Accepted curl 7.74.0-1 (source) into unstable
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Thu, 31 Dec 2020 15:22:05 +0100
Source: curl
Architecture: source
Version: 7.74.0-1
Distribution: unstable
Urgency: medium
Maintainer: Alessandro Ghedini <ghedo@debian.org>
Changed-By: Alessandro Ghedini <ghedo@debian.org>
Closes: 963559 969004 977161 977162 977163
Changes:
curl (7.74.0-1) unstable; urgency=medium
.
* New upstream release
+ Fix inferior OCSP verification as per CVE-2020-8286 (Closes: #977161)
https://curl.se/docs/CVE-2020-8286.html
+ Fix FTP wildcard stack overflow as per CVE-2020-8285 (Closes: #977162)
https://curl.se/docs/CVE-2020-8285.html
+ Fix trusting FTP PASV responses as per CVE-2020-8284 (Closes: #977163)
https://curl.se/docs/CVE-2020-8284.html
* Update debian/watch to new upstream download page layout
* Update 12_use-python3-in-tests.patch due to renamed file
* Refresh patches
* Fix cross-build due to python build dependencies.
Thanks to Helmut Grohne for the patch (Closes: #969004)
* Fix formatting in some man pages.
Thanks to Bjarni Ingi Gislason for the patch (Closes: #963559)
* Update list of documentation files to install
* Update symbols
* Bump Standards-Version to 4.5.1 (no changes needed)
* Drop removed file from d/copyright
Checksums-Sha1:
787a0c8284cb03bb06049e7eb2ee0e96ff010461 2686 curl_7.74.0-1.dsc
cd7239cf9223b39ade86a14eb37fe68f5656eae9 4043409 curl_7.74.0.orig.tar.gz
14fd397cac37a0061c5c527d1c111ae7944cac36 31404 curl_7.74.0-1.debian.tar.xz
1ecbd72b0793ec783e926bff1328958a765ef026 11986 curl_7.74.0-1_amd64.buildinfo
Checksums-Sha256:
c4c4ff62d6b2b58bc0eb64abb1301a1227d32d08cea95a1166936473df12ecdb 2686 curl_7.74.0-1.dsc
e56b3921eeb7a2951959c02db0912b5fcd5fdba5aca071da819e1accf338bbd7 4043409 curl_7.74.0.orig.tar.gz
16a7423335ec487f741cd67b740aa887d2f3dd00f47d488575e61186e62ea7d9 31404 curl_7.74.0-1.debian.tar.xz
3e5ef0f267aa35e7a95359564fcc3b8ac15c882cf7fca5c35be8d73d522a264b 11986 curl_7.74.0-1_amd64.buildinfo
Files:
d838371de0b582e6e826af7d7b9c54ce 2686 web optional curl_7.74.0-1.dsc
45f468aa42c4af027c4c6ddba58267f0 4043409 web optional curl_7.74.0.orig.tar.gz
98c41a5c5613266823bb34cdc4f6e2f9 31404 web optional curl_7.74.0-1.debian.tar.xz
fd4a0a35b084d849df218f00c728f497 11986 web optional curl_7.74.0-1_amd64.buildinfo
-----BEGIN PGP SIGNATURE-----
iQJFBAEBCgAvFiEEBsId305pBx+F583DbwzL4CFiRygFAl/t86oRHGdoZWRvQGRl
Ymlhbi5vcmcACgkQbwzL4CFiRyj/jxAAk4+AVoYasd3VwyHY1T+mjBkPKj+A/tko
quxLDVIqdLclQOzpinww4h8bj3eRQHAiiPFK8bdwwwgUNSsiyQdZwI+TdanDMmkn
blmlhy3CNlA8BXorvSehgQEXMP7NkVXdqLeftF/Xww1dnnYnd4VCS2YJjwB92iZQ
AtH7ZBGwD54obc2B7AH2hgr+L1PurVShE7Co2+LC40/Mc8zMGJolXKgo5AFuHWla
2HOy4p0+xh2nuyD15s8aj4BySAL6RyU13JswtmEo4JoAHORtLy2J3MApveR6tsji
RjC35IYlrI8hskv7OCO6ZcXLp3fnPD08js6Tew6mAuUqE87AengOgvesJJBlAhAg
CJy83Av2+Be0XeCXEMweNHx60BObx7RnQgy66RkMqC+Ij1rNKAo14M+MPIYmNQDw
/km/ihcGWwQ/cpqGD1R5DXxE7c5b57T3y+r0eFkDMgB7+3L1UPStdjJ/Tt0coDkn
mNBJvgzKcJpPL6VwtjPTEmqQ7NhnFEnCu0PcCGS9SXs6Z1Lgu2EKsVicsbvoPcEJ
Oflcsua4Tj/DHBWb6S4xN4992mzyRXYU/2OzHELZc8ZPIZw6wR8wkK/ckXZqiuV2
LN5Su2yTAP2DhpriWIC4EpRLMPB69FHbveXN5YB433LH6af95DmFLi2AXlFNX4ur
NWT7Cuq7n2o=
=LGSs
-----END PGP SIGNATURE-----