--- /dev/null
--- /dev/null
++Adding New Patches
++==================
++
++Note that when adding new patches they must be applied *before* 90_gnutls.patch
++and 99_nss.patch. This is needed by curl's package byzantine build process,
++which builds the source multiple times with different TLS libraries.
++
++This basically means that when adding new patches to the debian/patches/series
++file, they must be listed before the aformentioned patches.
--- /dev/null
--- /dev/null
++curl (7.88.1-10+deb12u1) bookworm-security; urgency=medium
++
++ * Team upload.
++ * Fix CVE-2023-32001: TOCTOU race condition in Curl_fopen():
++ - Done by d/p/CVE-2023-32001.patch (Closes: #1041812).
++
++ -- Carlos Henrique Lima Melara <charlesmelara@riseup.net> Sun, 23 Jul 2023 18:43:52 -0300
++
++curl (7.88.1-10) unstable; urgency=medium
++
++ * Add new patches to fix CVEs (closes: #1036239):
++ - CVE-2023-28319: UAF in SSH sha256 fingerprint check
++ - CVE-2023-28320: siglongjmp race condition
++ - CVE-2023-28321: IDN wildcard match
++ - CVE-2023-28322: more POST-after-PUT confusion
++ * d/libcurl*.symbols: Drop curl_jmpenv, not built anymore due to
++ CVE-2023-28320
++
++ -- Samuel Henrique <samueloph@debian.org> Thu, 18 May 2023 23:43:40 +0100
++
++curl (7.88.1-9) unstable; urgency=medium
++
++ [ Sergio Durigan Junior ]
++ * d/p/Use-correct-path-when-loading-libnss-pem-ckbi-.so.patch:
++ Don't prepend "nss" when opening libnssckbi.so. (Closes: #1034359)
++
++ [ Samuel Henrique ]
++ * Update list of tests that fail on IPv6-only envs and don't skip them on
++ autopkgtest
++ * d/p/fix-unix-domain-socket.patch: Import upstream patch to fix --unix
++ (closes: #1033963)
++
++ -- Samuel Henrique <samueloph@debian.org> Sat, 15 Apr 2023 20:03:44 +0100
++
++curl (7.88.1-8) unstable; urgency=medium
++
++ [ Samuel Henrique ]
++ * d/gbp.conf: Push gbp conf with sane defaults
++ * d/salsa-ci.yml: Disable dh_auto_test with DEB_BUILD_OPTIONS
++ * d/rules: Add new build profiles to limit builds to a single TLS backend
++ * d/tests: Add new autopkgtests that runs curl's test suite
++
++ [ Sergio Durigan Junior ]
++ * d/rules: Remove -D_DEB_HOST_ARCH from curl-config's CFLAGS.
++
++ -- Samuel Henrique <samueloph@debian.org> Sun, 26 Mar 2023 11:36:24 +0100
++
++curl (7.88.1-7) unstable; urgency=medium
++
++ * Bump Standards-Version to 4.6.2
++ * d/p/06_always-disable-valgrind.patch: Remove unused patch
++ * d/patches: Refresh all patches
++ * Import 5 new upstream patches fixing CVES:
++ - CVE-2023-27533: TELNET option IAC injection
++ - CVE-2023-27534: SFTP path ~ resolving discrepancy
++ - CVE-2023-27535: FTP too eager connection reuse
++ - CVE-2023-27536: GSS delegation too eager connection re-use
++ - CVE-2023-27537: HSTS double-free
++ - CVE-2023-27538: SSH connection too eager reuse still
++
++ -- Samuel Henrique <samueloph@debian.org> Tue, 21 Mar 2023 22:39:05 +0000
++
++curl (7.88.1-6) unstable; urgency=medium
++
++ * d/rules: Ignore test results from tests that fail on IPv6-only builders
++ (closes: #1032343)
++ * d/control: Don't install gnutls-bin for tests on ppc64el (tests hangs
++ forever)
++
++ -- Samuel Henrique <samueloph@debian.org> Wed, 08 Mar 2023 20:57:09 +0000
++
++curl (7.88.1-5) unstable; urgency=medium
++
++ * Fix stringification of _DEB_HOST_ARCH macro.
++ - d/p/Use-correct-path-when-loading-libnss-pem-ckbi-.so.patch:
++ Use _DEB_HOST_ARCH directly.
++ - d/rules: Quote _DEB_HOST_ARCH when passing it with -D.
++
++ -- Sergio Durigan Junior <sergiodj@debian.org> Mon, 06 Mar 2023 10:22:32 -0500
++
++curl (7.88.1-4) unstable; urgency=medium
++
++ * d/p/Use-correct-path-when-loading-libnss-pem-ckbi-.so.patch:
++ Prepend "/nss/" before the library name.
++
++ -- Sergio Durigan Junior <sergiodj@debian.org> Sun, 05 Mar 2023 18:38:13 -0500
++
++curl (7.88.1-3) unstable; urgency=medium
++
++ * d/p/Use-correct-path-when-loading-libnss-pem-ckbi-.so.patch:
++ Use correct paths when loading libnss{pem,ckbi}.so. (Closes: #726073)
++ * d/rules: Pass _DEB_HOST_ARCH via C{,XX}FLAGS; reenable NSS PEM tests.
++ * d/control: B-D on nss-plugin-pem (test only).
++ Also, make libcurl3-nss depend on nss-plugin-pem as well.
++
++ -- Sergio Durigan Junior <sergiodj@debian.org> Sun, 05 Mar 2023 12:59:58 -0500
++
++curl (7.88.1-2) unstable; urgency=medium
++
++ * Multiple test improvements, which will increase the reliability of the
++ package, especially when backporting fixes on stable and oldstable:
++ - Test results are now critical to the build process, if a test fails,
++ the build will fail.
++ - Add two new test build-dependencies to increase coverage: locales-all
++ and gnutls-bin.
++ - Only run non-flaky tests.
++ - Print logs of failed tests.
++ - Run all tests even if there was a failure.
++ - Ignore results of known failing tests (for Debian).
++ - Disable valgrind through a test parameter instead of patching
++ upstream source code.
++
++ -- Samuel Henrique <samueloph@debian.org> Fri, 03 Mar 2023 08:28:19 +0000
++
++curl (7.88.1-1) unstable; urgency=medium
++
++ * New upstream version 7.88.1
++ - Fix the following CVEs (closes: #1031371)
++ ~ CVE-2023-23916: HTTP multi-header compression denial of service
++ ~ CVE-2023-23915: HSTS amnesia with --parallel
++ ~ CVE-2023-23914: HSTS ignored on multiple requests
++ - Fix curl_multi_socket_action regression (closes: #1029231)
++ * d/patches: Drop backported patch added to fix regression in setopt/getinfo
++ * d/copyright: Drop removed file from copyright
++ * d/control: Update BD to drop transitional package libidn11-dev
++
++ -- Samuel Henrique <samueloph@debian.org> Mon, 20 Feb 2023 22:35:53 +0000
++
++curl (7.87.0-2) unstable; urgency=medium
++
++ * d/patches: Add new upstream patch to fix regression in setopt/getinfo
++ (closes: #1027564)
++ * d/p/build-Divide-mit-krb5...patch: Refresh patch
++
++ -- Samuel Henrique <samueloph@debian.org> Sun, 15 Jan 2023 21:12:09 +0000
++
++curl (7.87.0-1) unstable; urgency=medium
++
++ * New upstream version 7.87.0
++ * d/patches:
++ - Update patches
++ - Drop all backported patches that are applied in the new release
++ * d/copyright: Remove missing file
++ * d/*.lintian-overrides: Remove unused overrides
++
++ [ Simon McVittie ]
++ * Make -dev packages 'Multi-Arch: same' back again (closes: #1024668)
++
++ -- Samuel Henrique <samueloph@debian.org> Fri, 23 Dec 2022 20:36:01 +0000
++
++curl (7.86.0-3) unstable; urgency=medium
++
++ * Fix two HSTS-related CVEs.
++ - d/p/CVE-2022-43551-another-hsts-bypass-via-idn.patch: use the IDN
++ decoded name in HSTS checks.
++ (Closes: #1026829, CVE-2022-43551)
++ - d/p/CVE-2022-43552-http-proxy-deny-use-after-free.patch: do not free
++ smb's/telnet's protocol struct in *_done().
++ (Closes: #1026830, CVE-2022-43552)
++
++ -- Sergio Durigan Junior <sergiodj@debian.org> Wed, 21 Dec 2022 15:55:18 -0500
++
++curl (7.86.0-2) unstable; urgency=medium
++
++ [ Debian Janitor ]
++ * Apply multi-arch hints. + libcurl4-gnutls-dev, libcurl4-nss-dev,
++ libcurl4-openssl-dev: Drop Multi-Arch: same.
++
++ [ Samuel Henrique ]
++ * d/patches: Backport three upstream patches to fix noproxy option.
++
++ -- Samuel Henrique <samueloph@debian.org> Tue, 15 Nov 2022 21:04:55 +0000
++
++curl (7.86.0-1) unstable; urgency=medium
++
++ * New upstream version 7.86.0
++ - Fix HSTS bypass via IDN:
++ curl's HSTS check could be bypassed to trick it to keep using HTTP.
