-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Tue, 14 May 2024 18:24:48 -0300 Source: curl Architecture: source Version: 8.7.1-5~bpo12+1 Distribution: bookworm-backports Urgency: high Maintainer: Debian Curl Maintainers <team+curl@tracker.debian.org> Changed-By: Guilherme Puida Moreira <guilherme@puida.xyz> Closes: 1053643 1057138 1059952 1061992 1063342 1063462 1065315 1066981 1066982 1069292 Changes: curl (8.7.1-5~bpo12+1) bookworm-backports; urgency=medium . * Team upload. * Rebuild for bookworm-backports. * Revert "Import Debian changes 8.6.0-3.1". This reverts changes related to the time_t migration. . curl (8.7.1-5) unstable; urgency=high . * d/p/content_encoding_brotli_and_others...patch: New patch to fix an encoding regression. Thank you to Jeroen Ooms and the curl developers (Daniel Stenberg and Stefan Eissing) for reporting and pointing out the fix. . curl (8.7.1-4) unstable; urgency=medium . * d/p/curl-8_7_1-h2-ngtcp2-write-error-handling.diff: New patch to address git+http2 issue. Thanks to Stefan Eissing <stefan@eissing.org> for doing the backport. . curl (8.7.1-3) unstable; urgency=medium . [ Carlos Henrique Lima Melara ] * d/p/fix-regression-in-curlinfo.patch: add patch from upstream, thanks to Antonio Terceiro for reporting it (closes: #1069292) . [ Samuel Henrique ] * d/libcurl3t64-gnutls.lintian-overrides: Drop unused override . curl (8.7.1-2) unstable; urgency=medium . [ Carlos Henrique Lima Melara ] * d/rules: fix sed substitution regex for curl-config * d/rules: make a call to dpkg-buildflags in curl-config to get CFLAGS (Closes: #1057138) * d/control: suggests dpkg-dev for -dev packages so we get dpkg goodies * d/libcurl4-doc.docs: list each markdown file to be installed * d/make-manpages-reproducible.patch: import from upstream * d/p/fix-regression-on-chunked-post.patch: add new patch from upstream . [ Sergio Durigan Junior ] * d/p/openldap-create-ldap-URLs-correctly-for-IPv6-addresses.patch: (Closes: #1053643) . [ Samuel Henrique ] * d/rules: Run tests in parallel * d/p/test1901...: New patch to confirm regression fix . curl (8.7.1-1) unstable; urgency=medium . * New upstream version 8.7.1 - Fix CVE-2024-2004: Usage of disabled protocol - Fix CVE-2024-2398: HTTP/2 push headers memory-leak * d/patches: Drop patches present on this release . curl (8.6.0-4) unstable; urgency=medium . [ Carlos Henrique Lima Melara ] * d/libcurl*.links: use substitution variables instead of executable files . [ Simon McVittie ] * d/control: Add a build-profile that disables LDAP support (closes: #1066981) * Temporarily disable LDAP support on 32-bit non-x86 (closes: #1066982) * Temporarily disable build-time tests on 32-bit non-x86 . curl (8.6.0-3.2) unstable; urgency=medium . * Non-maintainer upload. * Fix wrong X-Time64-Compat for libcurl4t64. Closes: #1065315. . curl (8.6.0-3.1) unstable; urgency=medium . * Non-maintainer upload. * Rename libraries for 64-bit time_t