Debian Package Tracker

From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
To: <debian-devel-changes@lists.debian.org>
Subject: Accepted curl 8.5.0-1 (source) into unstable
Date: Wed, 06 Dec 2023 20:37:48 +0000
Signed by: Samuel Henrique <samueloph@debian.org>
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Wed, 06 Dec 2023 20:15:49 +0000
Source: curl
Built-For-Profiles: nocheck
Architecture: source
Version: 8.5.0-1
Distribution: unstable
Urgency: medium
Maintainer: Debian Curl Maintainers <team+curl@tracker.debian.org>
Changed-By: Samuel Henrique <samueloph@debian.org>
Closes: 1057645 1057646
Changes:
 curl (8.5.0-1) unstable; urgency=medium
 .
   [ Samuel Henrique ]
   * New upstream version 8.5.0
     - Fix CVE-2023-46218: cookie mixed case PSL bypass (closes: #1057646)
     - Fix CVE-2023-46219: HSTS long file name clears contents (closes: #1057645)
   * d/rules: Use pkg-info.mk instead of dpkg-parsechangelog for DEB_VERSION
   * d/p/90_gnutls.patch: Update patch
   * d/p/dist_add_tests_errorcodes_pl_to_the_tarball.patch: Upstream patch to
     fix tests
   * d/p/add_errorcodes_upstream_file.patch: Include missing file from upstream
     tarball
 .
   [ Carlos Henrique Lima Melara ]
   * d/control: change Maintainer field to curl packaging team
   * d/README.Debian: add readme to explain curl's team creation
   * d/control: add myself to Uploaders
Checksums-Sha1:
 e1b67fd23e5700eda61722c33533dc5233cf535a 3117 curl_8.5.0-1.dsc
 d7877b39b6efda66e9ac5f9c28b8b28d8c0b7b7e 4372979 curl_8.5.0.orig.tar.gz
 288c3b1cd5819ca35f1659677bdc746c712fc4fb 488 curl_8.5.0.orig.tar.gz.asc
 0261a43bbc3d5a5ef62240ee82d17d970e89d3bf 47404 curl_8.5.0-1.debian.tar.xz
 e00343aaeb8aa96e9f600e253572cb9083a67a90 10046 curl_8.5.0-1_amd64.buildinfo
Checksums-Sha256:
 1856d6058ee4c7fbf0138ae7fdd2273ad8b59cd13e9a4a3d20c0a575e89b46e5 3117 curl_8.5.0-1.dsc
 05fc17ff25b793a437a0906e0484b82172a9f4de02be5ed447e0cab8c3475add 4372979 curl_8.5.0.orig.tar.gz
 e5c4311a86b03daea93290de17cf0e3b46e468a1d99bd5b9934d91af5409d378 488 curl_8.5.0.orig.tar.gz.asc
 f6fd9b1732ac9c10978ab3b9bcfecba4bceaee43b323c5f71332958022e698d1 47404 curl_8.5.0-1.debian.tar.xz
 201c1033bd6a4f176973d5f22dc3b7ca1402cd97e24db45e928cfbcd6855c26a 10046 curl_8.5.0-1_amd64.buildinfo
Files:
 cb8d6b61e29d711cb21d85a7629a9993 3117 web optional curl_8.5.0-1.dsc
 0bc69288b20ae165ff4b7d6d7bbe70d2 4372979 web optional curl_8.5.0.orig.tar.gz
 436599fb65f4bd57b741a7be077314eb 488 web optional curl_8.5.0.orig.tar.gz.asc
 8f7596336de1edda9190edbc03f39c2a 47404 web optional curl_8.5.0-1.debian.tar.xz
 9abfbf8bdf968408ed33e265a1af240b 10046 web optional curl_8.5.0-1_amd64.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEBdtqg34QX0sdAsVfu6n6rcz7RwcFAmVw17wACgkQu6n6rcz7
RwfYPw/7B6NpaXeIhvbgktYXX4ZDz4nrhmeAaEkjJofvzyWEinAXFc1AYkKDKl7y
N0wnanHAfwr8Nc1zJ6fpu1+1DnCq4SPlBCMjQ7LGMWYi3KT3RGUd9qlBvHsU7+GU
9hDjoI6OeS4UcgYMoOfOxY9gN68vEpxIFJwtA8crINexm4gRxJKuz/fBi0n8r0xW
Ep1EU1jz2HQkbbsO0SogRNfWl13hPr2J4MtE/0GLZUqCOBOLKDeLa27k/RLGZDx9
rv19VAjAP8fa5Yq7Tj2Df6n16ghJSL3RL6P4IxPIpAlkbnECmVPtU37rnrXuB+H0
FIDI8RBVPDT7hoyiqRGF45YwkJ6bvt99yEEZ2QNFw0PfFhr5UsjNDkAd3vp/uPCI
Smr1G5WJr17xph0JXC37cGFEX9WSDneITpcRt3SWEm0mhnPxBvwToWriNezhFSzF
n9sTOWNVIR5lX7SJXoNHZ7glTyPVPVnHldtmvznihZVkE73xR6XLRNolyrnvgBjv
W2q+gdFcxhyr9xCZSxVDWRh97mGFEhO0KBEnsRh/iz91oQLTk9KKuFdaQL7R4Y8h
UlBZCHh7dlr23cXz5ZCftcU9gQYJX/+c2z52dViu5p2UgChRudDLfoyLXqVovL9z
OyyvmTOO9kVBP2tFnsFAW4IRKPmOItnouE6KOGKwAIjReNuYRCw=
=kAlv
-----END PGP SIGNATURE-----
News for package curl
