Back to curl PTS page

Accepted curl 7.83.1-1 (source) into unstable

To: debian-devel-changes@lists.debian.org
Subject: Accepted curl 7.83.1-1 (source) into unstable
From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
Date: Wed, 11 May 2022 17:19:10 +0000
Dkim-signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=ftp-master.debian.org; s=smtpauto.fasolo; h=Date:Message-Id:Subject: Content-Transfer-Encoding:Content-Type:MIME-Version:To:Reply-To:From:Cc: Content-ID:Content-Description:In-Reply-To:References; bh=ZGN5vdwONwc4KrP5C4nkUknRy3aRJWfppwFJzU+f858=; b=RCOiC9qxHQQ6Qz3p2FyOEqMYyT UyckLAeO8xIfko3RlANx3gJ7mPGUNEP4NdKESJ/yinZ3paY2/6EdTDJAwaB7AwKb5n3D5gZTl9ZSq /pmT8McHmFxafIY1H5lcyWYCuWFjiWeng0dZIh2sYnBlOnR3l4jF2JiLPH15BNR2gYvS/tdRW1bnS tTO/Vb2M1a/FhEdbWyB143+NDAywr/C+IKVLZacfYk+oPBbzQeQ3N6oMf7DoZLhsPS8sSJjSPVMlF JUfDEOLhF5MBt63sKl+rOsjVYzJXvaMogiXDK0zNUGaJXX49B/pVQYiNP+vT5u3UwMAz4xxYedS39 qZS3WFvA==;
Mail-followup-to: debian-devel@lists.debian.org
Message-id: <E1nopzS-00074W-GF@fasolo.debian.org>
Reply-to: debian-devel@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Wed, 11 May 2022 17:46:48 +0100
Source: curl
Architecture: source
Version: 7.83.1-1
Distribution: unstable
Urgency: medium
Maintainer: Alessandro Ghedini <ghedo@debian.org>
Changed-By: Samuel Henrique <samueloph@debian.org>
Changes:
 curl (7.83.1-1) unstable; urgency=medium
 .
   * New upstream version 7.83.1
     - Fix the following CVEs:
       ~ HSTS bypass via trailing dot (CVE-2022-30115)
       ~ TLS and SSH connection too eager reuse (CVE-2022-27782)
       ~ CERTINFO never-ending busy-loop (CVE-2022-27781)
       ~ percent-encoded path separator in URL host (CVE-2022-27780)
       ~ cookie for trailing dot TLD (CVE-2022-27779)
       ~ curl removes wrong file on error (CVE-2022-27778)
Checksums-Sha1:
 b1cdee8cc68f414a939b04333d18b7a990e9681b 2959 curl_7.83.1-1.dsc
 0073c0eb2d5199688334b8bd9f49e46c1f4ea35c 4162207 curl_7.83.1.orig.tar.gz
 7bc0820301aaf8c24c615ea62a348d9b74c39349 488 curl_7.83.1.orig.tar.gz.asc
 220164c8020289ce8154371f5cc8a21788f1bb22 35592 curl_7.83.1-1.debian.tar.xz
 977599f41730efc387ab734fd689545bc3da8171 12798 curl_7.83.1-1_amd64.buildinfo
Checksums-Sha256:
 dfcfd0faaa0828ed44e32512e2ce3343de5e82ddeb1ac90e448b11cddc98fc49 2959 curl_7.83.1-1.dsc
 93fb2cd4b880656b4e8589c912a9fd092750166d555166370247f09d18f5d0c0 4162207 curl_7.83.1.orig.tar.gz
 b8bd927f15bd02cb0bd831ce6d7c9f7406a1b6d8fb2d1bd1c10f16144d8491c4 488 curl_7.83.1.orig.tar.gz.asc
 583fe1667fb6374d32923ec8cc43b775cec4461f2201cec9e512a1136240bdeb 35592 curl_7.83.1-1.debian.tar.xz
 ba4de13a0c5515a5d72717c0f0a432bebc0ad6aefcaa2e5594d7ea8856f6f393 12798 curl_7.83.1-1_amd64.buildinfo
Files:
 006717edac99491699f2c0f6a3fe4ac2 2959 web optional curl_7.83.1-1.dsc
 0dc6c66339d925a6a03ff343f98d095e 4162207 web optional curl_7.83.1.orig.tar.gz
 9e05b4323536471ed6a155a60c6c9f96 488 web optional curl_7.83.1.orig.tar.gz.asc
 377fc473e6e6f2c6a573d7a182e123a7 35592 web optional curl_7.83.1-1.debian.tar.xz
 86807a04be3f29f0302351755c0bbbfc 12798 web optional curl_7.83.1-1_amd64.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEBdtqg34QX0sdAsVfu6n6rcz7RwcFAmJ76ugACgkQu6n6rcz7
RwdbVw/9EjfzvRxGU2vOAvaphUlS5UQM/l8zdDFuKk9vyvF3YxjwNSxVN6GeDyiv
s1svYOwf3ShF5VoK7BeWeXnXYQbkmjOVKZHlUorrKIS3RXs4Bz4G/VE7kxkItjuu
aiw/37MP86ekYplluFa32yAszH6QyiEvjDqBgE1X3+12vzJ1M93qdqJmlXM/Z0qg
Gio0jeGquTf6YmUx1L966T+rhRIIHp3mYI0eK/SPSihL7sU6H9jm5j4+kNvu8ck7
+KPh0m1/AaTqAZcldUHaWjkqk7YGsEYO/1WUqosRPPpCJxOgGFJ5urw4M6m3X20l
rn8Gm6scDs7d4j6YIMFFFxFFvIwzBDQPliReOq4t3BPwFxuUbPqNYbq9OYWqSxhG
L5WP1sD4Tx+7f9riTeuukiw4IIPtPd/4clCyYaYkxmePfQGwj9QQ+Mp8JbTP7ge3
6M9q+iN8DbLFlsMpvC1Y9Kivl5WAQfAzjfKEgHjFwF+J/cidkgU0YZMdTW2E4W0M
hPi3BNKUQc9rDMyA2PSe9+RNr0JL3k7kOm94UbwOPXe+tyl0EMpPe0ZSOaNcKWkZ
8IbNicVBDNejNIrrMfVbbGKNWZRWjD4uQuGZELiQkhJjAo00v6BNDD7oquqqbZwJ
hlM70YBO/H39yZoMB9oDAo71Na5eyVECpBCOC7ZqIYDrCct5510=
=8J5z
-----END PGP SIGNATURE-----