Back to curl PTS page

Accepted curl 7.85.0-1 (source) into unstable



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Fri, 02 Sep 2022 13:00:10 +0100
Source: curl
Architecture: source
Version: 7.85.0-1
Distribution: unstable
Urgency: medium
Maintainer: Alessandro Ghedini <ghedo@debian.org>
Changed-By: Samuel Henrique <samueloph@debian.org>
Closes: 1015835 1018831
Changes:
 curl (7.85.0-1) unstable; urgency=medium
 .
   * New upstream version 7.85.0
     - Fix control code in cookie denial of service:
       When curl retrieves and parses cookies from an HTTP(S) server, it
       accepts cookies using control codes (byte values below 32). When cookies
       that contain such control codes are later sent back to an HTTP(S) server,
       it might make the server return a 400 response. Effectively allowing a
       "sister site" to deny service to siblings
       (closes: #1018831, CVE-2022-35252)
     - Fix FTBFS on riscv64 with gcc-12 (closes: #1015835)
   * Bump Standards-Version to 4.6.1
   * Add lintian overrides for old-style-config-script-multiarch-path triggered
     for curl-config
   * d/patches:
     - 11_omit-directories-from-config.patch: Update patch
     - 20_ftbfs_import_sched.patch: Drop patch, applied upstream
   * d/rules: Fix configure args, remove bogus '--without-ssl'
   * d/copyright: Update the whole file
   * d/(control|watch): Update upstream's URL
Checksums-Sha1:
 a6be39b8ad7a5e0c63b2331732ca8ea207c51109 2955 curl_7.85.0-1.dsc
 a2d00684795f12245db421385c70c61b79619ad2 4182153 curl_7.85.0.orig.tar.gz
 c9a5b89da1b0522d793e5fcf6aeef7e9d7afa7a6 488 curl_7.85.0.orig.tar.gz.asc
 3f6d97fedff89ac1e966cf01b304b8fd8bf7a9c5 38160 curl_7.85.0-1.debian.tar.xz
 46490f784794c71544d730b7a40bb207192c9405 12948 curl_7.85.0-1_amd64.buildinfo
Checksums-Sha256:
 d0855261f69992255ecd9dd39dae1067df8625821a73589a6405f86ea77fdee7 2955 curl_7.85.0-1.dsc
 78a06f918bd5fde3c4573ef4f9806f56372b32ec1829c9ec474799eeee641c27 4182153 curl_7.85.0.orig.tar.gz
 6794e4b59dea9dee2c6373be4e1b1cded5c8a9aea8bbf58c3e97f3adfe8d8474 488 curl_7.85.0.orig.tar.gz.asc
 fed9ef7fab87ab12a8290c1a059c05cdfe6ef706d077601bbb30d5a978404be5 38160 curl_7.85.0-1.debian.tar.xz
 4b465ed2201587c6de13bef4b3e3a1f250e46f912c5c70a1e97422358b700eae 12948 curl_7.85.0-1_amd64.buildinfo
Files:
 e125c0e777fb8af1b1b84da5e71c79eb 2955 web optional curl_7.85.0-1.dsc
 4e9eb4f434e9be889e510f038754d3de 4182153 web optional curl_7.85.0.orig.tar.gz
 b77cefcebb6a1096a9516f06860542c7 488 web optional curl_7.85.0.orig.tar.gz.asc
 63f5361ddbbcaae92c1702fcb103e17a 38160 web optional curl_7.85.0-1.debian.tar.xz
 f702afcfb57ecfb52254170b5f7d7c6f 12948 web optional curl_7.85.0-1_amd64.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEBdtqg34QX0sdAsVfu6n6rcz7RwcFAmMR+AsACgkQu6n6rcz7
RwfH6g/+NA3bpb2ktD2Im5SWim5wzhPAUiaCf5LU33L9f+G6S+kB864ANput9nPn
xVPX1m6biDbp6pCWn2oDpQEUi5+fDX+jEqEEmNMAgPA+o0+QKrV9TcVKJZL8HkUq
vjB1+Cspa2tc3PzzmAwikvrx8qztdBYT7eQY86UnoPXFuKfZDOT737fCf7smgyaD
wjQtGerygsVupKbDuQL9n7IvnEy1sFzIoAFVjniNckAz9DFMCgc0vaQHTmlgUfyb
lMz3+nSZ6K89BhAkuyP3pcO5lO5/8+0mn2bhvRxkEtoPb57+Rgqdmn0nB0iejuM7
yFNbRhGz+cy4aGkvhLA9zcIKrxrIcqGQfZU1f9+gkvJ8TfPoDsNsYhnVVep3TOZ/
3vPZy/mJ7L1fgjfZ3Rn38bZ/2bJgg03Ef73vUuNh5LS6LzLebU0pduvrBWH/ol5d
pNpifCMyoULRAbSr3I1WWNBnW+XbAMrxFjZ1tD90yM5cPpk2ubyOEex5SIoMipQt
dgr8c6vt9WpT9rxr8Jc+6C2jhAmko3VIa7MsOl67Laxcu6X3P8irMZ9DxOVY5sup
Cs+4E2Dz64wqpbQycswyJwfW6ygViAz6IVTP3EfUDXYD2udyonYwb/sGXeeqNa2x
PpZEDQen99lvvEDj+wf921UTZfuPfMIxwZSlMG4oxS36ruLzJ+8=
=gH/F
-----END PGP SIGNATURE-----