Accepted curl 7.74.0-1.3+deb11u6 (source) into proposed-updates
- To: debian-changes@lists.debian.org
- Subject: Accepted curl 7.74.0-1.3+deb11u6 (source) into proposed-updates
- From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
- Date: Fri, 03 Mar 2023 17:02:20 +0000
- Debian: DAK
- Debian-architecture: source
- Debian-archive-action: accept
- Debian-changes: curl_7.74.0-1.3+deb11u6_source.changes
- Debian-source: curl
- Debian-suite: proposed-updates
- Debian-version: 7.74.0-1.3+deb11u6
- Dkim-signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=ftp-master.debian.org; s=smtpauto.fasolo; h=Date:Message-Id: Content-Transfer-Encoding:Content-Type:Subject:MIME-Version:To:Reply-To:From: Cc:Content-ID:Content-Description:In-Reply-To:References; bh=mdam/gu+ASqz5P6wm+b4gjMbzzxwxUF/MURcFHYQa5w=; b=WhRZV2y6u+IZv/PZjX9EzwHzXl HlcgUtUTVXaIwpi0+WhFM5+4ReBE9bGGz7mU0k4vXf99W7COr1aeci2wopGo9qfFDj5P1cO6Q1nsl 0M17Lpe+Ey+zm1Yh1tMhYwcJAngiFeMywfrjtH4yumceLXTJlHC21Dxx6DY/wMAUBNt/s/K6M6/yZ d44F841E+lIHe6jd+1fPYCoLmkMntfgbyUdv01+ev6IROvIIu2XENs86HJ63Yd1kqa6VYTjuMFBIH 7p3QycS9390j9YLHwATWrz4f1xfQW7hwzkuCUGPQWcdmTBq3/UNrkRSjXWqMgWE5G4cQG8XyHgWug nnCC5sug==;
- Mail-followup-to: debian-devel@lists.debian.org
- Message-id: <E1pY8nU-009Ska-D4@fasolo.debian.org>
- Reply-to: debian-devel@lists.debian.org
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Tue, 21 Feb 2023 08:47:56 -0500
Source: curl
Architecture: source
Version: 7.74.0-1.3+deb11u6
Distribution: bullseye-security
Urgency: high
Maintainer: Alessandro Ghedini <ghedo@debian.org>
Changed-By: Roberto C. Sánchez <roberto@debian.org>
Changes:
curl (7.74.0-1.3+deb11u6) bullseye-security; urgency=high
.
* Follow up to CVE-2022-27774:
The revised patch for this CVE in 7.74.0-1.3+deb11u5 contained a defect
such that it incorrectly manages redirects with authentication. As a
result, authetication credentials are cleared in some instances where they
should be retained, breaking certain requests. The patch is corrected in
this version.
Checksums-Sha1:
5fe4ce52f3643843570c213bb0bbbc18066d3d03 2699 curl_7.74.0-1.3+deb11u6.dsc
293b5c4cc6ce1f7cbc23a4a31a858a7d1c7212a0 60504 curl_7.74.0-1.3+deb11u6.debian.tar.xz
a7304b4956be30b6cf50738ee1e20d5cc6259697 12923 curl_7.74.0-1.3+deb11u6_amd64.buildinfo
Checksums-Sha256:
ff18210daf9aa1be32d6f27d662452e7c1d8ed672783944a26218c701d8685c7 2699 curl_7.74.0-1.3+deb11u6.dsc
03714e1ef22779fe42baf5975d6989e93a36de0b693591b8581d3da8480ae0a3 60504 curl_7.74.0-1.3+deb11u6.debian.tar.xz
2daca39e35ed1fa34717df7b5f5e8a91e0e7919274283803b8ad21e224a1425c 12923 curl_7.74.0-1.3+deb11u6_amd64.buildinfo
Files:
5f41d83ac8fc5c7676c7c6ac31d7e54a 2699 web optional curl_7.74.0-1.3+deb11u6.dsc
806b712c2d027f964f924420f8ddaf18 60504 web optional curl_7.74.0-1.3+deb11u6.debian.tar.xz
3f136f74ab4f2fb775e76a670e54920c 12923 web optional curl_7.74.0-1.3+deb11u6_amd64.buildinfo
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEIYZ1DR4ae5UL01q7ldFmTdL1kUIFAmP02skACgkQldFmTdL1
kUJl8hAAtSHwcW3CTcStZ0wQ4c77T6kezzr7EYTj6OVTxrBIgqgJkt0uh4qWzbmJ
SR0Z+EQXvO312MqIPRzZuQXK0fJ7stuHKGq7rAJcpwDtv8vRRE6T5DL0PYRBrg36
lpK+BcNKY5fg2Z8MsZbuEzAsGxrOqTB8dmqlvUFBKLoaPrHeVKLOeWt10x9m+aHg
YN1OjGHYiRGIk2UoQ1j2CSIZSLq8/nIMSD1/hTg6lzFAwqf0p0erhh18fCB7Je00
dLryHnZ5YixOmRivXclqW/YDn4jg9cEX18zwNGffCC53z4ex65gBIwvpMIVC472N
q1UlETVDlbos1UkvXMNoPsclVZClwySnma0PBjJCLs65h5R1hRAOwIy8N4Fl8TGd
l8xiVl+jyY3LtmViIch/X4WmhcNj3Eu62y03wakQoT7WhgODmKZVtDPifyQRI24D
i+GiEF/GKQF/gPNS9SWwiQoX+O4LC2vkZpZBSCJdp/+9snXL4T8l8rEO/63ctcpU
a5NsEJ4ca8cx/XjPbrcfKVyKqJWqFVk8TZ7WREdkZpinbk133WVeNdv2gBocwo3m
pswzP+YMqccknrBP3cTxQ0SuyxS2GQ4k5wDRbKL7OCD18BeNTuz7piGFTVDFK3Tt
6JNyyTpxkpb2Q44g29QnQ3iKJLoBHVt5L+oVqW7j7Pb41Ur9EY4=
=MLhw
-----END PGP SIGNATURE-----