++ (closes: CVE-2022-42916)
++ - Fix HTTP proxy double-free (closes: CVE-2022-42915)
++ - Fix .netrc parser out-of-bounds access (closes: CVE-2022-35260)
++ - Fix POST following PUT confusion (closes: CVE-2022-32221)
++
++ -- Samuel Henrique <samueloph@debian.org> Thu, 27 Oct 2022 20:38:24 +0100
++
++curl (7.85.0-1) unstable; urgency=medium
++
++ * New upstream version 7.85.0
++ - Fix control code in cookie denial of service:
++ When curl retrieves and parses cookies from an HTTP(S) server, it
++ accepts cookies using control codes (byte values below 32). When cookies
++ that contain such control codes are later sent back to an HTTP(S) server,
++ it might make the server return a 400 response. Effectively allowing a
++ "sister site" to deny service to siblings
++ (closes: #1018831, CVE-2022-35252)
++ - Fix FTBFS on riscv64 with gcc-12 (closes: #1015835)
++ * Bump Standards-Version to 4.6.1
++ * Add lintian overrides for old-style-config-script-multiarch-path triggered
++ for curl-config
++ * d/patches:
++ - 11_omit-directories-from-config.patch: Update patch
++ - 20_ftbfs_import_sched.patch: Drop patch, applied upstream
++ * d/rules: Fix configure args, remove bogus '--without-ssl'
++ * d/copyright: Update the whole file
++ * d/(control|watch): Update upstream's URL
++
++ -- Samuel Henrique <samueloph@debian.org> Fri, 02 Sep 2022 13:00:10 +0100
++
++curl (7.84.0-2) unstable; urgency=medium
++
++ * d/p/20_ftbfs_import_sched.patch: New upstream patch to fix FTBFS
++ (closes: #1014596)
++
++ -- Samuel Henrique <samueloph@debian.org> Mon, 11 Jul 2022 22:50:01 +0100
++
++curl (7.84.0-1) unstable; urgency=medium
++
++ * New upstream version 7.84.0
++ - Fix the following CVEs:
++ ~ Improper Enforcement of Message Integrity During Transmission in a
++ Communication Channel (CVE-2022-32208)
++ ~ Improper Preservation of Permissions (CVE-2022-32207)
++ ~ Allocation of Resources Without Limits or Throttling (CVE-2022-32205,
++ CVE-2022-32206)
++
++ -- Samuel Henrique <samueloph@debian.org> Mon, 27 Jun 2022 22:06:25 +0100
++
++curl (7.83.1-2) unstable; urgency=medium
++
++ * d/p/fix_multiline_header_regression.patch: New upstream patch to fix
++ regression (closes: #1012263, #1011696)
++
++ -- Samuel Henrique <samueloph@debian.org> Tue, 14 Jun 2022 18:05:23 +0100
++
++curl (7.83.1-1) unstable; urgency=medium
++
++ * New upstream version 7.83.1
++ - Fix the following CVEs:
++ ~ HSTS bypass via trailing dot (CVE-2022-30115)
++ ~ TLS and SSH connection too eager reuse (CVE-2022-27782)
++ ~ CERTINFO never-ending busy-loop (CVE-2022-27781)
++ ~ percent-encoded path separator in URL host (CVE-2022-27780)
++ ~ cookie for trailing dot TLD (CVE-2022-27779)
++ ~ curl removes wrong file on error (CVE-2022-27778)
++
++ -- Samuel Henrique <samueloph@debian.org> Wed, 11 May 2022 17:46:48 +0100
++
++curl (7.83.0-1) unstable; urgency=medium
++
++ * New upstream version 7.83.0
++ - Fix auth/cookie leak on redirect (closes: #1010252, CVE-2022-27776)
++ - Fix bad local IPv6 connection reuse (closes: #1010253, CVE-2022-27775)
++ - Fix credential leak on redirect (closes: #1010254, CVE-2022-27774)
++ - Fix OAUTH2 bearer bypass in connection re-use
++ (closes: #1010295, CVE-2022-22576)
++ * d/libcurl*.symbols: update symbols files to add curl_easy_header and
++ curl_easy_nextheader
++ * d/patches:
++ - Refresh patches
++ - 12_fix_openssl_cm_check.patch: remove patch, applied upstream
++
++ -- Samuel Henrique <samueloph@debian.org> Thu, 28 Apr 2022 18:53:32 +0100
++
++curl (7.82.0-2) unstable; urgency=medium
++
++ * d/p/12_fix_openssl_cm_check.patch: New upstream patch to fix openssl CN
++ check (closes: #1007739, #1007740)
++ * d/control:
++ - Set libcurl4-doc as Multi-Arch: foreign
++ - Remove ancient version requirements for dependencies
++ * d/salsa-ci.yml: Disable reprotest until it acknowledges
++ SALSA_CI_DPKG_BUILDPACKAGE_ARGS
++
++ -- Samuel Henrique <samueloph@debian.org> Sat, 19 Mar 2022 13:55:00 +0000
++
++curl (7.82.0-1) unstable; urgency=medium
++
++ * New upstream version 7.82.0
++ * d/salsa-ci.yml: Add CI definition customized to skip tests (nocheck), to
++ avoid long build times
++ * Update and refresh patches: 13_fix-man-formatting.patch has been merged
++ upstream
++ * d/rules:
++ - Add --with-nss-deprecated, required to build with nss now
++ (upstream will drop support in August)
++ - Look for nocheck build profile in DEB_BUILD_PROFILES instead of
++ DEB_BUILD_OPTIONS (wider coverage)
++
++ -- Samuel Henrique <samueloph@debian.org> Sat, 05 Mar 2022 13:40:14 +0000
++
++curl (7.81.0-1) unstable; urgency=medium
++
++ * New upstream version 7.81.0
++ * d/p/13_fix-man-formatting.patch: Refresh patch
++
++ -- Samuel Henrique <samueloph@debian.org> Wed, 05 Jan 2022 09:31:32 -0300
++
++curl (7.80.0-3) unstable; urgency=medium
++
++ * Revert "Revert "debian/control: Add Build-Depends on libssh-dev for
++ Ubuntu".
++
++ As per #1002598, the blocker has been solved.
++
++ Note that this does not changes Debian's curl to libssh, it still
++ uses libssh2.
++
++ Discussions about changing to libssh are ongoing at #897950
++
++ -- Samuel Henrique <samueloph@debian.org> Sun, 26 Dec 2021 13:22:18 -0300
++
++curl (7.80.0-2) unstable; urgency=medium
++
++ * Revert "debian/control: Add Build-Depends on libssh-dev for Ubuntu"
++ (closes: #1002597)
++ The change had side effects on Debian due to the inclusion of the new
++ Build-dep, even though it doesn't changes the resulting binary. It cause
++ issues for architecture bootstraping.
++
++ We are gonna reintroduce this change once the issues are fixed, to allow
++ Ubuntu to remove its delta.
++
++ See discussions at #1002598 and #1002597 for details
++
++ -- Samuel Henrique <samueloph@debian.org> Sat, 25 Dec 2021 10:47:13 -0300
++
++curl (7.80.0-1) unstable; urgency=medium
++
++ [ Samuel Henrique ]
++ * New upstream version 7.80.0
++ * Bump Standards-Version to 4.6.0
++ * Add new symbol curl_url_strerror to symbols files
++ * Compile with zstd support (closes: #983660)
++ * d/p/12_use-python3-in-tests.patch: Drop patch, merged upstream
++ * d/p/13_fix-man-formatting.patch: Update patch
++ * d/p/14_fix-compatibility-impacket-0-9-23.patch: Drop patch, merged upstream
++
++ [ Jeremy Bicha ]
++ * debian/control: Add Build-Depends on libssh-dev for Ubuntu
++
++ -- Samuel Henrique <samueloph@debian.org> Fri, 24 Dec 2021 11:42:57 -0300
++
++curl (7.79.1-2) unstable; urgency=medium
++
++ * d/rules: Make test failures non-fatal again.
++ Unfortunately there are some test failures happening on a few
++ architectures, so we have to make the build pass even if not all tests
++ are succeeding, at least until we have time to properly investigate
++ the reason for these failures.
++
++ -- Sergio Durigan Junior <sergiodj@debian.org> Mon, 08 Nov 2021 23:54:35 -0500
++
++curl (7.79.1-1) unstable; urgency=medium
++
++ [ Samuel Henrique ]
++ * Add myself as an Uploader
++ * Add sergiodj as an uploader
++ * New upstream version 7.79.1 (closes: #989046)
++ - Changes since 7.74.0:
++ ~ vtls: fix connection reuse checks for issuer cert and case sensitivity
++ (closes: #991492, CVE-2021-22924)
++ ~ Fix User-Agent header missing in some cases (closes: #994940)
++ ~ Fix TELNET stack contents disclosure (closes: #989228, CVE-2021-22898)
++ * d/rules: Add --with-{openssl|gnutls|nss} to configure args
++ * Update all patches.
++ Remove patches:
++ - 07_do-not-disable-debug-symbols: Obsolete as per
++ https://github.com/curl/curl/issues/7216.
++ - 14_transfer-strip-credentials-from-the-auto-referer-hea:
++ Originally from upstream, part of the release now.
++ - 15_vtls-add-isproxy-argument-to-Curl_ssl_get-addsession:
++ Originally from upstream, part of the release now.
++ - fix-regression-microseconds-instead-of-seconds:
++ Originally from upstream, part of the release now.
++ Update patches:
++ - 12_use-python3-in-tests: Update and forward upstream.
++ - 90_gnutls: Update
++ - 99_nss: Update
++ - 13_fix-man-formatting: Update
++
++ [ Debian Janitor ]
++ * Use secure URI in Homepage field.
++ * Set debhelper-compat version in Build-Depends.
++ * Set upstream metadata fields: Bug-Database,
++ Bug-Submit (from ./configure), Repository, Repository-Browse.
++ * Avoid explicitly specifying -Wl,--as-needed linker flag.
++
++ [ Helmut Grohne ]
++ * Also remove -ffile-prefix-map from curl-config (closes: #990128)
++ * Explicitly disable zstd support (closes: #992505)
++
++ [ Sergio Durigan Junior ]
++ * d/control: Add Rules-Requires-Root: no.
++ * d/copyright: Add public-domain license text.
++ * Enable GPG-checking of orig tarball.
++ - d/upstream/signing-key.asc: Upstream public key.
++ - d/watch: Add "pgpmode=auto" as an option.
++ * Bump debhelper-compat to 13.
++ - d/control: B-D on debhelper-compat = 13.
++ - d/rules: After the override_dh_auto_install target has been run,
++ we know that we can safely get rid of the contents inside the
++ debian/tmp/ directory. This is needed because otherwise dh_missing
++ will complain about uninstalled files, which will make the build
++ fail when using debhelper-compat 13.
++ * d/rules: Some minor cleanup and removal of unneeded comments.
++ * d/rules: Honour "nocheck" build option.
++ * Make OpenSSL and GNUTLS builds fail if tests fail
++ - d/rules: Adjust rule to make OpenSSL and GNUTLS builds fail if their
++ tests fail. Unfortunately, it's still not possible to make the NSS
++ build fail if its tests fail; we're still investigating the failures
++ there with it.
++ - d/p/14_fix-compatibility-impacket-0-9-23.patch: Needed patch
++ to make tests pass with impacket 0.9.23+.
++
++ -- Samuel Henrique <samueloph@debian.org> Mon, 08 Nov 2021 21:14:47 +0000
++
++curl (7.74.0-1.3) unstable; urgency=medium
++
++ * Non-maintainer upload.
++ * Add upstream patch bc7ecc7 so curl -w times shown as seconds with
++ fractions (Closes: #989064)
++
++ -- Paul Gevers <elbrus@debian.org> Fri, 25 Jun 2021 20:59:54 +0200
++
++curl (7.74.0-1.2) unstable; urgency=medium
++
++ * Non-maintainer upload.
++ * transfer: strip credentials from the auto-referer header field
++ (CVE-2021-22876) (Closes: #986269)
++ * vtls: add 'isproxy' argument to Curl_ssl_get/addsessionid()
++ (CVE-2021-22890) (Closes: #986270)
++
++ -- Salvatore Bonaccorso <carnil@debian.org> Sat, 03 Apr 2021 14:43:39 +0200
++
++curl (7.74.0-1.1) unstable; urgency=medium
++
++ * Non-maintainer upload.
