-1_amd64.buildinfo
Files:
 412efb6b747fe0f24f8607f47323bfbb 2645 web optional curl_7.66.0-1.dsc
 8cb2898a9adc106075ac3cdc2b965bf6 4066716 web optional curl_7.66.0.orig.tar.gz
 73d45b0459a9f0924845868d7c4039e5 29132 web optional curl_7.66.0-1.debian.tar.xz
 aaa323817457ff103ab769ab488abd77 10987 web optional curl_7.66.0-1_amd64.buildinfo

-----BEGIN PGP SIGNATURE-----

iQJFBAEBCgAvFiEEBsId305pBx+F583DbwzL4CFiRygFAl1+bQgRHGdoZWRvQGRl
Ymlhbi5vcmcACgkQbwzL4CFiRyjMxA/+Kz+xHJX+mLAl3h84cv+x/w1oUDLiUIkO
xYisRein0X6S8uWudr3oUp6L5n8X/i7QR66CwrnUG7mrTQqY6nXfPqnvbGSCRQ7z
qmcDKeQXvqGaJ+BST4/iguFOae0PtBpe+N8zmzx2Nzrhwtj1iAMIrp2YkJShiLdK
azeIifKhBPFcp0inSlrtFCm6ho666swNfBeQhEqycWSnjMaovVtIl4f32PPoQEkb
OJrq0WPRBbA5Gu62T5nZXXcF/ORMkbfuJYyRzDORmATsVQKbV0wkOHP32n8xsDl7
p+SL2jaAlJ2OVvlzZ6KrPLX3s9kRgRiukVUsa6IGjAvL97OkW5S7on2PUItfSeHb
uOYWnf2q6NXzlW0qBu9V9pq4KkLb8H21WOcxIj/00TeXnX7eZJNag+zis0pncWXP
4HmMdjyZ6c1fToHojTQwBqoO8NWkPbqPGVdinXGA+bL5wFPbiAP4bJal7cFs6FRF
zG00OYvK6rZEIxDoV84qdjCD2MjlI8rPNEAf9NQWMrkutGjd6C2hSsNqgyhGxG0C
if3DmxmfqySPKcksZlQ6WuHNtPaAopg8qsTdpT+0jCi8xYRUE2oOoUXXTqta2UsZ
/QOn+fRXH1/rHUA7d5RFCHNT+oDyYDW//XOizm+c4iQcpVcV3x0t+AaSXQ9295bI
bcFm3LZCCcQ=
=XVFh
-----END PGP SIGNATURE-----
News for package curl
