-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Wed, 22 Apr 2015 11:07:32 +0200 Source: curl Binary: curl libcurl3 libcurl3-gnutls libcurl3-nss libcurl4-openssl-dev libcurl4-gnutls-dev libcurl4-nss-dev libcurl3-dbg libcurl4-doc Architecture: source amd64 all Version: 7.42.0-1 Distribution: unstable Urgency: medium Maintainer: Alessandro Ghedini <ghedo@debian.org> Changed-By: Alessandro Ghedini <ghedo@debian.org> Description: curl - command line tool for transferring data with URL syntax libcurl3 - easy-to-use client-side URL transfer library (OpenSSL flavour) libcurl3-dbg - debugging symbols for libcurl (OpenSSL, GnuTLS and NSS flavours) libcurl3-gnutls - easy-to-use client-side URL transfer library (GnuTLS flavour) libcurl3-nss - easy-to-use client-side URL transfer library (NSS flavour) libcurl4-doc - documentation for libcurl libcurl4-gnutls-dev - development files and documentation for libcurl (GnuTLS flavour) libcurl4-nss-dev - development files and documentation for libcurl (NSS flavour) libcurl4-openssl-dev - development files and documentation for libcurl (OpenSSL flavour) Closes: 768562 Changes: curl (7.42.0-1) unstable; urgency=medium . * New upstream release - Fix re-using authenticated connection when unauthenticated as per CVE-2015-3143 http://curl.haxx.se/docs/adv_20150422A.html - Fix host name out of boundary memory access as per CVE-2015-3144 http://curl.haxx.se/docs/adv_20150422D.html - Fix cookie parser out of boundary memory access as per CVE-2015-3145 http://curl.haxx.se/docs/adv_20150422C.html - Fix Negotiate not treated as connection-oriented as per CVE-2015-3148 http://curl.haxx.se/docs/adv_20150422B.html - Disable SSLv3 in the OpenSSL backend when OPENSSL_NO_SSL3_METHOD is defined (Closes: #768562) * Drop patches merged upstream * Refresh patches * Bump Standards-Version to 3.9.6 (no changes needed) Checksums-Sha1: 4bb2b51839a7cfa34b7a3dcef03f71c37c6cdb7d 2627 curl_7.42.0-1.dsc df8b70841d6e500617dc0434c15436f5bddb03c8 4293938 curl_7.42.0.orig.tar.gz c2bc0ffb496ab234f9bb9661a9613dcd40095af9 25704 curl_7.42.0-1.debian.tar.xz 8fd38a1cd6be5d64ed66ece39fe689736b1bc284 205266 curl_7.42.0-1_amd64.deb 7e856c23b35e0ce19a8bf2202ce4a6ab1b3f735b 265244 libcurl3_7.42.0-1_amd64.deb d9a2337e5f1855d9a8b3f49b11e94a64f93d5fae 262174 libcurl3-gnutls_7.42.0-1_amd64.deb 2a6d5fbea5a712bdfc8a52624c3d833e1524bef3 269002 libcurl3-nss_7.42.0-1_amd64.deb 49dcf2de2076605bff60ff8c1e660c9ff9f0dbde 344454 libcurl4-openssl-dev_7.42.0-1_amd64.deb ce98be947fbafda984d61e877f2865d121f0cd12 340832 libcurl4-gnutls-dev_7.42.0-1_amd64.deb 1b96fb713994575cfbc9f9e949b845664947f3ad 348030 libcurl4-nss-dev_7.42.0-1_amd64.deb 36144fc1f02a001d8e16f413c302a460005655f0 3527174 libcurl3-dbg_7.42.0-1_amd64.deb 0ed80749c4984c419133174dcf966cfeed70d270 1142660 libcurl4-doc_7.42.0-1_all.deb Checksums-Sha256: eb0efb60d48771d5b008bff602070980a8d2ff3b06ccbedfbefd94c94616b30d 2627 curl_7.42.0-1.dsc 