++
++ [ Bruno Kleinert ]
++ * Fixed "Please build-depend on libidn2-dev instead of obsolete transition
++ package libidn2-0-dev" (Closes: #974996)
++
++ -- Samuel Henrique <samueloph@debian.org> Wed, 10 Feb 2021 00:42:40 +0000
++
++curl (7.74.0-1) unstable; urgency=medium
++
++ * New upstream release
++ + Fix inferior OCSP verification as per CVE-2020-8286 (Closes: #977161)
++ https://curl.se/docs/CVE-2020-8286.html
++ + Fix FTP wildcard stack overflow as per CVE-2020-8285 (Closes: #977162)
++ https://curl.se/docs/CVE-2020-8285.html
++ + Fix trusting FTP PASV responses as per CVE-2020-8284 (Closes: #977163)
++ https://curl.se/docs/CVE-2020-8284.html
++ * Update debian/watch to new upstream download page layout
++ * Update 12_use-python3-in-tests.patch due to renamed file
++ * Refresh patches
++ * Fix cross-build due to python build dependencies.
++ Thanks to Helmut Grohne for the patch (Closes: #969004)
++ * Fix formatting in some man pages.
++ Thanks to Bjarni Ingi Gislason for the patch (Closes: #963559)
++ * Update list of documentation files to install
++ * Update symbols
++ * Bump Standards-Version to 4.5.1 (no changes needed)
++ * Drop removed file from d/copyright
++
++ -- Alessandro Ghedini <ghedo@debian.org> Thu, 31 Dec 2020 15:22:05 +0100
++
++curl (7.72.0-1) unstable; urgency=medium
++
++ * New upstream release
++ + Fix partial password leak over DNS on HTTP redirect as per CVE-2020-8169
++ (Closes: #965280)
++ https://curl.haxx.se/docs/CVE-2020-8169.html
++ + Fix local file overwrite with -J option as per CVE-2020-8177
++ (Closes: #965281)
++ https://curl.haxx.se/docs/CVE-2020-8177.html
++ + Fix wrong connect-only connection as per CVE-2020-8231 (Closes: #968831)
++ https://curl.haxx.se/docs/CVE-2020-8231.html
++ * Refresh patches
++ * Do not install *.la files.
++ Thanks to Pino Toscano for the patch. (Closes: #955785)
++ * Update list of doc files
++ * Update copyright for polarssl -> mbedtls rename
++ * Use python3 executable in tests
++
++ -- Alessandro Ghedini <ghedo@debian.org> Mon, 24 Aug 2020 10:26:12 +0200
++
++curl (7.68.0-1) unstable; urgency=medium
++
++ * New upstream release
++ * Bump Standards-Version to 4.5.0 (no changes needed)
++ * Update symbols files
++ * Configure default CA file with OpenSSL again (Closes: #948441)
++
++ -- Alessandro Ghedini <ghedo@debian.org> Sat, 22 Feb 2020 14:37:19 +0000
++
++curl (7.67.0-2) unstable; urgency=medium
++
++ * Restore :native annotation for python3 Build-Depends.
++ Thanks to Helmut Grohne for the patch (Closes: #945928)
++
++ -- Alessandro Ghedini <ghedo@debian.org> Sun, 01 Dec 2019 13:29:28 +0000
++
++curl (7.67.0-1) unstable; urgency=medium
++
++ * New upstream release
++ * Replace python with python3 in Build-Depends (Closes: #942984)
++ * Bump Standards-Version to 4.4.1 (no changes needed)
++
++ -- Alessandro Ghedini <ghedo@debian.org> Sat, 30 Nov 2019 12:45:07 +0000
++
++curl (7.66.0-1) unstable; urgency=medium
++
++ * New upstream release (Closes: #940024)
++ + Fix FTP-KRB double-free as per CVE-2019-5481 (Closes: #940009)
++ https://curl.haxx.se/docs/CVE-2019-5481.html
++ + Fix TFTP small blocksize heap buffer overflow as per CVE-2019-5482
++ (Closes: #940010)
++ https://curl.haxx.se/docs/CVE-2019-5482.html
++ * Refresh patches
++ * Enable brotli support (Closes: #940129)
++ * Update *.symbols files
++
++ -- Alessandro Ghedini <ghedo@debian.org> Sun, 15 Sep 2019 15:47:05 +0100
++
++curl (7.65.3-1) unstable; urgency=medium
++
++ * New upstream release
++ * Drop 12_fix-man-errors.patch (merged upstream)
++ * Remove Ian Jackson from Uploaders as he has never done an upload
++
++ -- Alessandro Ghedini <ghedo@debian.org> Fri, 09 Aug 2019 19:45:02 +0100
++
++curl (7.65.1-1) unstable; urgency=medium
++
++ * New upstream release
++ + Reduce verbose output (Closes: #926148)
++ + Fix parsing URLs with link local addresses (Closes: #926812)
++ * Drop patches merged upstream
++ * Refresh patches
++ * Bump STandards-Version to 4.4.0 (no changes needed)
++ * Update entry in copyright for renamed files
++ * Fix some man errors.
++ Thanks to Bjarni Ingi Gislason for the patch (Closes: #926352)
++ * Add Build-Depends-Package field to symbols files
++
++ -- Alessandro Ghedini <ghedo@debian.org> Sat, 13 Jul 2019 12:37:09 +0100
++
++curl (7.64.0-4) unstable; urgency=medium
++
++ * Fix TFTP receive buffer overflow as per CVE-2019-5436 (Closes: #929351)
++ https://curl.haxx.se/docs/CVE-2019-5436.html
++ * Fix integer overflow in curl_url_set() as per CVE-2019-5435 (Closes: #929352)
++ https://curl.haxx.se/docs/CVE-2019-5435.html
++
++ -- Alessandro Ghedini <ghedo@debian.org> Fri, 14 Jun 2019 19:23:32 +0100
++
++curl (7.64.0-3) unstable; urgency=medium
++
++ * Fix potential crash in HTTP/2 code and busy loop at the end of connections
++ (Closes: #927471)
++
++ -- Alessandro Ghedini <ghedo@debian.org> Sat, 04 May 2019 12:51:06 +0100
++
++curl (7.64.0-2) unstable; urgency=medium
++
++ * Fix infinite loop when fetching URLs with unreachable IPv6 (Closes: #922554)
++
++ -- Alessandro Ghedini <ghedo@debian.org> Thu, 07 Mar 2019 20:02:35 +0000
++
++curl (7.64.0-1) unstable; urgency=medium
++
++ * New upstream release
++ + Fix NTLM type-2 out-of-bounds buffer read as per CVE-2018-16890
++ https://curl.haxx.se/docs/CVE-2018-16890.html
++ + Fix NTLMv2 type-3 header stack buffer overflow as per CVE-2019-3822
++ https://curl.haxx.se/docs/CVE-2019-3822.html
++ + Fix SMTP end-of-response out-of-bounds read as per CVE-2019-3823
++ https://curl.haxx.se/docs/CVE-2019-3823.html
++ + Fix HTTP negotiation with POST requests (Closes: #920267)
++ * Refresh patches
++ * Import fixes for zsh completion script generator (Closes: #92145)
++
++ -- Alessandro Ghedini <ghedo@debian.org> Wed, 06 Feb 2019 22:33:05 +0000
++
++curl (7.63.0-1) unstable; urgency=medium
++
++ * New upstream release
++ + Fix IPv6 numeral address parser (Closes: #915520)
++ + Fix timeout handling (Closes: #914793)
++ + Fix HTTP auth to include query in URI (Closes: #913214)
++ * Drop 12_fix-runtests-curl.patch (merged upstream)
++ * Update symbols
++ * Update copyright for removed files
++ * Bump debhlper compat level to 12
++ * Bump Standards-Version to 4.3.0 (no changes needed)
++
++ -- Alessandro Ghedini <ghedo@debian.org> Tue, 15 Jan 2019 20:47:40 +0000
++
++curl (7.62.0-1) unstable; urgency=medium
++
++ * New upstream release
++ + Fix NTLM password overflow via integer overflow as per CVE-2018-14618
++ (Closes: #908327) https://curl.haxx.se/docs/CVE-2018-14618.html
++ + Fix SASL password overflow via integer overflow as per CVE-2018-16839
++ https://curl.haxx.se/docs/CVE-2018-16839.html
++ + Fix use-after-free in handle close as per CVE-2018-16840
++ https://curl.haxx.se/docs/CVE-2018-16840.html
++ + Fix warning message out-of-buffer read as per CVE-2018-16842
++ https://curl.haxx.se/docs/CVE-2018-16842.html
++ + Fix broken terminal output (closes: #911333)
++ * Refresh patches
++ * Add 12_fix-runtests-curl.patch to fix running curl in tests
++
++ -- Alessandro Ghedini <ghedo@debian.org> Wed, 31 Oct 2018 22:42:44 +0000
++
++curl (7.61.0-1) unstable; urgency=medium
++
++ * New upstream release
++ + Fix SMTP send heap buffer overflow as per CVE-2018-0500 (Closes: #903546)
++ https://curl.haxx.se/docs/adv_2018-70a2.html
++ + Fix some crashes related to HTTP/2 (Closes: #902628)
++ * Disable libssh2 on Ubuntu.
++ Thanks to Gianfranco Costamagna for the patch (Closes: #888449)
++ * Bump Standards-Version to 4.2.0 (no changes needed)
++ * Don't configure default CA bundle with OpenSSL and GnuTLS (Closes: #883174)
++
++ -- Alessandro Ghedini <ghedo@debian.org> Sat, 11 Aug 2018 13:32:28 +0100
++
++curl (7.60.0-2) unstable; urgency=medium
++
++ [ Steve Langasek ]
++ * Build-depend on libssl-dev instead of libssl1.0-dev.
++ * Rename libcurl3 to libcurl4, because libcurl exposes an SSL_CTX via
++ CURLOPT_SSL_CTX_FUNCTION, and this object changes incompatibly between
++ openssl 1.0 and openssl 1.1.
++ * debian/patches/03_keep_symbols_compat.patch: drop, since we are no longer
++ claiming compatibility.
++ * debian/patches/90_gnutls.patch: Retain symbol versioning compatibility for
++ non-OpenSSL builds. Closes: #858398.
