-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Thu, 25 Jan 2018 22:34:49 +0000 Source: curl Binary: curl libcurl3 libcurl3-gnutls libcurl3-nss libcurl4-openssl-dev libcurl4-gnutls-dev libcurl4-nss-dev libcurl3-dbg libcurl4-doc Architecture: source amd64 all Version: 7.38.0-4+deb8u9 Distribution: jessie-security Urgency: high Maintainer: Alessandro Ghedini <ghedo@debian.org> Changed-By: Alessandro Ghedini <ghedo@debian.org> Description: curl - command line tool for transferring data with URL syntax libcurl3 - easy-to-use client-side URL transfer library (OpenSSL flavour) libcurl3-dbg - debugging symbols for libcurl (OpenSSL, GnuTLS and NSS flavours) libcurl3-gnutls - easy-to-use client-side URL transfer library (GnuTLS flavour) libcurl3-nss - easy-to-use client-side URL transfer library (NSS flavour) libcurl4-doc - documentation for libcurl libcurl4-gnutls-dev - development files and documentation for libcurl (GnuTLS flavour) libcurl4-nss-dev - development files and documentation for libcurl (NSS flavour) libcurl4-openssl-dev - development files and documentation for libcurl (OpenSSL flavour) Changes: curl (7.38.0-4+deb8u9) jessie-security; urgency=high . * Fix HTTP authentication leak in redirects as per CVE-2018-1000007 https://curl.haxx.se/docs/adv_2018-b3bf.html Checksums-Sha1: 4398428b575d39f864c95de33cf01a9d800bba1c 2669 curl_7.38.0-4+deb8u9.dsc bd427f3356f3e2d3bc96a05b83b1566ab37680b6 45284 curl_7.38.0-4+deb8u9.debian.tar.xz e1f3ad70541a90e7ea403d70b0e9b3596f5ee3d6 200742 curl_7.38.0-4+deb8u9_amd64.deb 0c8f7b08c7d3e360348363f032d999af8b4f426d 259734 libcurl3_7.38.0-4+deb8u9_amd64.deb 415648d13dca94a0ed0ed5825fd19607e9019c73 251654 libcurl3-gnutls_7.38.0-4+deb8u9_amd64.deb bc492ad2bee9696e36d48354458a35b329815ce1 263600 libcurl3-nss_7.38.0-4+deb8u9_amd64.deb da2ea10c68633897810797df8969367f1abe4c6b 337378 libcurl4-openssl-dev_7.38.0-4+deb8u9_amd64.deb d8f441c2adaa0a5e2d93c0008f982b9c31c78a84 328742 libcurl4-gnutls-dev_7.38.0-4+deb8u9_amd64.deb 1b025e9ee13d1ad4107b738a71c8cf82885737fa 341212 libcurl4-nss-dev_7.38.0-4+deb8u9_amd64.deb 30cba6fc1664454591ae05ca1bc402ad6b4266ca 3373616 libcurl3-dbg_7.38.0-4+deb8u9_amd64.deb c6346374c6600b7869a808b68663c55373c70d1f 1067016 libcurl4-doc_7.38.0-4+deb8u9_all.deb Checksums-Sha256: 3d5ec4e24e0231cebba82f605e713bf13790b49427902e4dd4f7fc8aa4130d33 2669 curl_7.38.0-4+deb8u9.dsc 60bd8df25ebcbd391b6a1de9692b262fecde1ecf598c9017d2a805b1043d12e4 45284 curl_7.38.0-4+deb8u9.debian.tar.xz 95a8f1d1d89ee111d7de78bab583d096a56a3ffea3e19f4604fca05809c97fb9 200742 curl_7.38.0-4+deb8u9_amd64.deb b5966a443226c6a03821e4371b2c59aa52a24d15a0457b5f392f3329e98ef30e 259734 libcurl3_7.38.0-4+deb8u9_amd64.deb