088f6a63289dbdcf23d692fdfaaf6262c19e373beb5237b9b9e7bcf9815a8f49 4293938 curl_7.42.0.orig.tar.gz b99eb4e6296193c245ed308177f65547cf69e7974f91b101c5da8697acced637 25704 curl_7.42.0-1.debian.tar.xz ae8ebfa06ed3d020d7db6df17ad45b5ebd43a5fafe5651d062a659f075393273 205266 curl_7.42.0-1_amd64.deb 729516a577605c2bac2f61178bd99a09c422157f589f0a9425e334b43f0c5a9d 265244 libcurl3_7.42.0-1_amd64.deb f2a60a26b3fcb2cda989916aae416c0ea2eb52a21941fdbeef6aec5ae7e8531a 262174 libcurl3-gnutls_7.42.0-1_amd64.deb 3d0895be740bc624e27c6720685417951bc44a1b71138df5520406c907443f93 269002 libcurl3-nss_7.42.0-1_amd64.deb ced4d89ccd99d4b2ef20678ce63480b98975c2b0feedbb7e0dfc3fe339cbbebe 344454 libcurl4-openssl-dev_7.42.0-1_amd64.deb e5c253d6bc8d4f19a1dd25ae78fc86db56c137c079f4a08bfa85dd4fddecd5b0 340832 libcurl4-gnutls-dev_7.42.0-1_amd64.deb 533a6268ecbdf61de03f69236606ce2752be4aecb47e82cd779b5898352e7ee4 348030 libcurl4-nss-dev_7.42.0-1_amd64.deb 3b13528afaa7e8944acd10d0704b5f9d287a9b08b535316148501e24b25b4c01 3527174 libcurl3-dbg_7.42.0-1_amd64.deb 4e0ae745ad744dcd8ae332580bb65464602813ef58a7beade1721cb99835bc11 1142660 libcurl4-doc_7.42.0-1_all.deb Files: 0373909b69217d861d1f7eb2cab296c7 2627 web optional curl_7.42.0-1.dsc e941e7a1f3c06d002152bf775c678b35 4293938 web optional curl_7.42.0.orig.tar.gz 9a422d760ba680ab87f71cc68024abcf 25704 web optional curl_7.42.0-1.debian.tar.xz 900df4bd54ebff6bec663466aa915f72 205266 web optional curl_7.42.0-1_amd64.deb d005edcb0cbf33b3e513603012d78691 265244 libs optional libcurl3_7.42.0-1_amd64.deb 5c5b6282ddf404b758e0f97615a15025 262174 libs optional libcurl3-gnutls_7.42.0-1_amd64.deb a24d76373ac1baff3f99a919d8b4fb7d 269002 libs optional libcurl3-nss_7.42.0-1_amd64.deb 4a22f973d236199aa37a752a54807e05 344454 libdevel optional libcurl4-openssl-dev_7.42.0-1_amd64.deb 7079ca8e9e1e27d1ba657f4ce06bcf26 340832 libdevel optional libcurl4-gnutls-dev_7.42.0-1_amd64.deb 44d664bab206efc0ec5fefe78d4baa16 348030 libdevel optional libcurl4-nss-dev_7.42.0-1_amd64.deb cdf2ee6d6a834adc906f0cc86819dce0 3527174 debug extra libcurl3-dbg_7.42.0-1_amd64.deb 1e111560f742b95f983559f0669c8282 1142660 doc optional libcurl4-doc_7.42.0-1_all.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBCgAGBQJVN2x0AAoJEK+lG9bN5XPLRT4QAIRKoO2UaFassirX9gfX5E67 HGMPhHfNBxNQB1VG2EPj4hYoj+JL4MAu1tyEipE+yBnAIQ2jM3P3aajBahlv+smb l0vous1B8Zp1uPvxT2J+QqtIe/NfLqaK4HLz2ANX0CwnN+r0YAAOhZX1U7XQ5MX7 Z3hMA7X8iRLVR4TYRBVuDmzRrH5iopO5fzVgVbHNLg6fa15dmg5IXIqyBblgBSwn B2gws7fYrOi6Yrkbw5rtA21BbtQvfOl/kdc/S5jqNZL7Ted2jSUJuMSq3RH1/rs5 TdNTGhmf8oTu8zlvoZeL28N+D5dj4Y4GHehA8T6l2jvX3+eWTl1l77fgYmUtdNbq Bnqih9WkH5VPx16UCrDgdGHhP+4nf8Z7SauDCJvxCnRKdjO3kjeOSWPig7QNqiXe SSTBejcEKNkwKOaQER4mruA4kB6AvqPNUvh4iCxCkCjaBjDWfpaMH6gGfy0jdCdL zLEGMhJQuT0AOsO60yxCAoqIDh2dGplj3BLQkujYNZsPPt0xr400IIpSLl0Agu2Y sz9pbMxd/kDFwZeWu7ZzhnMSyS/Jvnt64U0pKtyzKhDTsFCqP2pgckileAOBhAjN xx8fbHqhAakYTUqp9kewBnoVsnmA98dlSeRvz8wMhymw1P4Cb61uU0hmB8GvIIN/ gBG4rApRBO1OW/ZHYcOE =L/Wm -----END PGP SIGNATURE-----