++ * Adjust libssl1.1 vs libssl1.0 Suggests/Conflicts; thanks, Adrian Bunk
++
++ -- Alessandro Ghedini <ghedo@debian.org> Wed, 23 May 2018 20:25:39 +0100
++
++curl (7.60.0-1) unstable; urgency=medium
++
++ * New upstream release (Closes: #891997, #893546, #898856)
++ + Fix use of IPv6 literals with NO_PROXY
++ + Fix NIL byte out of bounds write due to FTP path trickery
++ as per CVE-2018-1000120
++ https://curl.haxx.se/docs/adv_2018-9cd6.html
++ + Fix LDAP NULL pointer dereference as per CVE-2018-1000121
++ https://curl.haxx.se/docs/adv_2018-97a2.html
++ + Fix RTSP RTP buffer over-read as per CVE-2018-1000122
++ https://curl.haxx.se/docs/adv_2018-b047.html
++ + Fix heap buffer overflow when closing down an FTP connection
++ with very long server command replies as per CVE-2018-1000300
++ https://curl.haxx.se/docs/adv_2018-82c2.html
++ + Fix heap buffer over-read when parsing bad RTSP headers
++ as per CVE-2018-1000301
++ https://curl.haxx.se/docs/adv_2018-b138.html
++ * Refresh patches
++ * Bump Standards-Version to 4.1.4 (no changes needed)
++
++ -- Alessandro Ghedini <ghedo@debian.org> Fri, 18 May 2018 20:21:17 +0100
++
++curl (7.58.0-2) unstable; urgency=medium
++
++ * Explicitly enable libssh2 support which got silently disabled in the
++ previous update
++
++ -- Alessandro Ghedini <ghedo@debian.org> Wed, 24 Jan 2018 20:27:50 +0000
++
++curl (7.58.0-1) unstable; urgency=medium
++
++ * New upstream release
++ - Fix HTTP/2 trailer out-of-bounds read as per CVE-2018-1000005
++ https://curl.haxx.se/docs/adv_2018-824a.html
++ - Fix HTTP authentication leak in redirects as per CVE-2018-1000007
++ https://curl.haxx.se/docs/adv_2018-b3bf.html
++ * Point Vcs-* to salsa.d.o
++ * Bump Standards-Version to 4.1.3 (no changes needed)
++ * Bump debhlper compat level to 11
++ * Refresh patches
++ * fix insecure-copyright-format-uri
++
++ -- Alessandro Ghedini <ghedo@debian.org> Wed, 24 Jan 2018 11:13:58 +0000
++
++curl (7.57.0-1) unstable; urgency=medium
++
++ * New upstream release
++ - Fix NTLM buffer overflow via integer overflow as per CVE-2017-8816
++ https://curl.haxx.se/docs/adv_2017-11e7.html
++ - Fix FTP wildcard out of bounds read as per CVE-2017-8817
++ https://curl.haxx.se/docs/adv_2017-ae72.html
++ - Fix SSL out of buffer access as per CVE-2017-8818
++ https://curl.haxx.se/docs/adv_2017-af0a.html
++ * Remove -fdebug-prefix-map from curl-config.
++ Thanks to Timo Weingärtner for the patch (Closes: #861974, #874223, #874238)
++ * Don't install zsh completion when cross compiling.
++ Thanks to Wookey for the patch (Closes: #812965)
++
++ -- Alessandro Ghedini <ghedo@debian.org> Thu, 30 Nov 2017 10:16:03 +0000
++
++curl (7.56.1-1) unstable; urgency=medium
++
++ * New upstream release
++ - Fix IMAP FETCH response out of bounds read as per CVE-2017-1000257
++ https://curl.haxx.se/docs/adv_20171023.html
++ * Bump Standards-Version to 4.1.1 (no changes needed)
++ * Drop 01_runtests_gdb.patch
++ * Drop 12_dont-wait-on-CONNECT.patch
++ * Refresh patches
++ * Update *.symbols files
++ * Use https:// URL in watch file
++
++ -- Alessandro Ghedini <ghedo@debian.org> Tue, 24 Oct 2017 11:05:48 +0100
++
++curl (7.55.1-1) unstable; urgency=medium
++
++ * New upstream release
++ - Fix FTBFS on powerpc (Closes: #872502)
++ * Apply upstream patch to fix connection timeouts with NetworkManager
++ (Closes: #873181)
++ * Refresh patches
++ * Bump Standards-Version to 4.1.0 (no changes needed)
++
++ -- Alessandro Ghedini <ghedo@debian.org> Sat, 02 Sep 2017 12:10:22 +0100
++
++curl (7.55.0-1) unstable; urgency=medium
++
++ * New upstream release
++ - Fix TFTP sends more than buffer size as per CVE-2017-1000100
++ (Closes: #871555)
++ - Fix URL globbing out of bounds read as per CVE-2017-1000101
++ (Closes: #871554)
++ * Refresh patches and drop patches merged upstream
++ * Update Standards-Version to 4.0.1 (no changes needed)
++ * Drop -dbg package
++
++ -- Alessandro Ghedini <ghedo@debian.org> Sat, 12 Aug 2017 15:18:05 +0100
++
++curl (7.52.1-5) unstable; urgency=high
++
++ * Fix TLS session resumption client cert bypass as per CVE-2017-7468
++ https://curl.haxx.se/docs/adv_20170419.html
++
++ -- Alessandro Ghedini <ghedo@debian.org> Wed, 19 Apr 2017 11:19:50 +0100
++
++curl (7.52.1-4) unstable; urgency=medium
++
++ * Fix regression in CONNECT response handling (Closes: #857613)
++ * Fix buffer read overrun on --write-out as per CVE-2017-7407
++ https://curl.haxx.se/docs/adv_20170403.html (Closes: #859500)
++
++ -- Alessandro Ghedini <ghedo@debian.org> Sat, 08 Apr 2017 21:55:27 +0100
++
++curl (7.52.1-3) unstable; urgency=high
++
++ * Make SSL_VERIFYSTATUS work again as per CVE-2017-2629
++ https://curl.haxx.se/docs/adv_20170222.html
++
++ -- Alessandro Ghedini <ghedo@debian.org> Tue, 21 Feb 2017 22:38:41 +0000
++
++curl (7.52.1-2) unstable; urgency=medium
++
++ * Fix HTTPS connection timeout with OpenSSL (Closes: #852317)
++
++ -- Alessandro Ghedini <ghedo@debian.org> Sun, 29 Jan 2017 21:34:10 +0000
++
++curl (7.52.1-1) unstable; urgency=medium
++
++ * New upstream release
++ - Fix printf floating point buffer overflow as per CVE-2016-9586
++ (Closes: #848958)
++ * B-D on "libssl1.0-dev | libssl-dev (<< 1.1)" (Closes: #850880, #844018)
++ * Another attempt at making -dev packages multi-arch.
++ Thanks to Benjamin Moody for the patches. (Closes: #731998, #846360)
++ * Enable support for PSL (Closes: #847958)
++ * Re-enable support for IDN (Closes: #849539)
++ * Drop 10_disable-network-tests.patch.
++ It didn't really work, and the issue is not urgent.
++ * Switch curl binary back to libcurl3/OpenSSL.
++ While the GnuTLS flavour mostly worked fine, there are a bunch of features
++ that are not implemented.
++
++ -- Alessandro Ghedini <ghedo@debian.org> Thu, 12 Jan 2017 22:02:44 +0000
++
++curl (7.51.0-1) unstable; urgency=medium
++
++ * New upstream release
++ - Fix cookie injection for other servers as per CVE-2016-8615
++ https://curl.haxx.se/docs/adv_20161102A.html
++ - Fix case insensitive password comparison as per CVE-2016-8616
++ https://curl.haxx.se/docs/adv_20161102B.html
++ - Fix OOB write via unchecked multiplication as per CVE-2016-8617
++ https://curl.haxx.se/docs/adv_20161102C.html
++ - Fix double-free in curl_maprintf as per CVE-2016-8618
++ https://curl.haxx.se/docs/adv_20161102D.html
++ - Fix double-free in krb5 code as per CVE-2016-8619
++ https://curl.haxx.se/docs/adv_20161102E.html
++ - Fix glob parser write/read out of bounds as per CVE-2016-8620
++ https://curl.haxx.se/docs/adv_20161102F.html
++ - Fix curl_getdate read out of bounds as per CVE-2016-8621
++ https://curl.haxx.se/docs/adv_20161102G.html
++ - Fix URL unescape heap overflow via integer truncation as per CVE-2016-8622
++ https://curl.haxx.se/docs/adv_20161102H.html
++ - Fix use-after-free via shared cookies as per CVE-2016-8623
++ https://curl.haxx.se/docs/adv_20161102I.html
++ - Fix invalid URL parsing with '#' as per CVE-2016-8624
++ https://curl.haxx.se/docs/adv_20161102J.html
++ - Fix IDNA 2003 makes curl use wrong host
++ https://curl.haxx.se/docs/adv_20161102K.html
++ - Fix escape and unescape integer overflows as
++ per CVE-2016-7167 (Closes: #837945)
++ https://curl.haxx.se/docs/adv_20160914.html
++ - Fix incorrect reuse of client certificates (NSS backend)
++ as per CVE-2016-7141 (Closes: #836918)
++ https://curl.haxx.se/docs/adv_20160907.html
++ * Drop 02_art_http_scripting.patch (file not shipped anymore)
++ * Refresh patches
++ * Temporarily disable IDN support
++ * Don't install pdf and html docs (they are not shipped in the tarball anymore)
++ * Install markdown docs
++
++ -- Alessandro Ghedini <ghedo@debian.org> Thu, 03 Nov 2016 22:46:14 +0000
++
++curl (7.50.1-2) unstable; urgency=medium
++
++ * Disable more network tests (Closes: #830273)
++
++ -- Alessandro Ghedini <ghedo@debian.org> Sun, 28 Aug 2016 14:48:05 +0100
++
++curl (7.50.1-1) unstable; urgency=medium
++
++ * New upstream release (Closes: #827900)
++ - Fix TLS session resumption client cert bypass as per CVE-2016-5419
++ https://curl.haxx.se/docs/adv_20160803A.html
++ - Fix re-using connection with wrong client cert as per CVE-2016-5420
++ https://curl.haxx.se/docs/adv_20160803B.html
++ - Fix use of connection struct after free as per CVE-2016-5421
++ https://curl.haxx.se/docs/adv_20160803C.html
++ - Support OpenSSL 1.1 (Closes: #828127)
++ * Fix 04_workaround_as_needed_bug.patch.
++ Thanks to Yuriy M. Kaminskiy for the patch (Closes: #818131)
++ * Bump Standards-Version to 3.9.8 (no changes needed)
++ * Update Vcs-* URLs
++ * Refresh patches
++ * Add 08_enable-zsh.patch to re-enable zsh completion generation
++ * Remove 08_fix-zsh-completion.patch (was already disabled)
++ * Add 09_fix-typo.patch to fix spelling-error-in-manpage
++ * Add 10_disable-network-tests.patch to disable networked tests
++ (Closes: #830273)
++ * Improve cross Build-Depends satisfiability.
