Back to curl PTS page

Accepted curl 7.52.1-5+deb9u1 (source amd64 all) into proposed-updates->stable-new, proposed-updates

To: debian-changes@lists.debian.org
Subject: Accepted curl 7.52.1-5+deb9u1 (source amd64 all) into proposed-updates->stable-new, proposed-updates
From: Alessandro Ghedini <ghedo@debian.org>
Date: Sat, 07 Oct 2017 11:47:30 +0000
Mail-followup-to: debian-devel@lists.debian.org
Message-id: <E1e0nZq-0004cy-NU@fasolo.debian.org>
Reply-to: debian-devel@lists.debian.org
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Sun, 01 Oct 2017 12:07:01 +0100
Source: curl
Binary: curl libcurl3 libcurl3-gnutls libcurl3-nss libcurl4-openssl-dev libcurl4-gnutls-dev libcurl4-nss-dev libcurl3-dbg libcurl4-doc
Architecture: source amd64 all
Version: 7.52.1-5+deb9u1
Distribution: stretch-security
Urgency: medium
Maintainer: Alessandro Ghedini <ghedo@debian.org>
Changed-By: Alessandro Ghedini <ghedo@debian.org>
Description:
 curl       - command line tool for transferring data with URL syntax
 libcurl3   - easy-to-use client-side URL transfer library (OpenSSL flavour)
 libcurl3-dbg - debugging symbols for libcurl (OpenSSL, GnuTLS and NSS flavours)
 libcurl3-gnutls - easy-to-use client-side URL transfer library (GnuTLS flavour)
 libcurl3-nss - easy-to-use client-side URL transfer library (NSS flavour)
 libcurl4-doc - documentation for libcurl
 libcurl4-gnutls-dev - development files and documentation for libcurl (GnuTLS flavour)
 libcurl4-nss-dev - development files and documentation for libcurl (NSS flavour)
 libcurl4-openssl-dev - development files and documentation for libcurl (OpenSSL flavour)
Changes:
 curl (7.52.1-5+deb9u1) stretch-security; urgency=medium
 .
   * Fix TFTP sends more than buffer size as per CVE-2017-1000100
     https://curl.haxx.se/docs/adv_20170809B.html
   * Fix URL globbing out of bounds read as per CVE-2017-1000101
     https://curl.haxx.se/docs/adv_20170809A.html
   * Fix FTP PWD response parser out of bounds read as per CVE-2017-1000254
     https://curl.haxx.se/docs/adv_20171004.html
Checksums-Sha1:
 abafe6d62058e5de0280e0ee7efcb1a9270f6e8d 2793 curl_7.52.1-5+deb9u1.dsc
 73097952ada80fbaff924c706ba57d1f77c38d00 3504621 curl_7.52.1.orig.tar.gz
 7d9b9a6c286a37c0602155c229401d16a44fc23b 34788 curl_7.52.1-5+deb9u1.debian.tar.xz
 0570740376dabff270a8bca362da1584ec30c979 131978 curl-dbgsym_7.52.1-5+deb9u1_amd64.deb
 900b6def60aad7748011814557f56ff4fe9c44ed 10596 curl_7.52.1-5+deb9u1_amd64.buildinfo
 58f873d5bc921dc3f90dfe7a48bf39dbcb6456be 227026 curl_7.52.1-5+deb9u1_amd64.deb
 23fe5b74305d19218b0579b649a6d88568eedda4 5000268 libcurl3-dbg_7.52.1-5+deb9u1_amd64.deb
 b391183707369fadfeb1b3ca9dc173ac8c47cc7f 289198 libcurl3-gnutls_7.52.1-5+deb9u1_amd64.deb
 fb3df743b5a3fcba48d00756a5ede435ecba00dd 294460 libcurl3-nss_7.52.1-5+deb9u1_amd64.deb
 1a48f0d28d49ec349d8e473de797ea330b083270 290822 libcurl3_7.52.1-5+deb9u1_amd64.deb
 33ad2fc5ac7bd8fe5b4fd21b6d4189104dd20194 827434 libcurl4-doc_7.52.1-5+deb9u1_all.deb
 1bc061f12306f95377da325a947feee8776dee92 371644 libcurl4-gnutls-dev_7.52.1-5+deb9u1_amd64.deb
 07366d5b86992a609d4d916d95836c3d5715f028 377454 libcurl4-nss-dev_7.52.1-5+deb9u1_amd64.deb
 6c22a61823632f8a9068ed1a48eac60ffd593fb6 373528 libcurl4-openssl-dev_7.52.1-5+deb9u1_amd64.deb
Checksums-Sha256:
 63aa20ac041dc912d2c4d879f1dcedb703e84c77bb0997b68f1ae7f34234e31d 2793 curl_7.52.1-5+deb9u1.dsc
 a8984e8b20880b621f61a62d95ff3c0763a3152093a9f9ce4287cfd614add6ae 3504621 curl_7.52.1.orig.tar.gz
