[ubuntu/lunar-proposed] curl 7.88.1-7ubuntu1 (Accepted)
Gianfranco Costamagna
locutusofborg at debian.org
Wed Mar 22 10:53:18 UTC 2023
curl (7.88.1-7ubuntu1) lunar; urgency=low
* Merge from Debian unstable. Remaining changes:
- Don't build-depend on python3-impacket on i386 so we can drop it
(and its dependencies) from the i386 partial port. It's only used for
the tests, which do not block the build in any case.
curl (7.88.1-7) unstable; urgency=medium
* Bump Standards-Version to 4.6.2
* d/p/06_always-disable-valgrind.patch: Remove unused patch
* d/patches: Refresh all patches
* Import 5 new upstream patches fixing CVES:
- CVE-2023-27533: TELNET option IAC injection
- CVE-2023-27534: SFTP path ~ resolving discrepancy
- CVE-2023-27535: FTP too eager connection reuse
- CVE-2023-27536: GSS delegation too eager connection re-use
- CVE-2023-27537: HSTS double-free
- CVE-2023-27538: SSH connection too eager reuse still
Date: Wed, 22 Mar 2023 11:51:25 +0100
Changed-By: Gianfranco Costamagna <locutusofborg at debian.org>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/+source/curl/7.88.1-7ubuntu1
-------------- next part --------------
Format: 1.8
Date: Wed, 22 Mar 2023 11:51:25 +0100
Source: curl
Built-For-Profiles: noudeb
Architecture: source
Version: 7.88.1-7ubuntu1
Distribution: lunar
Urgency: medium
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Gianfranco Costamagna <locutusofborg at debian.org>
Changes:
curl (7.88.1-7ubuntu1) lunar; urgency=low
.
* Merge from Debian unstable. Remaining changes:
- Don't build-depend on python3-impacket on i386 so we can drop it
(and its dependencies) from the i386 partial port. It's only used for
the tests, which do not block the build in any case.
.
curl (7.88.1-7) unstable; urgency=medium
.
* Bump Standards-Version to 4.6.2
* d/p/06_always-disable-valgrind.patch: Remove unused patch
* d/patches: Refresh all patches
* Import 5 new upstream patches fixing CVES:
- CVE-2023-27533: TELNET option IAC injection
- CVE-2023-27534: SFTP path ~ resolving discrepancy
- CVE-2023-27535: FTP too eager connection reuse
- CVE-2023-27536: GSS delegation too eager connection re-use
- CVE-2023-27537: HSTS double-free
- CVE-2023-27538: SSH connection too eager reuse still
Checksums-Sha1:
64c19f65b8726a40245c5a5715e61647fd0e7d7f 3219 curl_7.88.1-7ubuntu1.dsc
2783add103b2a54c7aab7eebc752cce974f3ecbe 45596 curl_7.88.1-7ubuntu1.debian.tar.xz
5f631601a675950578d7884d0f631adf2de7c2c7 9040 curl_7.88.1-7ubuntu1_source.buildinfo
Checksums-Sha256:
8f120d5e5dcaf9f6593a5e8ccea6049733f85f2eec9c716c951e352894839311 3219 curl_7.88.1-7ubuntu1.dsc
a90e9569a68862e4b1e271e2a0e464185e77b91b6f4a5c8864493b167f5f0487 45596 curl_7.88.1-7ubuntu1.debian.tar.xz
75ed61f09dd78f50c337aaebba828222bfa9be9a862a84fd03360b1918096c5e 9040 curl_7.88.1-7ubuntu1_source.buildinfo
Files:
8f9c75f788372171ea36d22a55bc600e 3219 web optional curl_7.88.1-7ubuntu1.dsc
f79f1fb9c4ff5cefddace6d20ec67168 45596 web optional curl_7.88.1-7ubuntu1.debian.tar.xz
526a8b06de3f19454d38fac683ee4dfd 9040 web optional curl_7.88.1-7ubuntu1_source.buildinfo
Original-Maintainer: Alessandro Ghedini <ghedo at debian.org>
More information about the lunar-changes
mailing list