++ Thanks to Helmut Grohne for the patch (Closes: #818092)
++
++ -- Alessandro Ghedini <ghedo@debian.org> Wed, 03 Aug 2016 12:46:05 +0100
++
++curl (7.47.0-1) unstable; urgency=high
++
++ * New upstream release
++ - Fix NTLM credentials not-checked for proxy connection re-use
++ as per CVE-2016-0755
++ http://curl.haxx.se/docs/adv_20160127A.html
++ - Set uyrgency=high accordingly
++ * Remove hard-coded dependency on libgnutls (Closes: #812542)
++ * Drop 08_fix-zsh-completion.patch (merged upstream)
++ * Refresh patches
++
++ -- Alessandro Ghedini <ghedo@debian.org> Wed, 27 Jan 2016 11:45:59 +0000
++
++curl (7.46.0-1) unstable; urgency=medium
++
++ * New upstream release
++ - Initialize OpenSSL algorithms after loading config (Closes: #805408)
++ * Install curl zsh completion (Closes: #805509)
++ - Add 08_fix-zsh-completion.patch to fix zsh completion generation
++
++ -- Alessandro Ghedini <ghedo@debian.org> Sun, 27 Dec 2015 18:18:09 +0100
++
++curl (7.45.0-1) unstable; urgency=medium
++
++ * New upstream release
++ * Drop 08_spelling.patch (merged upstream)
++
++ -- Alessandro Ghedini <ghedo@debian.org> Wed, 07 Oct 2015 12:59:03 +0200
++
++curl (7.44.0-2) unstable; urgency=medium
++
++ * Enable HTTP/2 support (Closes: #796302)
++
++ -- Alessandro Ghedini <ghedo@debian.org> Thu, 10 Sep 2015 11:25:14 +0200
++
++curl (7.44.0-1) unstable; urgency=medium
++
++ * New upstream release
++ * Refresh patches
++ * Update symbols files
++ * Add 08_spelling.patch to fix some spelling errors
++
++ -- Alessandro Ghedini <ghedo@debian.org> Wed, 12 Aug 2015 11:49:04 +0200
++
++curl (7.43.0-1) unstable; urgency=medium
++
++ * New upstream release
++ - Fix lingering HTTP credentials in connection re-use as per CVE-2015-3236
++ http://curl.haxx.se/docs/adv_20150617A.html
++ - Fix SMB send off unrelated memory contents as per CVE-2015-3237
++ http://curl.haxx.se/docs/adv_20150617B.html
++ * Refresh patches
++ * Fix spelling-error-in-description
++
++ -- Alessandro Ghedini <ghedo@debian.org> Wed, 17 Jun 2015 10:21:34 +0200
++
++curl (7.42.1-3) unstable; urgency=medium
++
++ * Update copyright
++ * Set both CA bundle and CA path default values for OpenSSL and GnuTLS
++ backends
++ * Bump versioned depends on libgnutls to workaround lack of nettle versioned
++ symbols (Closes: #787960)
++
++ -- Alessandro Ghedini <ghedo@debian.org> Sun, 07 Jun 2015 18:15:15 +0200
++
++curl (7.42.1-2) unstable; urgency=medium
++
++ * Switch curl binary to libcurl3-gnutls (Closes: #342719)
++ This is the first step of a possible migration to a GnuTLS-only
++ libcurl for Debian. Let's see how it goes.
++
++ -- Alessandro Ghedini <ghedo@debian.org> Sun, 03 May 2015 13:13:15 +0200
++
++curl (7.42.1-1) unstable; urgency=high
++
++ * New upstream release
++ - Don't send sensitive HTTP server headers to proxies as per
++ CVE-2015-3153
++ http://curl.haxx.se/docs/adv_20150429.html
++ * Drop 08_fix-spelling.patch (merged upstream)
++ * Refresh patches
++
++ -- Alessandro Ghedini <ghedo@debian.org> Wed, 29 Apr 2015 10:43:43 +0200
++
++curl (7.42.0-1) unstable; urgency=medium
++
++ * New upstream release
++ - Fix re-using authenticated connection when unauthenticated
++ as per CVE-2015-3143
++ http://curl.haxx.se/docs/adv_20150422A.html
++ - Fix host name out of boundary memory access as per CVE-2015-3144
++ http://curl.haxx.se/docs/adv_20150422D.html
++ - Fix cookie parser out of boundary memory access as per CVE-2015-3145
++ http://curl.haxx.se/docs/adv_20150422C.html
++ - Fix Negotiate not treated as connection-oriented as per CVE-2015-3148
++ http://curl.haxx.se/docs/adv_20150422B.html
++ - Disable SSLv3 in the OpenSSL backend when OPENSSL_NO_SSL3_METHOD is
++ defined (Closes: #768562)
++ * Drop patches merged upstream
++ * Refresh patches
++ * Bump Standards-Version to 3.9.6 (no changes needed)
++
++ -- Alessandro Ghedini <ghedo@debian.org> Wed, 22 Apr 2015 11:07:32 +0200
++
++curl (7.38.0-4) unstable; urgency=high
++
++ * Fix URL request injection vulnerability as per CVE-2014-8150
++ http://curl.haxx.se/docs/adv_20150108B.html
++ * Set urgency=high accordingly
++
++ -- Alessandro Ghedini <ghedo@debian.org> Thu, 08 Jan 2015 10:47:24 +0100
++
++curl (7.38.0-3) unstable; urgency=high
++
++ * Enable all hardening options (Closes: #763372)
++ * Fix duphandle read out of bounds as per CVE-2014-3707
++ http://curl.haxx.se/docs/adv_20141105.html
++ * Set urgency=high accordingly
++
++ -- Alessandro Ghedini <ghedo@debian.org> Thu, 06 Nov 2014 11:40:24 +0100
++
++curl (7.38.0-2) unstable; urgency=medium
++
++ * Check for libtoolize instead of libtool during build.
++ Thanks to Helmut Grohne for the patch (Closes: #761740)
++ * Add README.source note regarding ordering of patches (Closes: #762193)
++ * Add 10_fix-resolver.patch from upstream (Closes: #762014)
++
++ -- Alessandro Ghedini <ghedo@debian.org> Tue, 23 Sep 2014 16:41:53 +0200
++
++curl (7.38.0-1) unstable; urgency=medium
++
++ * New upstream release
++ - Only use full host matches for hosts used as IP address
++ as per CVE-2014-3613
++ http://curl.haxx.se/docs/adv_20140910A.html
++ - Reject incoming cookies set for TLDs as per CVE-2014-3620
++ http://curl.haxx.se/docs/adv_20140910B.html
++ * Drop 08_link-curl-to-nss.patch (merged upstream)
++ * Refresh patches
++ * Fix wildcard-matches-nothing-in-dep5-copyright
++ * Add 08_fix-spelling.patch
++
++ -- Alessandro Ghedini <ghedo@debian.org> Wed, 10 Sep 2014 20:11:02 +0200
++
++curl (7.37.1-1) unstable; urgency=medium
++
++ * New upstream release
++ * Re-enable RTMP support (Closes: #754222)
++ * Add 08_link-curl-to-nss.patch to fix NSS build
++ * Refresh patches
++ * Install manpages of single libcurl options too
++
++ -- Alessandro Ghedini <ghedo@debian.org> Fri, 18 Jul 2014 10:18:03 +0200
++
++curl (7.37.0-1) unstable; urgency=medium
++
++ * New upstream release
++ - Fix NULL pointer dereference in GnuTLS code (Closes: #746349)
++ * Drop 08_fix-imap-tests.patch (merged upstream)
++ * Refresh 01_runtests_gdb.patch
++ * Remove Build-Depends on libgcrypt
++
++ -- Alessandro Ghedini <ghedo@debian.org> Wed, 21 May 2014 15:22:38 +0200
++
++curl (7.36.0-2) unstable; urgency=medium
++
++ * Move Depends on -dev packages needed to use static libraries to Suggests
++ * Switch to GnuTLS 3.x (Closes: #741568)
++ * Disable RTMP support (librtmp-dev requires libgnutls-dev, which conflicts
++ with libgnutls28-dev)
++
++ -- Alessandro Ghedini <ghedo@debian.org> Mon, 28 Apr 2014 19:37:14 +0200
++
++curl (7.36.0-1) unstable; urgency=high
++
++ * New upstream release (Closes: #742728)
++ - Fix connection re-use when using different log-in credentials
++ as per CVE-2014-0138
++ http://curl.haxx.se/docs/adv_20140326A.html
++ - Reject IP address wildcard matches as per CVE-2014-0139
++ http://curl.haxx.se/docs/adv_20140326B.html
++ - Set urgency=high accordingly
++ * Add 08_fix-imap-tests.patch to fix tests broken by the fix for CVE-2014-0138
++
++ -- Alessandro Ghedini <ghedo@debian.org> Sun, 30 Mar 2014 15:36:35 +0200
++
++curl (7.35.0-1) unstable; urgency=high
++
++ * New upstream release
++ - Fix re-use of wrong HTTP NTLM connection as per CVE-2014-0015
++ http://curl.haxx.se/docs/adv_20140129.html
++ - Set urgency=high accordingly
++ * Refresh patches
++
++ -- Alessandro Ghedini <ghedo@debian.org> Wed, 29 Jan 2014 11:16:57 +0100
++
++curl (7.34.0-1) unstable; urgency=high
++
++ * New upstream release
++ - Fix GnuTLS checking of a certificate CN or SAN name field when the
++ digital signature verification is turned off as per CVE-2013-6422
++ http://curl.haxx.se/docs/adv_20131217.html
++ - Set urgency=high accordingly
++ * Drop patches merged upstream:
++ - 08_fix-typo.patch
++ - 09_fix-urlglob.patch
++
++ -- Alessandro Ghedini <ghedo@debian.org> Tue, 17 Dec 2013 13:16:19 +0100
++
++curl (7.33.0-2) unstable; urgency=low
++
++ * Make -dev packages Multi-Arch: same too (Closes: #731309)
++ * Bump Standards-Version to 3.9.5 (no changes needed)
++ * Add 09_fix-urlglob.patch to fix URL globbing (Closes: #731855)
++
++ -- Alessandro Ghedini <ghedo@debian.org> Wed, 11 Dec 2013 18:44:37 +0100
++
++curl (7.33.0-1) unstable; urgency=low
++
++ * New upstream release
++ - Handle arbitrary-length username and password (Closes: #719856)
++ * Remove Luk from Uploaders as per his request (Closes: #723603)
++ * Do not Build-Depends on specific automake version (Closes: #724361)
++ * Fix lintian vcs-field-not-canonical
++ * Add 08_fix-typo.patch
++ * Refresh patches
++
++ -- Alessandro Ghedini <ghedo@debian.org> Mon, 14 Oct 2013 22:11:14 +0200
++
++curl (7.32.0-1) unstable; urgency=low
++
++ * New upstream release
++ * Fix typo in changelog entry for 7.31.0-1 (Closes: #714502)
++ * Drop 08_typo.patch (merged upstream)
++ * Drop 09_openssl-recv.patch (merged upstream)
++ * Refresh 90_gnutls.patch and 99_nss.patch
++ * Refresh 06_always-disable-valgrind.patch
++ * Enable threaded DNS resolver (Closes: #570436)
++ See NEWS.Debian for more info
++
++ -- Alessandro Ghedini <ghedo@debian.org> Mon, 12 Aug 2013 12:19:05 +0200
++
++curl (7.31.0-2) unstable; urgency=high
++
++ * Add 09_openssl-recv.patch to fix incorrect OpenSSL usage (Closes: #714050)
++ * Set urgency=high because of the security fix in the previous upload
++
++ -- Alessandro Ghedini <ghedo@debian.org> Wed, 26 Jun 2013 11:47:00 +0200
++
++curl (7.31.0-1) unstable; urgency=low
++
++ * New upstream release
++ - Fix URL decode buffer boundary flaw as per CVE-2013-2174
++ http://curl.haxx.se/docs/adv_20130622.html
++ * Make curl Multi-Arch: foreign (Closes: #712585)
++ * Drop 08_reset-timecond.patch (merged upstream)
++ * Refresh patches
++ * Add 08_typo.patch to fix a couple of typos in one of the manpages
++
++ -- Alessandro Ghedini <ghedo@debian.org> Sat, 22 Jun 2013 15:46:53 +0200
++
++curl (7.30.0-2) unstable; urgency=low
++
++ * Move textual docs to the -doc package too
++ * Move manpages from -dev packages to -doc as well
++ - Add Breaks+Replaces accordingly
++ * Remove outdated Replaces/Conflicts
++ * Update watch file version to 3
++ * Add 08_reset-timecond.patch (Closes: #705783)
++
++ -- Alessandro Ghedini <ghedo@debian.org> Fri, 10 May 2013 17:46:46 +0200
++
++curl (7.30.0-1) unstable; urgency=low
++
++ * New upstream release
++ * Update upstream copyright years
++ * Drop patches merged upstream:
++ - 08_NULL-pointer-dereference-on-close.patch
++ - 09_CVE-213-1944.patch
++ - 10_test1218-another-cookie-tailmatch-test.patch
++ * Update patches:
++ - 03_keep_symbols_compat.patch
++ - 90_gnutls.patch
++ - 99_nss.patch
++ * Add libcurl4-doc package:
++ - Move *.pdf and *.html files to the libcurl4-doc package
++ - Add Suggests for -doc package to -dev packages
++ - Move examples to the -doc package
++ * Add Build-Depends on python which is used by some tests
++
++ -- Alessandro Ghedini <ghedo@debian.org> Thu, 18 Apr 2013 12:55:09 +0200
++
++curl (7.29.0-2.1) unstable; urgency=high
++
++ * Non-maintainer upload.