bef3395c9bf2ddb93153bf6839372ae08b3e4f19b5e4e33c13561ae8c0d5f8de 251654 libcurl3-gnutls_7.38.0-4+deb8u9_amd64.deb 4b63c73636e7cf2b780a23c6db4658f3dcc551f958b7775f90c16e5865441a99 263600 libcurl3-nss_7.38.0-4+deb8u9_amd64.deb df24f078b93251769133487f4ddea1e1b3639ac5eafb33d41533c2c7671adf39 337378 libcurl4-openssl-dev_7.38.0-4+deb8u9_amd64.deb 76e8b0922c19e04173e946637eef27bceec4e37633a61edbec16e76a6e9666f0 328742 libcurl4-gnutls-dev_7.38.0-4+deb8u9_amd64.deb 82751ddcdae6894e2947beeb91401dc97a0748aaec71c009a3c3dc5e06988db2 341212 libcurl4-nss-dev_7.38.0-4+deb8u9_amd64.deb 0ed1865be2ff051b2f26457db0d73279471547cafe0a212254819b2c6a821dd3 3373616 libcurl3-dbg_7.38.0-4+deb8u9_amd64.deb 76ae7d3a0cdaa64474cc1c6ae909b9a5e084449e2a35dccdc17e4cbe96e211c7 1067016 libcurl4-doc_7.38.0-4+deb8u9_all.deb Files: f8a828b77a7dce3875fa45753a904fa2 2669 web optional curl_7.38.0-4+deb8u9.dsc cdd8cb2ac5ebd8e163158ed3be3019f3 45284 web optional curl_7.38.0-4+deb8u9.debian.tar.xz 8256a787c3b6873b1810e92a121e6d8f 200742 web optional curl_7.38.0-4+deb8u9_amd64.deb 550ad84e773623f17e27941201f44171 259734 libs optional libcurl3_7.38.0-4+deb8u9_amd64.deb 048af57abbeaa029b8c02d5c49fa3458 251654 libs optional libcurl3-gnutls_7.38.0-4+deb8u9_amd64.deb 101712434b20a785514a6abd4412cc9e 263600 libs optional libcurl3-nss_7.38.0-4+deb8u9_amd64.deb a462a38972e22ff200f3a32c5f478609 337378 libdevel optional libcurl4-openssl-dev_7.38.0-4+deb8u9_amd64.deb 092cd19dedd99cd5f01592a16df6a794 328742 libdevel optional libcurl4-gnutls-dev_7.38.0-4+deb8u9_amd64.deb e2564df81ab5e7661ad9f84774c32b9f 341212 libdevel optional libcurl4-nss-dev_7.38.0-4+deb8u9_amd64.deb 290e2ff3523b6f072ad3fd153dde622a 3373616 debug extra libcurl3-dbg_7.38.0-4+deb8u9_amd64.deb 1d4344daec668cb40b01016e4ed9a97d 1067016 doc optional libcurl4-doc_7.38.0-4+deb8u9_all.deb -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEBsId305pBx+F583DbwzL4CFiRygFAlpqY8wACgkQbwzL4CFi RyjhDBAAhmV1e5rL7zRmXpOwbgPOmEpySLl50m/RHv0ZPH/6sLBZwmP59aCez5GF iEf/wv1FIYFLYyA+YMjWpHRaaYQJXYoCXgNlfvViW0SMMa12DDZ63ryWbSGiM/25 TFyf996zUPmubKgdSDwhif2kFqAM6BA8gHKKD3xxf/oGmb+S2A1CyFrhWKF5Ig3n R/MczYT7F8MOjGuR660HKw2b/d93ZkuGuYUVxcm85NG/kp7by8t1W/4UDdTzzAiZ P2ZVi1+ee8uN60LUkjG8/6hZxCGVsM5TUaHXvtEUoobj+1DUwgGQ2RTtjYgRDkP0 TZygMq8sbo+07r2IX95StKXsh3/QBPYyORqshUO8PhL7JmQ4Zpdpl3/M3AKdopFq PYRBCPk+VR+b+rTejKS5U7KQKAUdm+ih+PwWrqUOi4dXRY6PtAOBzLd3ySapjiKc HyCNJA+R74we1qVGUw5FxxRU3VPPmPvaigtVuqDC6MFGJeI9bnJxQcEI7qMO5pA0 QMo7qHvEKugj4xQLLmR3lx0nmFfy8wIP+vf/p53LMlkGPBGismQvX125x117vqIl 4Dt0IGCmYxhmT6E06VljSn//Jz86+w1R+m6E4wRuzextPRB4BpXlX3f7PcL4dY/j adFlRWiIKyMIxJgWd87koDYp9rd7m6CaEvse+q9AQcmON22BPh4= =FxGN -----END PGP SIGNATURE-----