Accepted curl 7.74.0-1.3+deb11u5 (source) into proposed-updates
- To: debian-changes@lists.debian.org
- Subject: Accepted curl 7.74.0-1.3+deb11u5 (source) into proposed-updates
- From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
- Date: Tue, 31 Jan 2023 17:47:28 +0000
- Debian: DAK
- Debian-architecture: source
- Debian-archive-action: accept
- Debian-changes: curl_7.74.0-1.3+deb11u5_source.changes
- Debian-source: curl
- Debian-suite: proposed-updates
- Debian-version: 7.74.0-1.3+deb11u5
- Dkim-signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=ftp-master.debian.org; s=smtpauto.fasolo; h=Date:Message-Id: Content-Transfer-Encoding:Content-Type:Subject:MIME-Version:To:Reply-To:From: Cc:Content-ID:Content-Description:In-Reply-To:References; bh=DE1KUflb9SjukrzHhsLmuqjOkZapIR/wTM4QOHCSK9w=; b=MUlG5ox39HBiqtOSZTYy6C70ev dtEWJxbHXHqOVsLqhtkccZ9p2pY/rfrMdpSlkSaWW0FYlS/YL8vxg2znbFfDVb2LiiNyAVDnbJ3mu ZeDYN9sSLLLPDQOOxHZWG9r+l39BsxmmuItDOBqx+fVkCfV70g4Q3d9v2inF9G4OsrAJkASWS/7NZ ch9xnOhGfc5kmQTYGcdlSAA0YsQEc/R9X/wG5BlOK7yHqZvVsQw/uLHROkXnG+DiHmpOXhodY/qKj 65l29cPZOjGcypkB+JF89Jb8AtvPGAPrs7clzCNs2pEdtUWf52gdp7sgreJX306u+PJ5/eqb/wdRR HPBLRrOw==;
- Mail-followup-to: debian-devel@lists.debian.org
- Message-id: <E1pMujA-002rj6-QF@fasolo.debian.org>
- Reply-to: debian-devel@lists.debian.org
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Sat, 31 Dec 2022 09:35:15 -0500
Source: curl
Architecture: source
Version: 7.74.0-1.3+deb11u5
Distribution: bullseye-security
Urgency: high
Maintainer: Alessandro Ghedini <ghedo@debian.org>
Changed-By: Roberto C. Sánchez <roberto@debian.org>
Changes:
curl (7.74.0-1.3+deb11u5) bullseye-security; urgency=high
.
* Follow up to CVE-2022-27774:
The patch included to address this CVE in 7.74.0-1.3+deb11u2 was not
effective and the vulnerability was still present. The patch is corrected
and the vulberability addressed in this version. Thanks to Kamil Dudka
for providing the patches used in CentOS 8 and 9 and upon which the
corrected patch is based.
Checksums-Sha1:
d14f110e29623cf901fb88ccd2363daee92dacc9 2699 curl_7.74.0-1.3+deb11u5.dsc
5bc7d9450150d2b974db3375e84b52718b4b0098 60336 curl_7.74.0-1.3+deb11u5.debian.tar.xz
8388d931736e3ebf01bdf4dc914150c71795ab4a 13007 curl_7.74.0-1.3+deb11u5_amd64.buildinfo
Checksums-Sha256:
c43b937336f7efdcef923ff34cdf84d0aeda379e2fe1e3ae2f2762473ddd4c87 2699 curl_7.74.0-1.3+deb11u5.dsc
e45ea76251781c469b1684b7c3986fb3acc6af0910dccae564f7d61eef83641f 60336 curl_7.74.0-1.3+deb11u5.debian.tar.xz
b36f5af8d69b7c7110533bf60a97491dda807185535e8dccfc0018c3d078b5e9 13007 curl_7.74.0-1.3+deb11u5_amd64.buildinfo
Files:
14616507de7b18b3bbce722b83e4a119 2699 web optional curl_7.74.0-1.3+deb11u5.dsc
1f56c615086d906875ebc6d62516d03a 60336 web optional curl_7.74.0-1.3+deb11u5.debian.tar.xz
f5fd87aac6213faf2e2a5779475d7613 13007 web optional curl_7.74.0-1.3+deb11u5_amd64.buildinfo
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEBdtqg34QX0sdAsVfu6n6rcz7RwcFAmPS1xsACgkQu6n6rcz7
RwcoeA//ayDmAlRvUJOTKL958mqz6Wh50cAKlkDA4jsBsQiyarrR41CZ08nUyYKW
+JN/ebYogjnvr4YU9VVaolTDKTBfJokwx+sOngXb2oaThkeHF4DPXs7C9JB7yLxd
8ISCkgfAHoYI1sYKMJ1o5viF0ReMDa4fuxocGL83vop3+RO6swSJ8+js/54Rdfpy
nWtq0WJ2Q1ycOlt8gayjk8cvUzmVudFH6K9SojjW/B1Etjk/aj2cYUHkz/VavCqR
uJxyVkyOb6Y7OW7SnweVO39pycH1ANmRB9LukZzQa34sbg+njPAhelYERQyb+h0Z
aXyDhLPffuljRwoHmCekNAAufHYmcruocGfZsHMJOHLyqoOmSlWNl3txiCWit1wJ
H0uA2J5cEwmyZ3uZWomygCZBSGDeA9pL0N+twxi13AEZp1DcYtn6ndpGh6FgG/FC
GwaJufZzLTQ3HKHRTa0b7ctxedPxen41iSwEv+jXf6K9BGfsDlSMegD84QB4FoQS
RO8txdAYvBhlnX2kB0eONwO5UewOR0q7p/PWCy4yihnt6wGTMV3VrWgjNILNMYwA
/VWrMC6WCx5dYuf/6FJEDm/W4vE5G46ddq6GvEAJIQz2YUAGIOkZmCfD532Ocraa
kxJgaUJlANHApqISy8lZoHPuL+EvzM56kSN2sqHOJpcOrmnK6bc=
=++DG
-----END PGP SIGNATURE-----