++
++ [ Alessandro Ghedini ]
++ * Do not compress *.pdf files (Closes: #704093)
++
++ [ Salvatore Bonaccorso ]
++ * Add 09_CVE-213-1944.patch.
++ Fix CVE-2013-1944: fix tailmatching to prevent cross-domain leakage.
++ Cookies set for 'example.com' could accidentaly also be sent by libcurl
++ to the 'bexample.com' (ie with a prefix to the first domain name).
++ (Closes: #705274)
++ * Add testcase for CVE-2013-1944.
++
++ -- Salvatore Bonaccorso <carnil@debian.org> Fri, 12 Apr 2013 13:55:34 +0200
++
++curl (7.29.0-2) unstable; urgency=low
++
++ * Fix a segfault when closing an unused multi handle (Closes: #701713)
++ * Mention LDAPS in packages' long descriptions
++ * Clean-up d/rules
++ - Switch to short-form dh
++ - Enable test suite on hurd and kfreebsd too
++ - Enable GSSAPI support on hurd too
++
++ -- Alessandro Ghedini <ghedo@debian.org> Mon, 11 Mar 2013 19:02:56 +0100
++
++curl (7.29.0-1) unstable; urgency=high
++
++ * New upstream release
++ - Fix buffer overflow when negotiating SASL DIGEST-MD5 authentication
++ as per CVE-2013-0249 (Closes: #700002)
++ http://curl.haxx.se/docs/adv_20130206.html
++ - Set urgency=high accordingly
++ * Install all the examples
++ * Update 90_gnutls.patch and 99_nss.patch
++ * Refresh patches
++ * Correctly pass CPPFLAGS to ./configure
++ * Upload to unstable
++
++ -- Alessandro Ghedini <ghedo@debian.org> Mon, 11 Feb 2013 14:48:03 +0100
++
++curl (7.28.1-1) experimental; urgency=low
++
++ * New upstream release
++ * Drop 05_fix-git-over-https.patch and 08_fix-git-auth.patch
++ (merged upstream)
++ * Update 07_do-not-disable-debug-symbols.patch
++ * Refresh patches
++ * Add NEWS entry about change in CURLOPT_SSL_VERIFYHOST semantics
++
++ -- Alessandro Ghedini <ghedo@debian.org> Mon, 26 Nov 2012 17:51:27 +0100
++
++curl (7.28.0-3) unstable; urgency=low
++
++ * Add 07_do-not-disable-debug-symbols.patch, do not pass --enable-debug
++ anymore (Closes: #693110)
++ * Update 05_fix-git-over-https.patch to reflect new upstream patch
++ * Add 08_fix-git-auth.patch to fix HTTPS authentication (Closes: #690764)
++
++ -- Alessandro Ghedini <ghedo@debian.org> Sat, 17 Nov 2012 14:07:21 +0100
++
++curl (7.28.0-2) unstable; urgency=low
++
++ * Add 05_fix-git-over-https.patch (Closes: #690551)
++ * Add 06_always-disable-valgrind.patch (Closes: #690968)
++
++ -- Alessandro Ghedini <ghedo@debian.org> Mon, 22 Oct 2012 14:35:02 +0200
++
++curl (7.28.0-1) unstable; urgency=low
++
++ * New upstream release
++ - gnutls: do not fail on non-fatal handshake errors (Closes: #685402)
++ * Remove versioned build depends on libssh2 (already in stable)
++ * Bump Standards-Version to 3.9.4 (no changes needed)
++ * Refresh 01_runtests_gdb.patch
++ * Update *.symbols files
++ * Build depend on ca-certifcates to avoid test failure
++
++ -- Alessandro Ghedini <ghedo@debian.org> Thu, 11 Oct 2012 19:11:09 +0200
++
++curl (7.27.0-1) unstable; urgency=low
++
++ * New upstream release
++ * Update upstream copyright
++ * Refresh 01_runtests_gdb.patch, 90_gnutls.patch and 99_nss.patch
++
++ -- Alessandro Ghedini <ghedo@debian.org> Wed, 08 Aug 2012 17:22:00 +0200
++
++curl (7.26.0-1) unstable; urgency=low
++
++ * New upstream release
++ - Reject numerical IPv6 addresses outside brackets (Closes: #670126)
++ * Email change: Alessandro Ghedini -> ghedo@debian.org
++ * Stricter Depends on libcurl3 (Closes: #666089)
++ * Remove Ramakrishnan (as per his request), move myself to Maintainer
++ Thank you for all your work so far
++ * Disable memory tracking, but keep debug enabled
++ - Remove memdebug symbols (used by curl only)
++ * Refresh 01_runtests_gdb.patch, 90_gnutls.patch and 99_nss.patch
++ * Disable not-quite-working symbols hiding
++
++ -- Alessandro Ghedini <ghedo@debian.org> Fri, 25 May 2012 15:19:51 +0200
++
++curl (7.25.0-1) unstable; urgency=low
++
++ * New upstream release
++ - Add --ssl-allow-beast and CURLOPT_SSL_OPTIONS (Closes: #658276)
++ - Allow negative numbers as option value (Closes: #659591)
++ * Add libssh2-1-dev to libcurl4-gnutls-dev and libcurl4-nss-dev Depends
++ * Bump debhelper compat level to 9
++ - Make *.links files executable to simplify rules file
++ * Pass --as-needed ld flag to avoid unneeded dependencies
++ - Add workaround_as_needed_bug to workaround a libtool bug
++ - Drop dont_link_to_krb5 (not needed because of --as-needed)
++ * Do some clean-up in debian/rules
++ * Update debian/copyright format as in Debian Policy 3.9.3
++ * Bump Standards-Version to 3.9.3
++ * Explicit Conflicts in -dev packages (fixes binaries-have-file-conflict)
++ * Add openssh-server to build depends to enable some more tests
++ * Update upstream copyright years
++ * Refresh patches
++
++ -- Alessandro Ghedini <al3xbio@gmail.com> Fri, 23 Mar 2012 16:24:51 +0100
++
++curl (7.24.0-1) unstable; urgency=high
++
++ * New upstream release
++ - Improve documentation for the --capath option (Closes: #628697)
++ - Fix URL sanitization vulnerability as per CVE-2012-0036
++ http://curl.haxx.se/docs/adv_20120124.html
++ - Fix SSL CBC IV vulnerability as per CVE-2011-3389
++ http://curl.haxx.se/docs/adv_20120124B.html
++ - Set urgency=high accordingly
++ * Remove curl_links_with_rt patch (curl links to librt anyway)
++ * Improve descriptions of -dev and -dbg packages
++ * Drop fix_manpage_spelling and versioned patches (merged upstream)
++ * Refresh patches
++ * Add keep_symbols_compat patch to not break backwards ABI compatibility
++ * Enable libssh2 support for GnuTLS and NSS flavours too
++ (libssh2 now uses libgcrypt instead of libssl)
++
++ -- Alessandro Ghedini <al3xbio@gmail.com> Tue, 24 Jan 2012 12:04:04 +0100
++
++curl (7.23.1-3) unstable; urgency=low
++
++ * Enable security hardening flags
++ * Remove libdb-dev from B-D (not used)
++ * Improve short and long descriptions
++ * Provide proper *.symbols files (Closes: #651619)
++ * Do not version Curl_* symbols (for internal use only)
++ * Do not override dh_makeshlibs version anymore
++
++ -- Alessandro Ghedini <al3xbio@gmail.com> Tue, 13 Dec 2011 19:55:31 +0100
++
++curl (7.23.1-2) unstable; urgency=low
++
++ * Bump shlibs version for libcurl3-nss (Closes: #650498)
++
++ -- Alessandro Ghedini <al3xbio@gmail.com> Thu, 01 Dec 2011 22:32:19 +0100
++
++curl (7.23.1-1) unstable; urgency=low
++
++ * New upstream release
++ - Do not use gnutls_priority_set_direct and
++ gnutls_certificate_type_set_priority anymore (Closes: #624024)
++ * Refresh patches
++ * Add --enable-debug flag to configure (Closes: #648902)
++ * One Provides/Replaces per line
++ * libcurl4-openssl-dev Provides libcurl4-dev too (Closes: #644126)
++ * Specify only 3 components for Standards-Version
++ (the fourth is not really needed)
++ * Move ca-certificates to Recommends in lib* packages (Closes: #546607)
++ * Add NSS flavour to versioned symbols
++
++ -- Alessandro Ghedini <al3xbio@gmail.com> Sun, 27 Nov 2011 18:45:01 +0100
++
++curl (7.22.0-3) unstable; urgency=low
++
++ [ Ramakrishnan Muthukrishnan ]
++ * Add new Uploaders, Ian and Alessandro. (Closes: #647255)
++
++ [ Luk Claes ]
++ * Install lintian overrides with dh_lintian.
