Accepted curl 7.83.0-1 (source) into unstable
- To: debian-devel-changes@lists.debian.org
- Subject: Accepted curl 7.83.0-1 (source) into unstable
- From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
- Date: Thu, 28 Apr 2022 18:19:06 +0000
- Dkim-signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=ftp-master.debian.org; s=smtpauto.fasolo; h=Date:Message-Id:Subject: Content-Transfer-Encoding:Content-Type:MIME-Version:To:Reply-To:From:Cc: Content-ID:Content-Description:In-Reply-To:References; bh=6u415KdmePmY5uuTeAP8hkfoJgqQiRPxFdHfrHQ6NHM=; b=Gw4Onm7RXpRllj5YdzCBg+HHLV tbt/5t5vXrdjBL33VTizG/J1gmz4K+/tzno43wU9h2HUliLEMVak+vano/+Jp3SOTC7IgtzIH52Ch +EVdPECqlrjl7Cl1SHg5f7x8oKtTiAm/6ip41S9bwdtHo7uJ2zUfi/aZvofHYco5NBjKHR7vZDeHZ oxL+NFtq037NCAXtu6CRivyKzoua6OkLbJHef6jg3Kz1DrydkYMpqA6BLxPt2Trz5n6QMrZ/IHVia +WJjNe8slK5dI60rDNOkVf06kFpgdvaRmgBZAyY7eg9N7n22rVRSvsye0KvOFtw5O0aNaA/Cwz1/h NM503PkQ==;
- Mail-followup-to: debian-devel@lists.debian.org
- Message-id: <E1nk8jK-0007uH-Hv@fasolo.debian.org>
- Reply-to: debian-devel@lists.debian.org
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Thu, 28 Apr 2022 18:53:32 +0100
Source: curl
Architecture: source
Version: 7.83.0-1
Distribution: unstable
Urgency: medium
Maintainer: Alessandro Ghedini <ghedo@debian.org>
Changed-By: Samuel Henrique <samueloph@debian.org>
Closes: 1010252 1010253 1010254 1010295
Changes:
curl (7.83.0-1) unstable; urgency=medium
.
* New upstream version 7.83.0
- Fix auth/cookie leak on redirect (closes: #1010252, CVE-2022-27776)
- Fix bad local IPv6 connection reuse (closes: #1010253, CVE-2022-27775)
- Fix credential leak on redirect (closes: #1010254, CVE-2022-27774)
- Fix OAUTH2 bearer bypass in connection re-use
(closes: #1010295, CVE-2022-22576)
* d/libcurl*.symbols: update symbols files to add curl_easy_header and
curl_easy_nextheader
* d/patches:
- Refresh patches
- 12_fix_openssl_cm_check.patch: remove patch, applied upstream
Checksums-Sha1:
2e200642ccdc981b903745802a957e961ae38e62 2959 curl_7.83.0-1.dsc
fc00521a2bef4a89cf27a71223aba1cd3ec15c04 4162166 curl_7.83.0.orig.tar.gz
31301abe413107a670e36b476d6b60d7d658724f 488 curl_7.83.0.orig.tar.gz.asc
ee895b17ee7fe63696acba85e6b9f76c5e2b2494 35460 curl_7.83.0-1.debian.tar.xz
90ade519fc183cd5d65c9340ff314aa376daf418 12838 curl_7.83.0-1_amd64.buildinfo
Checksums-Sha256:
0e797893ae93c544b30b06e6b04ca7ae5bf32339e4b194906225d2bb5115fc62 2959 curl_7.83.0-1.dsc
c0e64302a33d2fb79e0fc4e674260a22941e92ee2f11b894bf94d32b8f5531af 4162166 curl_7.83.0.orig.tar.gz
f6ca16283d7713e38a4210044c9dc06ba6ac1d924a7ed4f47abcf95d626ba365 488 curl_7.83.0.orig.tar.gz.asc
beab6cdce7bc9dfe3bbc05810188abc93309b7e84eade72f54189017bc4882eb 35460 curl_7.83.0-1.debian.tar.xz
735c2e9ce588132ce8ef41ecfae549fc8140d69c763b50478a1c55f2503be759 12838 curl_7.83.0-1_amd64.buildinfo
Files:
a65e0178267fea0257bd82a6155af752 2959 web optional curl_7.83.0-1.dsc
1ca789f6ed0f023795301980f0758b39 4162166 web optional curl_7.83.0.orig.tar.gz
c3697e0cbb07ebdb68ba98b7ce5fb107 488 web optional curl_7.83.0.orig.tar.gz.asc
8c02f6e7c26c13b4052db12cd2d2d379 35460 web optional curl_7.83.0-1.debian.tar.xz
8f436f2babea299c7bfa08d43854c126 12838 web optional curl_7.83.0-1_amd64.buildinfo
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEBdtqg34QX0sdAsVfu6n6rcz7RwcFAmJq1uUACgkQu6n6rcz7
RwcHhw/+NbIxIv+VomyRSrGsVYuX92bL/lUgFk3gBv3mdNhsmPvs9t1AJ0cYspHl
YYJRBZT4c2+0cJ/CaRxohnLHC1KYxPIHc2fysbrnuMPbSbaLIybRsq342vpnVqhH
8ppyIkd87s5pT8Cd/0xWzmgAyVKZm2zqXtBFqpU/RLjov6gdZIvAUseMY4viwx3H
ibD22dAHWllFVOSd2UENEjZJWy0NCCkhR1e8ZFU7nK+4XY7uOrrF0k+tHVkdoo8p
jGViQVmpsnQdJcWJaByJCz4XAtnvZtDZNBvJIzNgY785VsK+otoM426DYLQJEqXY
j7uIqSnHGJKRut8UF/DY84CIGtcxVZ0cfxoRbSzQqOY0YQ+wdh8GT8NUjahHDg7C
pJADJfZg7RCbBTcFOxorZ88NmUlySjwX10ARQQ1yJT440FjxpsR5GwC1dqi+DjFb
9PfmIiD72hQ7yYTWHfCDBMy+rEYhpkC74MfIeAakl+PNmbEsWv5C+DzXKsUbBATr
cwyvLMsxOTz8zymGwPKpkjTlpNuHr7vHpZK7sQZd565qFC4y+hPra8G2KNlntkXr
muto4qqG3Vgg+pjxKpKvJVK/NLNRddhg/GCVlcCKpbR+KSCpyCNCham/jCabyo9z
4/upXoiB47vdLmCVDZgIRaI0XGu6KFYIwbat3D9AtTfJFrB3zbs=
=m76A
-----END PGP SIGNATURE-----