projects / curl.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(merge: 6f0dc41 ca454f4)
curl (7.88.1-10+deb12u6) bookworm; urgency=medium
authorGuilherme Puida Moreira <guilherme@puida.xyz>
Tue, 2 Apr 2024 23:02:10 +0000 (20:02 -0300)
committerGuilherme Puida Moreira <guilherme@puida.xyz>
Tue, 2 Apr 2024 23:02:10 +0000 (20:02 -0300)
commit0465df4b9f55876c0a4c4a44d1a262984ddd00f8
tree98c3c85c08c92699fa1c18244fbd481311e2f6c4tree | snapshot
parent6f0dc41c18d1799ca7f24898807d967e97d75a9fcommit | diff
parentca454f44f9a10b94176f37030ed89b2381cadc43commit | diff
curl (7.88.1-10+deb12u6) bookworm; urgency=medium

  * Team upload.

  [ Sergio Durigan Junior ]
  * d/p/openldap-create-ldap-URLs-correctly-for-IPv6-addresses.patch:
    (Closes: #1053643)

  [ Guilherme Puida Moreira ]
  * Add patches to fix CVE-2024-2004 and CVE-2024-2398.
    - CVE-2024-2004: When a protocol selection parameter disables all
      protocols without adding any then the default set of protocols would
      remain in the allowed set due to an error in the logic for removing
      protocols.
    - CVE-2024-2398: When an application tells libcurl it wants to allow
      HTTP/2 server push and the amount of received headers for the push
      surpasses the maximum allowed limit (1000), libcurl aborts the server
      push and leaks the memory allocated for the previously allocated
      headers.
  * d/p/openldap-create-ldap-URLs-correctly-for-IPv6-addresses.patch:
    Refresh patch.

[dgit import unpatched curl 7.88.1-10+deb12u6]
72 files changed:
debian/README.source | | blob
debian/changelog | | blob
debian/control | | blob
debian/copyright | | blob
debian/curl.install | | blob
debian/curl.manpages | | blob
debian/gbp.conf | | blob
debian/libcurl3-gnutls.install | | blob
debian/libcurl3-gnutls.links | | blob
debian/libcurl3-gnutls.lintian-overrides | | blob
debian/libcurl3-gnutls.symbols | | blob
debian/libcurl3-nss.install | | blob
debian/libcurl3-nss.links | | blob
debian/libcurl3-nss.lintian-overrides | | blob
debian/libcurl3-nss.symbols | | blob
debian/libcurl4-doc.docs | | blob
debian/libcurl4-doc.examples | | blob
debian/libcurl4-doc.links | | blob
debian/libcurl4-doc.manpages | | blob
debian/libcurl4-gnutls-dev.install | | blob
debian/libcurl4-gnutls-dev.links | | blob
debian/libcurl4-gnutls-dev.manpages | | blob
debian/libcurl4-nss-dev.install | | blob
debian/libcurl4-nss-dev.links | | blob
debian/libcurl4-nss-dev.manpages | | blob
debian/libcurl4-openssl-dev.install | | blob
debian/libcurl4-openssl-dev.manpages | | blob
debian/libcurl4.install | | blob
debian/libcurl4.symbols | | blob
debian/patches/04_workaround_as_needed_bug.patch | | blob
debian/patches/08_enable-zsh.patch | | blob
debian/patches/11_omit-directories-from-config.patch | | blob
debian/patches/90_gnutls.patch | | blob
debian/patches/99_nss.patch | | blob
debian/patches/CVE-2023-27533.patch | | blob
debian/patches/CVE-2023-27534.patch | | blob
debian/patches/CVE-2023-27535.patch | | blob
debian/patches/CVE-2023-27536.patch | | blob
debian/patches/CVE-2023-27537.patch | | blob
debian/patches/CVE-2023-27538.patch | | blob
debian/patches/CVE-2023-28319.patch | | blob
debian/patches/CVE-2023-28320-1.patch | | blob
debian/patches/CVE-2023-28320.patch | | blob
debian/patches/CVE-2023-28321.patch | | blob
debian/patches/CVE-2023-28322.patch | | blob
debian/patches/CVE-2023-32001.patch | | blob
debian/patches/CVE-2023-38039.patch | | blob
debian/patches/CVE-2023-38545.patch | | blob
debian/patches/CVE-2023-38546.patch | | blob
debian/patches/CVE-2023-46218.patch | | blob
debian/patches/CVE-2023-46219.patch | | blob
debian/patches/CVE-2024-2004.patch | | blob
debian/patches/CVE-2024-2398.patch | | blob
debian/patches/Remove-curl-s-LDFLAGS-from-curl-config-static-libs.patch | | blob
debian/patches/Use-OpenLDAP-specific-functionality.patch | | blob
debian/patches/Use-correct-path-when-loading-libnss-pem-ckbi-.so.patch | | blob
debian/patches/build-Divide-mit-krb5-gssapi-link-flags-between-LDFLAGS-a.patch | | blob
debian/patches/fix-unix-domain-socket.patch | | blob
debian/patches/openldap-create-ldap-URLs-correctly-for-IPv6-addresses.patch | | blob
debian/patches/series | | blob
debian/rules | | blob
debian/salsa-ci.yml | | blob
debian/source/format | | blob
debian/tests/LDAP-bindata.c | | blob
debian/tests/control | | blob
debian/tests/curl-ldapi-test | | blob
debian/tests/upstream-tests-gnutls | | blob
debian/tests/upstream-tests-nss | | blob
debian/tests/upstream-tests-openssl | | blob
debian/upstream/metadata | | blob
debian/upstream/signing-key.asc | | blob
debian/watch | | blob
Unnamed repository; edit this file 'description' to name the repository.