++ * Install all files with dh_install and get rid of dh_installdirs.
++
++ [ Alessandro Ghedini ]
++ * New upstream release.
++ * Bump debhelper compat level to 8.
++ * debian/control:
++ - One (Build-)Depends per line.
++ - Sort (Build-)Depends.
++ - Remove Build-Depends on binutils
++ (v2.18 is already in oldstable and it is Build-Essential: yes).
++ - Build depends on stunnel4 instead of stunnel
++ (stunnel is just a dummy package).
++ - Remove duplicate Section field in package curl.
++ - Add Luk to Uploaders too, sort names.
++ * debian/patches:
++ - Update runtests_gdb patch, add DEP3 headers.
++ - Update gnutls and nss patches, add DEP3 headers.
++ - Refresh other patches.
++ - Add DEP3 headers to all the patches.
++ - Remove libtool patch (not applied anyway)
++ - Set Forwarded: not-needed for Debian specific patches
++ * Replace dh_clean -k call with dh_prep
++ (dh_clean -k is deprecated since debhelper 7).
++ * Add fix_manpage_spelling patch
++ * debian/copyright:
++ - Switch to DEP5 format
++ - Update copyright information
++ * Add librtmp-dev to libcurl4-nss-dev too
++
++ -- Alessandro Ghedini <al3xbio@gmail.com> Sun, 13 Nov 2011 21:07:32 +0100
++
++curl (7.21.7-3) unstable; urgency=low
++
++ * debian/rules: Build only curl and libcurl3 with rtmp support. Rest of the
++ packages do not need to be built with rtmp support. (closes: #641173)
++
++ -- Ramakrishnan Muthukrishnan <rkrishnan@debian.org> Sun, 11 Sep 2011 22:08:08 +0200
++
++curl (7.21.7-2) unstable; urgency=low
++
++ * debian/control: libcurl*-dev packages should depend on librtmp-dev.
++ (closes: #640260)
++ * debian/rules: add build-arch and build-indep targets.
++
++ -- Ramakrishnan Muthukrishnan <rkrishnan@debian.org> Mon, 05 Sep 2011 16:12:42 +0200
++
++curl (7.21.7-1) unstable; urgency=low
++
++ * New Upstream release which fixes the following bugs.
++ - libcurl3-gnutls: HTTPS over HTTP still broken in
++ Git (closes: #627335)
++ - git-core: gnutls_handshake() fail when using
++ https:// over a proxy (closes: #559371)
++ * debian/control: capitalize 'ftp'. (closes: #587338)
++ * debian/rules: add build-arch and build-indep targets.
++
++ -- Ramakrishnan Muthukrishnan <rkrishnan@debian.org> Sat, 30 Jul 2011 17:57:08 +0530
++
++curl (7.21.6-3) unstable; urgency=low
++
++ * Apply the Multiarch patch from Steve Langasek.
++ (closes: #631946)
++
++ -- Ramakrishnan Muthukrishnan <rkrishnan@debian.org> Wed, 29 Jun 2011 08:26:56 +0530
++
++curl (7.21.6-2) unstable; urgency=high
++
++ * Fix for the inappropriate GSSAPI delegation vulnerability (CVE-2011-2192).
++ (closes: #631615)
++
++ -- Ramakrishnan Muthukrishnan <rkrishnan@debian.org> Sat, 25 Jun 2011 23:37:04 +0530
++
++curl (7.21.6-1) unstable; urgency=low
++
++ * New upstream release to fix a HTTPS over a HTTP proxy bug on 7.21.5.
++
++ -- Ramakrishnan Muthukrishnan <rkrishnan@debian.org> Sat, 23 Apr 2011 07:12:57 +0530
++
++curl (7.21.5-1) unstable; urgency=low
++
++ * New Upstream version. (closes: #623459)
++ * debian/patches/{sslv2_disable, error_code}: removed as these
++ patches were backported earlier from new upstream and this
++ release incorporates them.
++
++ -- Ramakrishnan Muthukrishnan <rkrishnan@debian.org> Fri, 22 Apr 2011 13:14:41 +0530
++
++curl (7.21.4-2) unstable; urgency=low
++
++ * debian/patches/{sslv2-disable, series}: Apply the
++ upstream commit c66b0b32fba175d5f096c944d8ec8f9f06299f4a.
++ (closes: #622016)
++ * debian/{rules, control}: enable rtmp. (closes: #622328)
++ * debian/control: removing hurd from dependencies. Hurd is
++ an 'essential' package.
++
++ -- Ramakrishnan Muthukrishnan <rkrishnan@debian.org> Wed, 13 Apr 2011 16:15:27 -0700
++
++curl (7.21.4-1) unstable; urgency=low
++
++ * New upstream release.
++ * debian/control: downgraded the version number of libdb-dev required
++ to 4.6 from 4.7, based on the inputs from Erik Schanze <schanzi_@gmx.de>.
++
++ -- Ramakrishnan Muthukrishnan <rkrishnan@debian.org> Mon, 28 Feb 2011 19:35:36 +0530
++
++curl (7.21.3-1) unstable; urgency=low
++
++ * New upstream release.
++ * debian/*.manpages: adding all manpages for the curl library.
++ (closes: #605651)
++ * gnutls->handshake: improved timeout handling. See #594150 for details.
++
++ -- Ramakrishnan Muthukrishnan <rkrishnan@debian.org> Wed, 15 Dec 2010 23:39:26 +0530
++
++curl (7.21.2-4) unstable; urgency=low
++
++ * support for curl library built against nss.
++ (closes: #606244)
++ * honour DEB_BUILD_OPTIONS=nocheck option.
++ (closes: #606059)
++
++ -- Ramakrishnan Muthukrishnan <rkrishnan@debian.org> Thu, 09 Dec 2010 20:11:37 +0530
++
++curl (7.21.2-3) unstable; urgency=low
++
++ * debian/rules: reverting changes related to c-ares inclusion.
++ * debian/control: removing libc-ares-dev for now.
++ (closes: #605558)
++
++ -- Ramakrishnan Muthukrishnan <rkrishnan@debian.org> Thu, 02 Dec 2010 10:56:36 +0530
++
++curl (7.21.2-2) unstable; urgency=low
++
++ * debian/control: add libc-ares-dev as build dependency.
++ * debian/rules: invoke configure with --enable-ares.
++ (closes: #570436)
++ * debian/copyright: add copyright notice of `lib/security.c'
++ to the copyright file. (closes: #603712)
++
++ -- Ramakrishnan Muthukrishnan <rkrishnan@debian.org> Tue, 30 Nov 2010 17:35:29 +0530
++
++curl (7.21.2-1) unstable; urgency=low
++
++ * New upstream release.
++
++ -- Ramakrishnan Muthukrishnan <rkrishnan@debian.org> Mon, 18 Oct 2010 11:13:17 +0530
++
++curl (7.21.1-1) unstable; urgency=low
++
++ * New upstream release.
++
++ -- Ramakrishnan Muthukrishnan <rkrishnan@debian.org> Thu, 12 Aug 2010 08:20:48 +0530
++
++curl (7.21.0-1) unstable; urgency=low
++
++ * New upstream.
++
++ -- Ramakrishnan Muthukrishnan <rkrishnan@debian.org> Wed, 16 Jun 2010 19:25:37 +0530
++
++curl (7.20.1-2) unstable; urgency=low
++
++ * debian/rules: Removed the custom LDFLAGS variable. This is not
++ required as we are no longer using the libtool patch.
++ (closes: #578774)
++
++ -- Ramakrishnan Muthukrishnan <rkrishnan@debian.org> Wed, 28 Apr 2010 18:40:27 +0530
++
++curl (7.20.1-1) unstable; urgency=low
++
++ * New upstream release.
++ * debian/patches/missing-double-quote: No longer needed as it has been
++ fixed by the upstream.
++ * debian/patches/no_com_err: Reworked the patches for the new release.
++ * debian/patches/versioned: fix for build failure of 'make test'.
++ (closes: #576237)
++ * debian/rules: removed --enable-ldaps option from the configure as LDAP
++ SSL (Novell extensions to openldap) is not available as Debian packages.
++ * lib/http.c: chunked-encoding with Content-Length header problem has
++ been fixed in the upstream. (closes: #572276)
++
++ -- Ramakrishnan Muthukrishnan <rkrishnan@debian.org> Mon, 19 Apr 2010 09:21:35 +0530
++
++curl (7.20.0-3) unstable; urgency=low
++
++ * debian/control: Vcs* tags added.
++ * docs/libcurl/libcurl.m4: added the missing double quote (closes: #576518).
++
++ -- Ramakrishnan Muthukrishnan <rkrishnan@debian.org> Mon, 05 Apr 2010 18:56:40 +0530
++
++curl (7.20.0-2) unstable; urgency=low
++
++ * New Maintainer (closes: #574137).
++ * Bug #533669 (curl segmentation fault in addbyter()) is fixed
++ from release 7.19.7 onwards (closes: #533669).
++ * Bug #510559 (curl sends whitespace unencoded in the url) can't
++ be reproduced in the 7.20.0 release (closes: #510559).
++
++ -- Ramakrishnan Muthukrishnan <rkrishnan@debian.org> Thu, 18 Mar 2010 08:55:19 +0530
++
++curl (7.20.0-1) unstable; urgency=low
++
++ * Package is orphaned.
++ * New upstream release.
++ * Switch to dpkg-source 3.0 (quilt) format (closes: #538547).
++ * Fixed build error with binutils-gold (closes: #554296).
++
++ -- Domenico Andreoli <cavok@debian.org> Tue, 09 Feb 2010 13:06:39 +0100
++
++curl (7.19.7-1) unstable; urgency=low
++
++ * New upstream release:
++ - curl_getdate(3) now correctly manages single letter military
++ timezones as specified in RFC 822 (closes: #551461).
++ * build depends on generic libdb-dev (closes: #548476).
++ * build depends on libssh2-1-dev (>= 1.2) to enable new curl options.
++
++ -- Domenico Andreoli <cavok@debian.org> Thu, 05 Nov 2009 10:11:57 +0100
++
++curl (7.19.5-1) unstable; urgency=low
++
++ * New upstream release
++ * Fix "libcurl3-gnutls has memory corruption" by upgrading to new upstream
++ release, which fixes this bug (Closes: #530131)
++ * update standards version to 3.8.1
++ * adjust overrides from libdevel to debug for -dbg package
++ * adjust doc-base section
++
++ -- Andreas Schuldei <andreas@debian.org> Sun, 24 May 2009 21:12:19 +0200
++
++curl (7.19.4-1) unstable; urgency=low
++
++ * New upstream release
++ * Fix "newer bdb version" <explain what you changed and why>
++ (Closes: #517277)
++ * resolve libtool version confusion, thanks to
++ Stefanos Harhalakis <v13@v13.gr>
++ * add new dependency on libgcrypt11-dev due to newly arising binary symbols
++
++ -- Andreas Schuldei <andreas@debian.org> Thu, 02 Apr 2009 23:35:45 +0200
++
++curl (7.18.2-8lenny1) stable-security; urgency=high
++
++ * Applied upstream patch to fix arbitrary file access (CVE-2009-0037).
