-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.8 Date: Tue, 24 Jan 2012 15:14:25 +0100 Source: curl Binary: curl libcurl3 libcurl3-gnutls libcurl4-openssl-dev libcurl4-gnutls-dev libcurl3-dbg Architecture: source amd64 Version: 7.21.0-2.1+squeeze1 Distribution: stable-security Urgency: high Maintainer: Ramakrishnan Muthukrishnan <rkrishnan@debian.org> Changed-By: Alessandro Ghedini <al3xbio@gmail.com> Description: curl - Get a file from an HTTP, HTTPS or FTP server libcurl3 - Multi-protocol file transfer library (OpenSSL) libcurl3-dbg - libcurl compiled with debug symbols libcurl3-gnutls - Multi-protocol file transfer library (GnuTLS) libcurl4-gnutls-dev - Development files and documentation for libcurl (GnuTLS) libcurl4-openssl-dev - Development files and documentation for libcurl (OpenSSL) Changes: curl (7.21.0-2.1+squeeze1) stable-security; urgency=high . * Non-maintainer upload * Fix URL sanitization vulnerability as per CVE-2012-0036 http://curl.haxx.se/docs/adv_20120124.html * Fix SSL CBC IV vulnerability as per CVE-2011-3389 http://curl.haxx.se/docs/adv_20120124B.html * Set urgency=high accordingly Checksums-Sha1: 312002bbd169a326c3242008f65e76aa59ef494e 1527 curl_7.21.0-2.1+squeeze1.dsc 50bd35e75fc87c58d9630a32b0d85fbb565c6d52 95828 curl_7.21.0-2.1+squeeze1.debian.tar.gz 87f8027bf5b5e1a1d5278b0b97559ba3e5f6bd32 229070 curl_7.21.0-2.1+squeeze1_amd64.deb 2e9401a3054ad4e349619e08b66aa6369e612c22 285332 libcurl3_7.21.0-2.1+squeeze1_amd64.deb 6c1bbfe9c35f75340ab42ce33f20ec3f38a4cf80 265684 libcurl3-gnutls_7.21.0-2.1+squeeze1_amd64.deb fa0bb4fbf46ea3475812b33f4fa62bcad1790315 1097702 libcurl4-openssl-dev_7.21.0-2.1+squeeze1_amd64.deb e03587066093be9e1f6571abddc951ebf30bcbee 1074018 libcurl4-gnutls-dev_7.21.0-2.1+squeeze1_amd64.deb c119c80631787d9ad90689962fb11c1e8ffdd962 106400 libcurl3-dbg_7.21.0-2.1+squeeze1_amd64.deb Checksums-Sha256: 55de033a34e5f14240b1e8abd45cdc000e7000b8214c8c2127bdfb956f201e49 1527 curl_7.21.0-2.1+squeeze1.dsc 3d2a0601306b0e3cb435afd257b821122595845bf1686f6f9717542cb8c8d716 95828 curl_7.21.0-2.1+squeeze1.debian.tar.gz f7682faab2e36c6ff4206645fc08ece075dc76267cb9df6c13b099e242664bad 229070 curl_7.21.0-2.1+squeeze1_amd64.deb 99fed31115550702f5e8821844e8baaba298470bf7522ce5550e10162c28a219 285332 libcurl3_7.21.0-2.1+squeeze1_amd64.deb 38074559692f23fa79cced4d7fb3da7c125d3e7c67f156e243625a793de68840 265684 libcurl3-gnutls_7.21.0-2.1+squeeze1_amd64.deb a403b3966d48e4981f334e9ec3bfd326e5b044ffab235ab55195f658b8b8d396 1097702 libcurl4-openssl-dev_7.21.0-2.1+squeeze1_amd64.deb 129b7d0be17894e42bcda4dcdc9c3ed6d2184d2bc41fa021257f719eed0bddb5 1074018 libcurl4-gnutls-dev_7.21.0-2.1+squeeze1_amd64.deb 5b3b81f6526d5c8c85e43f5171cf52dd6ef36da484d449c05ab624cf084039fc 106400 libcurl3-dbg_7.21.0-2.1+squeeze1_amd64.deb Files: cb65d25acbd2f274248bc5a93480122f 1527 web optional curl_7.21.0-2.1+squeeze1.dsc f78ee4ea4783140619a7ee3d0e438ed5 95828 web optional curl_7.21.0-2.1+squeeze1.debian.tar.gz c5901ae915c67eae9d9cf3601dd76a25 229070 web optional curl_7.21.0-2.1+squeeze1_amd64.deb c73302776a9d7338e5d215d415461f7c 285332 libs optional libcurl3_7.21.0-2.1+squeeze1_amd64.deb 5c6b375504a493c28de06273e5152a15 265684 libs optional libcurl3-gnutls_7.21.0-2.1+squeeze1_amd64.deb 68c48fc55e197b60f2e7051ed9fac7f7 1097702 libdevel optional libcurl4-openssl-dev_7.21.0-2.1+squeeze1_amd64.deb 783031ce88e1c98ee14eb7a0e4311fe3 1074018 libdevel optional libcurl4-gnutls-dev_7.21.0-2.1+squeeze1_amd64.deb e030836ed6ae829fd438de4981b83e6f 106400 debug extra libcurl3-dbg_7.21.0-2.1+squeeze1_amd64.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) iEYEARECAAYFAk8lQkUACgkQXm3vHE4uyloUpwCg5h8y3/4AJfE+AvsFcLWRTcBe 3EkAoMa0RkrhR/ieHitSmPrMc4UAmnbS =E3ck -----END PGP SIGNATURE----- Accepted: curl_7.21.0-2.1+squeeze1.debian.tar.gz to main/c/curl/curl_7.21.0-2.1+squeeze1.debian.tar.gz curl_7.21.0-2.1+squeeze1.dsc to main/c/curl/curl_7.21.0-2.1+squeeze1.dsc curl_7.21.0-2.1+squeeze1_amd64.deb to main/c/curl/curl_7.21.0-2.1+squeeze1_amd64.deb libcurl3-dbg_7.21.0-2.1+squeeze1_amd64.deb to main/c/curl/libcurl3-dbg_7.21.0-2.1+squeeze1_amd64.deb libcurl3-gnutls_7.21.0-2.1+squeeze1_amd64.deb to main/c/curl/libcurl3-gnutls_7.21.0-2.1+squeeze1_amd64.deb libcurl3_7.21.0-2.1+squeeze1_amd64.deb to main/c/curl/libcurl3_7.21.0-2.1+squeeze1_amd64.deb libcurl4-gnutls-dev_7.21.0-2.1+squeeze1_amd64.deb to main/c/curl/libcurl4-gnutls-dev_7.21.0-2.1+squeeze1_amd64.deb libcurl4-openssl-dev_7.21.0-2.1+squeeze1_amd64.deb to main/c/curl/libcurl4-openssl-dev_7.21.0-2.1+squeeze1_amd64.deb