-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Fri, 02 Sep 2022 13:00:10 +0100 Source: curl Architecture: source Version: 7.85.0-1 Distribution: unstable Urgency: medium Maintainer: Alessandro Ghedini <ghedo@debian.org> Changed-By: Samuel Henrique <samueloph@debian.org> Closes: 1015835 1018831 Changes: curl (7.85.0-1) unstable; urgency=medium . * New upstream version 7.85.0 - Fix control code in cookie denial of service: When curl retrieves and parses cookies from an HTTP(S) server, it accepts cookies using control codes (byte values below 32). When cookies that contain such control codes are later sent back to an HTTP(S) server, it might make the server return a 400 response. Effectively allowing a "sister site" to deny service to siblings (closes: #1018831, CVE-2022-35252) - Fix FTBFS on riscv64 with gcc-12 (closes: #1015835) * Bump Standards-Version to 4.6.1 * Add lintian overrides for old-style-config-script-multiarch-path triggered for curl-config * d/patches: - 11_omit-directories-from-config.patch: Update patch - 20_ftbfs_import_sched.patch: Drop patch, applied upstream * d/rules: Fix configure args, remove bogus '--without-ssl' * d/copyright: Update the whole file * d/(control|watch): Update upstream's URL Checksums-Sha1: a6be39b8ad7a5e0c63b2331732ca8ea207c51109 2955 curl_7.85.0-1.dsc a2d00684795f12245db421385c70c61b79619ad2 4182153 curl_7.85.0.orig.tar.gz c9a5b89da1b0522d793e5fcf6aeef7e9d7afa7a6 488 curl_7.85.0.orig.tar.gz.asc 3f6d97fedff89ac1e966cf01b304b8fd8bf7a9c5 38160 curl_7.85.0-1.debian.tar.xz 46490f784794c71544d730b7a40bb207192c9405 12948 curl_7.85.0-1_amd64.buildinfo Checksums-Sha256: d0855261f69992255ecd9dd39dae1067df8625821a73589a6405f86ea77fdee7 2955 curl_7.85.0-1.dsc 78a06f918bd5fde3c4573ef4f9806f56372b32ec1829c9ec474799eeee641c27 4182153 curl_7.85.0.orig.tar.gz 6794e4b59dea9dee2c6373be4e1b1cded5c8a9aea8bbf58c3e97f3adfe8d8474 488 curl_7.85.0.orig.tar.gz.asc fed9ef7fab87ab12a8290c1a059c05cdfe6ef706d077601bbb30d5a978404be5 38160 curl_7.85.0-1.debian.tar.xz 4b465ed2201587c6de13bef4b3e3a1f250e46f912c5c70a1e97422358b700eae 12948 curl_7.85.0-1_amd64.buildinfo Files: e125c0e777fb8af1b1b84da5e71c79eb 2955 web optional curl_7.85.0-1.dsc 4e9eb4f434e9be889e510f038754d3de 4182153 web optional curl_7.85.0.orig.tar.gz b77cefcebb6a1096a9516f06860542c7 488 web optional curl_7.85.0.orig.tar.gz.asc 63f5361ddbbcaae92c1702fcb103e17a 38160 web optional curl_7.85.0-1.debian.tar.xz f702afcfb57ecfb52254170b5f7d7c6f 12948 web optional curl_7.85.0-1_amd64.buildinfo -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEBdtqg34QX0sdAsVfu6n6rcz7RwcFAmMR+AsACgkQu6n6rcz7 RwfH6g/+NA3bpb2ktD2Im5SWim5wzhPAUiaCf5LU33L9f+G6S+kB864ANput9nPn xVPX1m6biDbp6pCWn2oDpQEUi5+fDX+jEqEEmNMAgPA+o0+QKrV9TcVKJZL8HkUq vjB1+Cspa2tc3PzzmAwikvrx8qztdBYT7eQY86UnoPXFuKfZDOT737fCf7smgyaD wjQtGerygsVupKbDuQL9n7IvnEy1sFzIoAFVjniNckAz9DFMCgc0vaQHTmlgUfyb lMz3+nSZ6K89BhAkuyP3pcO5lO5/8+0mn2bhvRxkEtoPb57+Rgqdmn0nB0iejuM7 yFNbRhGz+cy4aGkvhLA9zcIKrxrIcqGQfZU1f9+gkvJ8TfPoDsNsYhnVVep3TOZ/ 3vPZy/mJ7L1fgjfZ3Rn38bZ/2bJgg03Ef73vUuNh5LS6LzLebU0pduvrBWH/ol5d pNpifCMyoULRAbSr3I1WWNBnW+XbAMrxFjZ1tD90yM5cPpk2ubyOEex5SIoMipQt dgr8c6vt9WpT9rxr8Jc+6C2jhAmko3VIa7MsOl67Laxcu6X3P8irMZ9DxOVY5sup Cs+4E2Dz64wqpbQycswyJwfW6ygViAz6IVTP3EfUDXYD2udyonYwb/sGXeeqNa2x PpZEDQen99lvvEDj+wf921UTZfuPfMIxwZSlMG4oxS36ruLzJ+8= =gH/F -----END PGP SIGNATURE-----