transition. Closes: #1061992 . curl (8.6.0-3) unstable; urgency=medium . * d/p/vtls_revert_receive_max_buffer_add_test_case.patch: New patch to fix tls regression (closes: #1063462) . curl (8.6.0-2) unstable; urgency=medium . * d/p/sendf_ignore_response_body_to_head.patch: New upstream patch to fix a compat issue (closes: #1063342) * d/control: Switch from pkg-config to pkgconf . curl (8.6.0-1) unstable; urgency=medium . [ Samuel Henrique ] * New upstream version 8.6.0 - Fix CVE-2024-0853: OCSP verification bypass with TLS session reuse * Drop upstream patches from 8.6.0 * Update approach for installing manpages * d/copyright: Update copyright . [ Carlos Henrique Lima Melara ] * d/control: exclude dependency on gnutls-bin for tests on ppc64el (Closes: #1059952) Checksums-Sha1: b998ac520d44647d0a84bf3ed1571565a6d1bc06 3396 curl_8.7.1-5~bpo12+1.dsc 9f31ec65298f70572410557758f379d478b401d4 4462311 curl_8.7.1.orig.tar.gz e94671479b7d8c0c97f31008d05f090aa4ea5cbe 488 curl_8.7.1.orig.tar.gz.asc f4bf0dc6476cb673e587d05c64b370f8414a6cd2 57268 curl_8.7.1-5~bpo12+1.debian.tar.xz f602469d99ff81690f664d3321fd6d8fdef6ed99 12367 curl_8.7.1-5~bpo12+1_amd64.buildinfo Checksums-Sha256: d4c4d199d3f3da86ac53e10e23126914265d264981da45c834e1a8ddc7630cd6 3396 curl_8.7.1-5~bpo12+1.dsc f91249c87f68ea00cf27c44fdfa5a78423e41e71b7d408e5901a9896d905c495 4462311 curl_8.7.1.orig.tar.gz f2abc438269f3fe37749941d91069f4972d339cae9b289e536257d90098dcd1f 488 curl_8.7.1.orig.tar.gz.asc bd74646412819cf288e762c997b02268c4240a86cae0d53f26ec461153bfdf97 57268 curl_8.7.1-5~bpo12+1.debian.tar.xz 8e9df9ec119b09854cff161fbd9569f843724f63c59f5d4dd2b4355906ad42f8 12367 curl_8.7.1-5~bpo12+1_amd64.buildinfo Files: 2d680d7adff9c2b1a6a4a609d0312db4 3396 web optional curl_8.7.1-5~bpo12+1.dsc 92f7a11836678b725e2cb59fef10c273 4462311 web optional curl_8.7.1.orig.tar.gz 32355348176c447a532758a472adae97 488 web optional curl_8.7.1.orig.tar.gz.asc b6d3441ab58790a90c4270df2ace90c5 57268 web optional curl_8.7.1-5~bpo12+1.debian.tar.xz 9710f405978e32d42dc53050fed5fabe 12367 web optional curl_8.7.1-5~bpo12+1_amd64.buildinfo -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEv66eMxqGenyA2Ot49OSs27jQi+AFAmZD5eIACgkQ9OSs27jQ i+BX8Q//RTG/pI7YM7TzNoT/b6EB4X/vomiDmG/zgUIhZ0dx7VjC0kAN7fA1FDh3 AJKt85gKR25teZxOiAoHYCGoJi8NtT+0zRsF4umj7gos4YO4f2OUo0pM0utlTQVt nuRu4YqtaKwf/UMsj0Tb1CqV8+bPYsRqJ3q+m0i7OYVDkN0mjRp5uZEyaj0hwKw3 NKtszCgeUcbOMI1UayqJNyoJEpB5DEddVhIr3eO+dpG84vpkUQ8DISM2royEqD2y eWgfrTGMtAkQMwrZY/i2lUuFDvfW3SN+HrT/0Zfly8t2Se8ERl1CCVP/9XvNSR4h BCuiRB/IQdZkg0+n8m10lBYNnGiBNX75ZEiQ19OrhmbVsNyeMKTzVLK9es/SfTEn Dc9SpVcU48/7Kf3/Vxi1LW/VNtJDgOP15pqCZFodE/Vkk8bLWMbRHNWmlxOdGUW6 IL4EamBouOnvl5HZM54/S64HqWARz7wMwAYN/zDUhys5KQLF3iAQ8Rh+9Y/3rMh0 Aw4JxBWHsrSNEu8sEf8oU80GqsT8oKCzOllqLHn/oIkOcda/XWntST1CIq8JN/mZ t9XDu91V/S8PnHiLTwZzsWr0lfkD2kxtYviQsthi5i3FMHYytti3RC+IdIH36ykX rPqAyF5nJFmeMeAYxuP8FKxjF+aqFAwbjabQ42A+8TSztMQ42+g= =nJUl -----END PGP SIGNATURE-----
