Accepted curl 7.83.1-1 (source) into unstable
- To: debian-devel-changes@lists.debian.org
- Subject: Accepted curl 7.83.1-1 (source) into unstable
- From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
- Date: Wed, 11 May 2022 17:19:10 +0000
- Dkim-signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=ftp-master.debian.org; s=smtpauto.fasolo; h=Date:Message-Id:Subject: Content-Transfer-Encoding:Content-Type:MIME-Version:To:Reply-To:From:Cc: Content-ID:Content-Description:In-Reply-To:References; bh=ZGN5vdwONwc4KrP5C4nkUknRy3aRJWfppwFJzU+f858=; b=RCOiC9qxHQQ6Qz3p2FyOEqMYyT UyckLAeO8xIfko3RlANx3gJ7mPGUNEP4NdKESJ/yinZ3paY2/6EdTDJAwaB7AwKb5n3D5gZTl9ZSq /pmT8McHmFxafIY1H5lcyWYCuWFjiWeng0dZIh2sYnBlOnR3l4jF2JiLPH15BNR2gYvS/tdRW1bnS tTO/Vb2M1a/FhEdbWyB143+NDAywr/C+IKVLZacfYk+oPBbzQeQ3N6oMf7DoZLhsPS8sSJjSPVMlF JUfDEOLhF5MBt63sKl+rOsjVYzJXvaMogiXDK0zNUGaJXX49B/pVQYiNP+vT5u3UwMAz4xxYedS39 qZS3WFvA==;
- Mail-followup-to: debian-devel@lists.debian.org
- Message-id: <E1nopzS-00074W-GF@fasolo.debian.org>
- Reply-to: debian-devel@lists.debian.org
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Wed, 11 May 2022 17:46:48 +0100
Source: curl
Architecture: source
Version: 7.83.1-1
Distribution: unstable
Urgency: medium
Maintainer: Alessandro Ghedini <ghedo@debian.org>
Changed-By: Samuel Henrique <samueloph@debian.org>
Changes:
curl (7.83.1-1) unstable; urgency=medium
.
* New upstream version 7.83.1
- Fix the following CVEs:
~ HSTS bypass via trailing dot (CVE-2022-30115)
~ TLS and SSH connection too eager reuse (CVE-2022-27782)
~ CERTINFO never-ending busy-loop (CVE-2022-27781)
~ percent-encoded path separator in URL host (CVE-2022-27780)
~ cookie for trailing dot TLD (CVE-2022-27779)
~ curl removes wrong file on error (CVE-2022-27778)
Checksums-Sha1:
b1cdee8cc68f414a939b04333d18b7a990e9681b 2959 curl_7.83.1-1.dsc
0073c0eb2d5199688334b8bd9f49e46c1f4ea35c 4162207 curl_7.83.1.orig.tar.gz
7bc0820301aaf8c24c615ea62a348d9b74c39349 488 curl_7.83.1.orig.tar.gz.asc
220164c8020289ce8154371f5cc8a21788f1bb22 35592 curl_7.83.1-1.debian.tar.xz
977599f41730efc387ab734fd689545bc3da8171 12798 curl_7.83.1-1_amd64.buildinfo
Checksums-Sha256:
dfcfd0faaa0828ed44e32512e2ce3343de5e82ddeb1ac90e448b11cddc98fc49 2959 curl_7.83.1-1.dsc
93fb2cd4b880656b4e8589c912a9fd092750166d555166370247f09d18f5d0c0 4162207 curl_7.83.1.orig.tar.gz
b8bd927f15bd02cb0bd831ce6d7c9f7406a1b6d8fb2d1bd1c10f16144d8491c4 488 curl_7.83.1.orig.tar.gz.asc
583fe1667fb6374d32923ec8cc43b775cec4461f2201cec9e512a1136240bdeb 35592 curl_7.83.1-1.debian.tar.xz
ba4de13a0c5515a5d72717c0f0a432bebc0ad6aefcaa2e5594d7ea8856f6f393 12798 curl_7.83.1-1_amd64.buildinfo
Files:
006717edac99491699f2c0f6a3fe4ac2 2959 web optional curl_7.83.1-1.dsc
0dc6c66339d925a6a03ff343f98d095e 4162207 web optional curl_7.83.1.orig.tar.gz
9e05b4323536471ed6a155a60c6c9f96 488 web optional curl_7.83.1.orig.tar.gz.asc
377fc473e6e6f2c6a573d7a182e123a7 35592 web optional curl_7.83.1-1.debian.tar.xz
86807a04be3f29f0302351755c0bbbfc 12798 web optional curl_7.83.1-1_amd64.buildinfo
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEBdtqg34QX0sdAsVfu6n6rcz7RwcFAmJ76ugACgkQu6n6rcz7
RwdbVw/9EjfzvRxGU2vOAvaphUlS5UQM/l8zdDFuKk9vyvF3YxjwNSxVN6GeDyiv
s1svYOwf3ShF5VoK7BeWeXnXYQbkmjOVKZHlUorrKIS3RXs4Bz4G/VE7kxkItjuu
aiw/37MP86ekYplluFa32yAszH6QyiEvjDqBgE1X3+12vzJ1M93qdqJmlXM/Z0qg
Gio0jeGquTf6YmUx1L966T+rhRIIHp3mYI0eK/SPSihL7sU6H9jm5j4+kNvu8ck7
+KPh0m1/AaTqAZcldUHaWjkqk7YGsEYO/1WUqosRPPpCJxOgGFJ5urw4M6m3X20l
rn8Gm6scDs7d4j6YIMFFFxFFvIwzBDQPliReOq4t3BPwFxuUbPqNYbq9OYWqSxhG
L5WP1sD4Tx+7f9riTeuukiw4IIPtPd/4clCyYaYkxmePfQGwj9QQ+Mp8JbTP7ge3
6M9q+iN8DbLFlsMpvC1Y9Kivl5WAQfAzjfKEgHjFwF+J/cidkgU0YZMdTW2E4W0M
hPi3BNKUQc9rDMyA2PSe9+RNr0JL3k7kOm94UbwOPXe+tyl0EMpPe0ZSOaNcKWkZ
8IbNicVBDNejNIrrMfVbbGKNWZRWjD4uQuGZELiQkhJjAo00v6BNDD7oquqqbZwJ
hlM70YBO/H39yZoMB9oDAo71Na5eyVECpBCOC7ZqIYDrCct5510=
=8J5z
-----END PGP SIGNATURE-----