 c7ba15d40903398131ad1fdc84188bf3fabe7c9e150cfbd286b54295b6331eb9 34788 curl_7.52.1-5+deb9u1.debian.tar.xz
 6ec2fa808968ebb7cb83374c4a62ffbbc6036d6e8404565ac6b6bab3c6baae0b 131978 curl-dbgsym_7.52.1-5+deb9u1_amd64.deb
 744eada3b452b5ad033c0194bdfb67843818004d1ac8f8a52410191005b73bd0 10596 curl_7.52.1-5+deb9u1_amd64.buildinfo
 130546aec7f2938205f0a5cdd7ac2f8a88f5f8b83816531cd4ddb7ec841db0fb 227026 curl_7.52.1-5+deb9u1_amd64.deb
 94240dceff9fce204ae610603250aa3b5f417023c2002ec63912cbbf4e6f622f 5000268 libcurl3-dbg_7.52.1-5+deb9u1_amd64.deb
 a92699f3e3a992c805788787a8381b67a488e64ae8f235794bbcc78dbde42229 289198 libcurl3-gnutls_7.52.1-5+deb9u1_amd64.deb
 0f58deb4ac714953b209701d3c0fb14dd6346765b2fed2e01f733d0bb50f28bb 294460 libcurl3-nss_7.52.1-5+deb9u1_amd64.deb
 63045678a558af41235b258bb3f5daa0a9b38b14f9c0ca263ef619a419390e48 290822 libcurl3_7.52.1-5+deb9u1_amd64.deb
 f1a6d2d67a54bcf657c4acc556b7963970dead8e18e4814ac298425ef7db6c44 827434 libcurl4-doc_7.52.1-5+deb9u1_all.deb
 077ef17bbabd4fab18943cfc2b9882f39bade78414dc0fb93a6bcfd61a93c02e 371644 libcurl4-gnutls-dev_7.52.1-5+deb9u1_amd64.deb
 9ff94a3dd33994c0403a007e38597474a3fe088b0c8de872887182e81026ea90 377454 libcurl4-nss-dev_7.52.1-5+deb9u1_amd64.deb
 0c047e561ae5c475918a6cf491374ce833818777cedf7b57ff40140a6a565b39 373528 libcurl4-openssl-dev_7.52.1-5+deb9u1_amd64.deb
Files:
 91c0ccf8db9ae628417cc62c363f6c17 2793 web optional curl_7.52.1-5+deb9u1.dsc
 4e1ef056e117b4d25f4ec42ac609c0d4 3504621 web optional curl_7.52.1.orig.tar.gz
 2ab88d336c09d714321bfde6c79e05b8 34788 web optional curl_7.52.1-5+deb9u1.debian.tar.xz
 24985dd2542c4bd4ac37a30f55348ae1 131978 debug extra curl-dbgsym_7.52.1-5+deb9u1_amd64.deb
 57d0b184beb112900f2deb1ad473ed6f 10596 web optional curl_7.52.1-5+deb9u1_amd64.buildinfo
 d2c20e806fe887741b8cf5fb391f6ae0 227026 web optional curl_7.52.1-5+deb9u1_amd64.deb
 76e61a63d9df4e2b9cf906af285367e1 5000268 debug extra libcurl3-dbg_7.52.1-5+deb9u1_amd64.deb
 ec6740923b7456870c9db9849ff622b3 289198 libs optional libcurl3-gnutls_7.52.1-5+deb9u1_amd64.deb
 fa5b7972b1209189432d0141209bcdba 294460 libs optional libcurl3-nss_7.52.1-5+deb9u1_amd64.deb
 31416c791d7b150f66e8e18ae0a2e6a6 290822 libs optional libcurl3_7.52.1-5+deb9u1_amd64.deb
 91e7b4e9271895de444bb02fc3d7de57 827434 doc optional libcurl4-doc_7.52.1-5+deb9u1_all.deb
 600977aa1ce50e637fa7b801b7ac6231 371644 libdevel optional libcurl4-gnutls-dev_7.52.1-5+deb9u1_amd64.deb
 1c6b92ed1102ab0ccf8334ddc9ed0148 377454 libdevel optional libcurl4-nss-dev_7.52.1-5+deb9u1_amd64.deb
 87435777f7c46e8f3baa4a68d2e4417a 373528 libdevel optional libcurl4-openssl-dev_7.52.1-5+deb9u1_amd64.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEBsId305pBx+F583DbwzL4CFiRygFAlnRi2oACgkQbwzL4CFi
Rygb6g//Z0olPIWo6oU/kqJGJqXRvQDeHHBUDHd6y/PcR9ASFVnmd00285nzpMiI
R5ISWif1T3yodHBKUKU8mZRULTkCKJBLLb3aQkQDuUmd5yYnwocymVa1E0YE2mdU
0fsSrMj+GtiW2sfaYsOD2uRUq0x4SDYOGB/KdRt0zYytN69fyXJbBoIj2qaUIGiB
CfkCEpdrlJ0WjUr9Kl/0ZqMj4im1Hwj77N2DpuMIfp7GwiudCNYetwZUIaETPYra
+AZ2b0QZF4aT9kgeA8zo/gwT/v23tLfPoVuzf7LQvwRc1EAGCHOgF+zaM43oU3vh
wRkAcrQU33Vai56y7glibTQb20h/kwrK3T04P+qislmak9DUcmmTJ9CDtbWwtDXj
MaG6KuJdybsnTzvR3HSnyPH/SERb0/OgXmn59LH7ks0pEligqHT69ZiAZxq/JkTZ
u5aexqDDYg8xqxlwaMW4zNRPzFgkUuKdyAcalgMPEyq3YPDG7dl8MHhmiPPdp3xj
ykQxmoziknEjLvTEmILnzyYWtV/q8FdLnjgLdR5HhGlhaWc9PpapuKqp2reiB/1q
GYmAZ16S+N6YyiCbblpz0IWdHMfxvIUIegskGaaRISgLojzxeUgMrrgcPDI0bIxG
zTAuHTMIwh1GnhezfdW/heIjJi+lp+9P7kpuwy1cCUErhzBoxJI=
=imrX
-----END PGP SIGNATURE-----