Debian Package Tracker

From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
To: <debian-changes@lists.debian.org>
Subject: Accepted curl 7.64.0-4+deb10u1 (source) into proposed-updates->stable-new, proposed-updates
Date: Tue, 25 Feb 2020 19:47:08 +0000
Signed by: Alessandro Ghedini <ghedo@debian.org>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Sat, 22 Feb 2020 15:01:46 +0000
Source: curl
Architecture: source
Version: 7.64.0-4+deb10u1
Distribution: buster-security
Urgency: high
Maintainer: Alessandro Ghedini <ghedo@debian.org>
Changed-By: Alessandro Ghedini <ghedo@debian.org>
Closes: 940009 940010
Changes:
 curl (7.64.0-4+deb10u1) buster-security; urgency=high
 .
   * Fix FTP-KRB double-free as per CVE-2019-5481 (Closes: #940009)
     https://curl.haxx.se/docs/CVE-2019-5481.html
   * Fix TFTP small blocksize heap buffer overflow as per CVE-2019-5482
     (Closes: #940010)
     https://curl.haxx.se/docs/CVE-2019-5482.html
Checksums-Sha1:
 ae93980e0ea4c1b6422a4c021bb07886f97713ce 2719 curl_7.64.0-4+deb10u1.dsc
 5911d4400e988ae52368f2266a5f84378983dbde 4032645 curl_7.64.0.orig.tar.gz
 cdf07f206c76cc44371d0682cb3365eca7aaba98 34156 curl_7.64.0-4+deb10u1.debian.tar.xz
 4b7957708661403bf3f55c2386c832dc31f3755e 11485 curl_7.64.0-4+deb10u1_amd64.buildinfo
Checksums-Sha256:
 bdbc61f9785516009ae74bb3775e21bed7ab8fdd7bfef4a1a4f471d5218adf3e 2719 curl_7.64.0-4+deb10u1.dsc
 cb90d2eb74d4e358c1ed1489f8e3af96b50ea4374ad71f143fa4595e998d81b5 4032645 curl_7.64.0.orig.tar.gz
 911407ad8d73d0592db7f1a015656089563bb7dab279ec33bff855adf56bcf1b 34156 curl_7.64.0-4+deb10u1.debian.tar.xz
 e642a4a10997c3496b6a9a2df2a47511283459b416f7940e7ceba3f7323a9ed6 11485 curl_7.64.0-4+deb10u1_amd64.buildinfo
Files:
 a5844caa5a270df6c2ed34af36bf28d1 2719 web optional curl_7.64.0-4+deb10u1.dsc
 a026740d599a32bcbbe6e70679397899 4032645 web optional curl_7.64.0.orig.tar.gz
 4bccebfc1a187f1dd99b7fa62451e5a8 34156 web optional curl_7.64.0-4+deb10u1.debian.tar.xz
 de5ba4c8ded7e95cf7e45ebc01a6874a 11485 web optional curl_7.64.0-4+deb10u1_amd64.buildinfo

-----BEGIN PGP SIGNATURE-----

iQJFBAEBCgAvFiEEBsId305pBx+F583DbwzL4CFiRygFAl5RTJcRHGdoZWRvQGRl
Ymlhbi5vcmcACgkQbwzL4CFiRyibpg//T7jDvM9EFdHWfky3RYM8hiDk+E92Urpo
KMfvsfJpFJxrAXmL0fNVEW2UIrhHUcz/7As5RhGz73ebZyWz4F+d6TzQTCPEyV9z
BzpYzaE2CW2fC9Gsi4pep+Iqj9YiKY4UL50SrWT2ornyfV7I0L9U6zRal9m4rwNj
cUjYXakRAhyAWFmI39ELdO1GW01kAyN4fY2n4eCKiS3U5bT/mXNKv1c7oidtdmIQ
vMEdp5vTlz5wO1+qwTmS4UczLsQX3Mjr3tbS4ua+0mzHQgGKWIBzbvXoeN+bnSXR
JQf71nHMSGOqoYpLBH8Ybop3/9J2W+lHrpghUQ5vyHfInOJeWPNSlioGcAbGTIod
QwPkl/bigzTuKzt123EjpNYp+QQXFScWpu4fERqakhG1cB+HNl/JlZmhKGOrxpvH
VAEoqiOCXDoQjj1CFS5L5PEyNpzU1OEpBw2KzGwowqfaP1hNPnZsbMVslqIm/31B
4AKXTCBx2TaLiRWuVcfZCCWAIxUO7OA37kAW6rPmcMFr3Yq7x/nlh54f7ddlUZku
uWUzl5++aOE8XDQnSnyKuk6ndhoDbxdXSJ+xjmX7Dtxynx6fOPTT/c1HqBNpaHXt
wO9Jw/8L5+vvK+IbiZnTRxgPCU8v4R8ZYz9Ph2bF4uDgS2q6hqyBZIwtuLe4esCI
KEzkmzf1140=
=U7ES
-----END PGP SIGNATURE-----

News for package curl