-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Thu, 30 Nov 2017 10:16:03 +0000 Source: curl Binary: curl libcurl3 libcurl3-gnutls libcurl3-nss libcurl4-openssl-dev libcurl4-gnutls-dev libcurl4-nss-dev libcurl4-doc Architecture: source Version: 7.57.0-1 Distribution: unstable Urgency: medium Maintainer: Alessandro Ghedini <ghedo@debian.org> Changed-By: Alessandro Ghedini <ghedo@debian.org> Description: curl - command line tool for transferring data with URL syntax libcurl3 - easy-to-use client-side URL transfer library (OpenSSL flavour) libcurl3-gnutls - easy-to-use client-side URL transfer library (GnuTLS flavour) libcurl3-nss - easy-to-use client-side URL transfer library (NSS flavour) libcurl4-doc - documentation for libcurl libcurl4-gnutls-dev - development files and documentation for libcurl (GnuTLS flavour) libcurl4-nss-dev - development files and documentation for libcurl (NSS flavour) libcurl4-openssl-dev - development files and documentation for libcurl (OpenSSL flavour) Closes: 812965 861974 874223 874238 Changes: curl (7.57.0-1) unstable; urgency=medium . * New upstream release - Fix NTLM buffer overflow via integer overflow as per CVE-2017-8816 https://curl.haxx.se/docs/adv_2017-11e7.html - Fix FTP wildcard out of bounds read as per CVE-2017-8817 https://curl.haxx.se/docs/adv_2017-ae72.html - Fix SSL out of buffer access as per CVE-2017-8818 https://curl.haxx.se/docs/adv_2017-af0a.html * Remove -fdebug-prefix-map from curl-config. Thanks to Timo Weingärtner for the patch (Closes: #861974, #874223, #874238) * Don't install zsh completion when cross compiling. Thanks to Wookey for the patch (Closes: #812965) Checksums-Sha1: 801332d531ec541cca955fe59e07d774a2eef2ee 2721 curl_7.57.0-1.dsc bb961986e3e3ef4762c6368db8f6463f3068cb25 3828358 curl_7.57.0.orig.tar.gz 9a3ae64ca41a3146e85bb02e38ac4b1d8bb33353 27692 curl_7.57.0-1.debian.tar.xz f22cdd3719343317b933526525d5e526d7c3e58f 10821 curl_7.57.0-1_amd64.buildinfo Checksums-Sha256: d07a5a7401d8634f1335ae474114ee0e90f347fc83e3094e09ad6dadf025214f 2721 curl_7.57.0-1.dsc 7ce35f207562674e71dbada6891b37e3f043c1e7a82915cb9c2a17ad3a9d659b 3828358 curl_7.57.0.orig.tar.gz b4ff36450ce1fa1fbfc65202aa6cd6df1c59bf4db3d202ecefab38f0d81bd713 27692 curl_7.57.0-1.debian.tar.xz e42b0b00874d6f85d4a26b0a717ff6d16524c0157fcf98283bee48bf1351a404 10821 curl_7.57.0-1_amd64.buildinfo Files: e111b69eb8ca605b85b1a8dc0859e707 2721 web optional curl_7.57.0-1.dsc c7aab73aaf5e883ca1d7518f93649dc2 3828358 web optional curl_7.57.0.orig.tar.gz 38e5dcdf047720805a8ea5cc3506accb 27692 web optional curl_7.57.0-1.debian.tar.xz 2f701eb1f957e18ba0091ceb34f8fd71 10821 web optional curl_7.57.0-1_amd64.buildinfo -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEBsId305pBx+F583DbwzL4CFiRygFAlof7K0ACgkQbwzL4CFi RyjINw//QrR/0xV5Vj4RsH1h32TT0otmElaXyMk4Cu5flGWQSjVWuDvMlXLHTUFH cAGrOigBbFAMttxgzK/+oF6fZZ2DDXgXij/xEERsHvkAWvBLjyTqxQ79XmOFtb3X GLJq3MGabo0UXd7uxVwSLSbwNI0spsKFGDwjWhnKm5eL6E6GLlcBebNBN2rqq9eF uwkSIQuXkkxu654ccd8gLU9UTv357VMoJahJqp2PqtJrWxe7xCJ8STOym6qmwEj4 poivQzkMlGoCeu5w+kpVbvWYklaa6HgiRdJR1fheKk5eEQy9P7+a1G/W6rWuf0vB zRMazUMTCTrk+0XMLOdEdmlsO7l+ypLTDFxjwR9hicnjnP3nmG/BcV8SQvFUrgS/ LBThppKj18w/QIYCJXDN/fLDkuWmcFYyx+EL8F6D3DGutolf7unSvIwzXqa7jcy1 NI/lRZO9Xre3gR/pBHrPZUh+DThhrRlXfYzapUP8Zqq9wlw5e7OVsuEE3agOC19A OWY3ujZPiesLHEo/Jl4NMxdxTN/BYc+krNUnY3gR7PL4AGqU9wnarrQkRlDgePTz 11VSwT6Ft7uja6eA65uOlvnQrERm/JOrHzKpkBAQKS2mUJgFmW8h5DBHl0RnKMjE d3Lmc1+LJXLuVFwiYxzH7x75oU7sWkfO+hytqPfuSb2cCKxzSW8= =fBgX -----END PGP SIGNATURE-----
