Accepted curl 7.86.0-1 (source) into unstable
- To: debian-devel-changes@lists.debian.org
- Subject: Accepted curl 7.86.0-1 (source) into unstable
- From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
- Date: Thu, 27 Oct 2022 21:34:32 +0000
- Debian: DAK
- Debian-architecture: source
- Debian-archive-action: accept
- Debian-changes: curl_7.86.0-1_source.changes
- Debian-source: curl
- Debian-suite: unstable
- Debian-version: 7.86.0-1
- Dkim-signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=ftp-master.debian.org; s=smtpauto.fasolo; h=Date:Message-Id: Content-Transfer-Encoding:Content-Type:Subject:MIME-Version:To:Reply-To:From: Cc:Content-ID:Content-Description:In-Reply-To:References; bh=oGfnbN3jRBltGJOrk8Z7FqC1m5LIrxFV588LnmMVAJM=; b=kV/mZXpCQzjWNA4ofHdzivUE1n gmI3K+uUn3YmjMJyrrcpKjyZpldNWzu4pwupHX3A9409VqO9OKcMNXtc8jihnmk2WwWoibS1Od2ZQ xx5lXoRi2H7EjnaNyK4LIyRC8ckN10nMNYz85rCaPvm2+EQ08AqkeI0QBJyDZDAulSYPWwx+/ZYF3 9leKzPt7xIIzFlYLwC+LPW/6/gtLTKOSIsqhd4Y8c1JnxgOd1pDQ7EvMEw6FlN6JVjngbXiuXlhVc rYzydlN39SFx3IIROm7YwTD98wFtlIU21a8Pj7C3y5+pJmBymfLeZKOo0/pJnMh7O7C151ki5wi60 lzDPn/qQ==;
- Mail-followup-to: debian-devel@lists.debian.org
- Message-id: <E1ooAWG-0048fN-DR@fasolo.debian.org>
- Reply-to: debian-devel@lists.debian.org
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Thu, 27 Oct 2022 20:38:24 +0100
Source: curl
Architecture: source
Version: 7.86.0-1
Distribution: unstable
Urgency: medium
Maintainer: Alessandro Ghedini <ghedo@debian.org>
Changed-By: Samuel Henrique <samueloph@debian.org>
Changes:
curl (7.86.0-1) unstable; urgency=medium
.
* New upstream version 7.86.0
- Fix HSTS bypass via IDN:
curl's HSTS check could be bypassed to trick it to keep using HTTP.
(closes: CVE-2022-42916)
- Fix HTTP proxy double-free (closes: CVE-2022-42915)
- Fix .netrc parser out-of-bounds access (closes: CVE-2022-35260)
- Fix POST following PUT confusion (closes: CVE-2022-32221)
Checksums-Sha1:
3b840c160623660fd72f3aba3416d6ef1643c372 2955 curl_7.86.0-1.dsc
1c314d3f2229ea932d10cb803f3e26f3fba630ec 4232231 curl_7.86.0.orig.tar.gz
be2b6791b59ded714d9c8abd634d21789f9a96dc 488 curl_7.86.0.orig.tar.gz.asc
1b8ef9b2bf97ea0bbfd8f6fd42c4a86ed79b9285 38052 curl_7.86.0-1.debian.tar.xz
f0247f08a62bb724cebd3520d464e52db0b43d8a 12775 curl_7.86.0-1_amd64.buildinfo
Checksums-Sha256:
6d0d2811c50989b48ba09b448e92fee6fabaaf9bbfe322ec605a1d0874a23392 2955 curl_7.86.0-1.dsc
3dfdd39ba95e18847965cd3051ea6d22586609d9011d91df7bc5521288987a82 4232231 curl_7.86.0.orig.tar.gz
8e31713d4513023e44a2034af660b2af6240a8501cadf153f96431cd34f5fc31 488 curl_7.86.0.orig.tar.gz.asc
602f79d533ead20e989c5019685b1ce1e2413143f0997f3ad4d8fae8a235c4db 38052 curl_7.86.0-1.debian.tar.xz
083b6ce88974f141f76951211a255bf06f9dfd2c81fc02f744941105157d6a0d 12775 curl_7.86.0-1_amd64.buildinfo
Files:
99bde56cc77318c3a70e447c89843102 2955 web optional curl_7.86.0-1.dsc
f44246e7c13cd91f07095fe63c06353c 4232231 web optional curl_7.86.0.orig.tar.gz
ebe290e2be2961ce081e50c91e2dbe5b 488 web optional curl_7.86.0.orig.tar.gz.asc
885580b7f0eea2419ff1fb8859aa6880 38052 web optional curl_7.86.0-1.debian.tar.xz
aab8842de1c60925fe763e2325892f32 12775 web optional curl_7.86.0-1_amd64.buildinfo
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEBdtqg34QX0sdAsVfu6n6rcz7RwcFAmNa814ACgkQu6n6rcz7
RwehVRAAzWjH7odCcqbmHVoC+FJ/bZlcfCY5mz81jRUxwg05IpdhReteACttagTQ
hoCLfD86y2oDwX9WjZPP56qbu7D9r+BvNll3N7cSz0nxNrTMb2lrB75jeoyguoXU
SGJpRWm6vyEyoGCUkSOgY1k3xEIAbwv+wd+rG+70cEv0CqOOdWMAnCTUmp6nbjmw
RH2KyCZZ6/NkkPHwaE00iuM7YLASldgaxAINQ0DpLl9X7AryQErH9xdkZ751iNXU
SCYjxqGBFTMlQDESk7yclprR1D6ynyKdp7Ft7YOkJc9mmcWNln4LbKJkT5VFzyAZ
AmJCLlOI/FXfUzCeYGUTmtJ6kA//eGpinWx0kQehwN+2P12RpiOotJSd4FfILjDO
5fxXJ6VhFwnr7GCICuKnEKw/GsufRKhd4O82uGIXZoFb5kphIKn7/o3cck9765Sh
Ct2Qx1zxHfpCviQlMWpYNEOMv3Y9eHfSLlcNlxKwzUWzCxR05hBSa5zbK9JWwDqs
sG5surFQCMpm0KXi5R1t6FeerCu8vrf6TAW9PZzyFoPyyVYXlnmZxp1Kwzzk5OKD
by/0Sk6b9F4vOxZq0jQwAhMk/MR5DuJK/LjSljG5OO4TuKBLtwcEf0WSNHXGm5OY
8j+2YIvzwIATqNdPb2ggsJGMW8n33njn4E7FNO2x/OVceoF9Y1Y=
=NrgE
-----END PGP SIGNATURE-----