-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Sat, 25 Mar 2023 21:41:31 +0000 Source: curl Built-For-Profiles: nocheck Architecture: source Version: 7.88.1-7~bpo11+1 Distribution: bullseye-backports Urgency: medium Maintainer: Alessandro Ghedini <ghedo@debian.org> Changed-By: Samuel Henrique <samueloph@debian.org> Closes: 726073 1032343 Changes: curl (7.88.1-7~bpo11+1) bullseye-backports; urgency=medium . * Rebuild for bullseye-backports. * Revert "d/control: Update BD to drop transitional package libidn11-dev" . curl (7.88.1-7) unstable; urgency=medium . * Bump Standards-Version to 4.6.2 * d/p/06_always-disable-valgrind.patch: Remove unused patch * d/patches: Refresh all patches * Import 5 new upstream patches fixing CVES: - CVE-2023-27533: TELNET option IAC injection - CVE-2023-27534: SFTP path ~ resolving discrepancy - CVE-2023-27535: FTP too eager connection reuse - CVE-2023-27536: GSS delegation too eager connection re-use - CVE-2023-27537: HSTS double-free - CVE-2023-27538: SSH connection too eager reuse still . curl (7.88.1-6) unstable; urgency=medium . * d/rules: Ignore test results from tests that fail on IPv6-only builders (closes: #1032343) * d/control: Don't install gnutls-bin for tests on ppc64el (tests hangs forever) . curl (7.88.1-5) unstable; urgency=medium . * Fix stringification of _DEB_HOST_ARCH macro. - d/p/Use-correct-path-when-loading-libnss-pem-ckbi-.so.patch: Use _DEB_HOST_ARCH directly. - d/rules: Quote _DEB_HOST_ARCH when passing it with -D. . curl (7.88.1-4) unstable; urgency=medium . * d/p/Use-correct-path-when-loading-libnss-pem-ckbi-.so.patch: Prepend "/nss/" before the library name. . curl (7.88.1-3) unstable; urgency=medium . * d/p/Use-correct-path-when-loading-libnss-pem-ckbi-.so.patch: Use correct paths when loading libnss{pem,ckbi}.so. (Closes: #726073) * d/rules: Pass _DEB_HOST_ARCH via C{,XX}FLAGS; reenable NSS PEM tests. * d/control: B-D on nss-plugin-pem (test only). Also, make libcurl3-nss depend on nss-plugin-pem as well. . curl (7.88.1-2) unstable; urgency=medium . * Multiple test improvements, which will increase the reliability of the package, especially when backporting fixes on stable and oldstable: - Test results are now critical to the build process, if a test fails, the build will fail. - Add two new test build-dependencies to increase coverage: locales-all and gnutls-bin. - Only run non-flaky tests. - Print logs of failed tests. - Run all tests even if there was a failure. - Ignore results of known failing tests (for Debian). - Disable valgrind through a test parameter instead of patching upstream source code. Checksums-Sha1: 96b73c7dffbb804ad9801a3de57a9344e30a873e 3136 curl_7.88.1-7~bpo11+1.dsc 6ae5229c36badb822641bb14958e7d227c57611d 4343562 curl_7.88.1.orig.tar.gz 9222035242431a3ef31d33a2ca3d881bcf4572fe 488 curl_7.88.1.orig.tar.gz.asc 9020b6a99e20a5e1d6719f2b106d81cb8147ef41 44948 curl_7.88.1-7~bpo11+1.debian.tar.xz 6936a7ed4b0d4911982a29f2b655c19c54fe8767 11380 curl_7.88.1-7~bpo11+1_amd64.buildinfo Checksums-Sha256: 52c6bab1add03f93b818efb0bcd0d1cabd4a3cb2aadac9184f8aa3dd2ccea649 3136 curl_7.88.1-7~bpo11+1.dsc cdb38b72e36bc5d33d5b8810f8018ece1baa29a8f215b4495e495ded82bbf3c7 4343562 curl_7.88.1.orig.tar.gz 7a5a55d7123149a1b357f298cf895bd0a601e3a2807005ef6c95f3752803485f 488 curl_7.88.1.orig.tar.gz.asc b90346489ae420273d79da3cadc854041daf80b0cd1b4fdc21b75f30c5081537 44948 curl_7.88.1-7~bpo11+1.debian.tar.xz 80894e3c555c36f8bbf177d7f4355cf1dd3fc77dc28f4457ebff99f020bbb3cc 11380 curl_7.88.1-7~bpo11+1_amd64.buildinfo Files: 51cd53e48fa9f62b8ceaab1911b76d30 3136 web optional curl_7.88.1-7~bpo11+1.dsc 1211d641ae670cebce361ab6a7c6acff 4343562 web optional curl_7.88.1.orig.tar.gz 08b846caa2ce56ccb4b4caa268b30dc2 488 web optional curl_7.88.1.orig.tar.gz.asc 0071988274e30922da6e63a1d036671d 44948 web optional curl_7.88.1-7~bpo11+1.debian.tar.xz 6cea6393cccccd8cb09423898500d4c9 11380 web optional curl_7.88.1-7~bpo11+1_amd64.buildinfo -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEBdtqg34QX0sdAsVfu6n6rcz7RwcFAmQfbegACgkQu6n6rcz7 RwcdnRAAwZDUoxtkS+QBFrfChZbpNSN09cZtZMCyKk/cOISNVeTYS6RqOk+ICiun 3/tHN917g9DNLKdVi9hUQCX5jE1EFGekwdxja/PAJw+s4p/xZcMk26Gw/1Xt3SRf DrKsJgi1y0ycY57DHA3yT0jHJhryqPCqaAg7SN02Y7nte6Zfn7fts1y6fYObXDrF QE0HL0DXlRsqQjoxci8NT4EyXQUt3CTcGIfyS7pojX0dKIBrJ6rkG4gTy0htvdws aZtkZAbsoXDGLhW0y0voSAnZBQ3aLSHZ/5svL0iGf2pdqBjjIjIX62jddEapvH3J +2RFO/nOcapwh9uiG6T1dwmTYGRX3KRH8R/2BOyQU1dzlQjn+OwnqivhemF/o6se j2N0G/4ZAYeMglUwHcLABfD7waMkh9k38Ba7iytUfc5M3JMSlm9d4Sq7LZIz7cfq GgyABEVPWmoIzai6sVn4wVCI33PJbdR5qtAc22sN6YnPxiDNhxmUcR3D6vPx47bm EO1X5gmJLNcBQzjlgtJj2L3mZJ1YhIKDR7f6EZpToNBbHF+6lkMaXtL7KYR5zK2W /j0QD5kkYK+1lsVzsTo6jR0pCtiRJPgX6QjKxa5OEOuKvSwSglNeXVpC46U1WxDz HLBEQ/4iaYR3ZJBrynvoQOMurhKUNjQQ6ZZTVozGn57dFe2RWik= =xwNA -----END PGP SIGNATURE-----