++
++ -- Domenico Andreoli <cavok@debian.org> Tue, 03 Mar 2009 10:29:03 +0100
++
++curl (7.18.2-8) unstable; urgency=low
++
++ * Fix "Please add support for ldap/ldaps protocols"
++ by changing the linker option for liblber (Closes: #506096)
++
++ -- Andreas Schuldei <andreas@debian.org> Fri, 26 Dec 2008 23:48:19 +0100
++
++curl (7.18.2-7) unstable; urgency=low
++
++ * disable c-ares support again, no fix yet, just get stuff working again.
++
++ -- Andreas Schuldei <andreas@debian.org> Tue, 15 Jul 2008 01:17:29 +0200
++
++curl (7.18.2-6) unstable; urgency=low
++
++ * enable c-ares support, with ipv6 support
++
++ -- Andreas Schuldei <andreas@debian.org> Fri, 11 Jul 2008 02:05:16 +0200
++
++curl (7.18.2-5) unstable; urgency=low
++
++ * /usr/lib/pkgconfig/libcurl.pc: "pkg-config --libs libcurl" returns
++ "-Wl, -z, defs" (Closes: #488701), closing same bug again for
++ curl-config --libs command
++
++ -- Andreas Schuldei <andreas@jesaja.schuldei.org> Wed, 02 Jul 2008 11:24:40 +0200
++
++curl (7.18.2-4) unstable; urgency=medium
++
++ * /usr/lib/pkgconfig/libcurl.pc: "pkg-config --libs libcurl" returns
++ "-Wl, -z, defs" (Closes: #488701)
++
++ -- Andreas Schuldei <andreas@debian.org> Mon, 30 Jun 2008 23:59:55 +0200
++
++curl (7.18.2-3) unstable; urgency=low
++
++ * removing c-ares from the dependencies
++
++ -- Andreas Schuldei <andreas@debian.org> Sat, 28 Jun 2008 03:34:50 +0200
++
++curl (7.18.2-2) unstable; urgency=medium
++
++ * blanking the "dependency_libs" line in lib*.la file to keep all the listed libs
++ from being linked to other libs linking to curl.
++ * fixing miss-linking problem by specifying liblber as a configure argument
++ * disabling c-ares again for stability reasons
++ * correcting libgssapi linking in configure.ac (patch no_com_err)
++
++ -- Andreas Schuldei <andreas@debian.org> Fri, 27 Jun 2008 03:40:18 +0200
++
++curl (7.18.2-1e1) experimental; urgency=low
++
++ * testing c-ares-ipv6 integration patch
++
++ -- Andreas Schuldei <andreas@debian.org> Mon, 23 Jun 2008 08:48:31 +0200
++
++curl (7.18.2-1) unstable; urgency=low
++
++ * New upstream release:
++ - removed patches/ftp-response, it is already in the upstream release
++ - fixed issues with kerberos ftp (closes: #478864).
++ * Disable c-ares support, it is still not ready for Debian's wide
++ user base (closes: #478864, #481189).
++ * Standards-Version bumped to 3.8.0:
++ - added support for parallel builds to debian/rules
++ * Removal of $QUILT_PC's override makes this package ready for new
++ source format 3.0 (quilt) (closes: #485023).
++ * Configure build with --with-ca-path but only for OpenSSL flavour,
++ GnuTLS supports only --with-ca-bundle (closes: #482814, #483999).
++ Both libcurl3 and libcurl3-gnutls now depend on ca-certificates.
++
++ -- Domenico Andreoli <cavok@debian.org> Mon, 09 Jun 2008 14:09:42 +0200
++
++curl (7.18.1-1) unstable; urgency=low
++
++ * New upstream release.
++ * Fixed crossbuilding bug (closes: #465089).
++ * Improved error reporting in case of failing FTP (closes: #474224).
++ * Enable c-ares support (closes: #352694).
++ * libcurl3-dbg now depends on either libcurl3 or libcurl3-gnutls
++ (closes: #463173).
++
++ -- Domenico Andreoli <cavok@debian.org> Thu, 17 Apr 2008 10:22:28 +0200
++
++curl (7.18.0-1) unstable; urgency=low
++
++ * New upstream release.
++ * Use Homepage field in debian/control.
++
++ -- Domenico Andreoli <cavok@debian.org> Tue, 29 Jan 2008 02:16:25 +0100
++
++curl (7.17.1-1) unstable; urgency=low
++
++ * New upstream release:
++ - fixed bad use of "its" in curl.1 (closes: #443734)
++ - fixed curl_easy_escape() with input bytes that are >= 0x80
++ (closes: #445214)
++
++ -- Domenico Andreoli <cavok@debian.org> Wed, 31 Oct 2007 01:12:54 +0100
++
++curl (7.17.0-1) unstable; urgency=low
++
++ * New upstream release.
++ * Updated to use libssh2-1-dev (closes: #441979, #442198).
++ * Do not run the test suite on hurd (closes: #433834).
++ * Enabled support for LDAPS protocol.
++
++ -- Domenico Andreoli <cavok@debian.org> Fri, 14 Sep 2007 00:24:21 +0200
++
++curl (7.16.4-5) unstable; urgency=low
++
++ * libcurl4-openssl-dev now depends on libssh2-0-dev.
++ closes: #439317, #439326.
++
++ -- Domenico Andreoli <cavok@debian.org> Fri, 24 Aug 2007 18:13:17 +0200
++
++curl (7.16.4-4) unstable; urgency=low
++
++ * Build libcurl/GnuTLS without libssh2 because of the usual OpenSSL
++ vs. GPL software lincense conflict (closes: #439176).
++
++ -- Domenico Andreoli <cavok@debian.org> Thu, 23 Aug 2007 23:47:35 +0200
++
++curl (7.16.4-3) unstable; urgency=low
++
++ * Added support for scp and SFTP protocols.
++
++ -- Domenico Andreoli <cavok@debian.org> Wed, 22 Aug 2007 00:48:32 +0200
++
++curl (7.16.4-2) unstable; urgency=low
++
++ * Fixed regression with FTP sites not requesting PASS (closes: #435771).
++
++ -- Domenico Andreoli <cavok@debian.org> Sat, 04 Aug 2007 02:04:40 +0200
++
++curl (7.16.4-1) unstable; urgency=low
++
++ * New upstream release (closes: #432514).
++ * Welcome Andreas to the curl packagers!
++ * Build-Depends is now more backporting friendly.
++
++ -- Domenico Andreoli <cavok@debian.org> Wed, 18 Jul 2007 16:44:30 +0200
++
++curl (7.16.2-6) unstable; urgency=low
++
++ * Added missing libcurl3 symlinks (closes: #429945)
++ Patch courtesy of Bryan Donlan.
++
++ -- Domenico Andreoli <cavok@debian.org> Sat, 23 Jun 2007 00:39:20 +0200
++
++curl (7.16.2-5) unstable; urgency=low
++
++ [ Steve Langasek ]
++ * Re-introduce curl3 symbol versions and rename the packages back to
++ libcurl3*, restoring ABI compatibility with the etch version of the
++ package.
++
++ [ Domenico Andreoli ]
++ * Package libcurl4-gnutls-dev now suggests libcurl3-dbg.
++ * libcurl3-dbg replaces/conflict/provide libcurl4-dbg.
++ * Properly use ${binary:Version} in control file.
++
++ -- Domenico Andreoli <cavok@debian.org> Wed, 20 Jun 2007 17:52:38 +0200
++
++curl (7.16.2-4) unstable; urgency=low
++
++ * Fixed configure.ac in case of build with GNUTLS (closes: #425013).
++ * Fixed double-free bug (closes: #424894).
++ Patch courtesy of Daniel Stenberg.
++
++ -- Domenico Andreoli <cavok@debian.org> Sun, 20 May 2007 01:15:01 +0200
++
++curl (7.16.2-3) unstable; urgency=low
++
++ * Updated to db4.5 (closes: #421933).
++ * Got rid of unused libcomerr2 dependency (closes: #392294).
++
++ -- Domenico Andreoli <cavok@debian.org> Tue, 08 May 2007 08:46:21 +0200
++
++curl (7.16.2-2) experimental; urgency=low
++
++ * Improved package descriptions (closes: #410472).
++ * Updated package Provides to ease the soname transition.
++
++ -- Domenico Andreoli <cavok@debian.org> Fri, 27 Apr 2007 15:37:44 +0200
++
++curl (7.16.2-1) experimental; urgency=low
++
++ * New upstream release.
++ * libcurl4-openssl-dev now depends on libcurl4-openssl (closes: #419774).
++ * Bumped shlibs version to 7.16.2-1.
++ * Patches are now managed with quilt.
++
++ -- Domenico Andreoli <cavok@debian.org> Wed, 18 Apr 2007 09:29:48 +0200
++
++curl (7.16.1-1) experimental; urgency=low
++
++ * New upstream release.
++ * Bumped shlibs version to 7.16.1-1.
++ * Added HIDDEN section to version script to handle any __*, _rest or
++ _save* local symbol.
++ * Gopher protocol is not supported since 7.15.2. Removed any reference
++ in package description (closes: #408704).
++ * Moved libcurl/openssl to the new package libcurl4-openssl, now
++ libcurl4 contains a version with no SSL or GSSAPI support (any
++ future cryptographic stuff will be kept out of there).
++ * Package libcurl4-dev now contains the matching headers for libcurl4
++ (so crypto stuff).
++
++ -- Domenico Andreoli <cavok@debian.org> Thu, 1 Feb 2007 12:49:32 +0100
++
++curl (7.16.0-1) experimental; urgency=low
++
++ * New upstream release.
++ * Bumped shlibs version to 7.16.0-1.
++ * libcurl4 and libcurl4-gnutls now only recommend ca-certificates
++ (closes: #404103).
++ * pkg-config .pc file now uses Libs.private (closes: #405226).
++
++ -- Domenico Andreoli <cavok@debian.org> Fri, 26 Jan 2007 14:26:55 +0100
++
++curl (7.15.5-1) unstable; urgency=low
++
++ * New upstream release:
++ - fixed nodes removal from the splay tree (closes: #375076).
++ * Make package build also if $TAPE is set (closes: #377470).
++ * Bumped shlibs version to 7.15.5-1.
++
++ -- Domenico Andreoli <cavok@debian.org> Mon, 7 Aug 2006 10:26:13 +0200
++
++curl (7.15.4-1ubuntu1) edgy; urgency=low
++
++ * Synchronize to Debian. Only change left: Removal of stunnel and
++ libdb4.2-dev build dependencies.
++
++ -- Martin Pitt <martin.pitt@ubuntu.com> Thu, 29 Jun 2006 15:04:24 +0200
++
++curl (7.15.4-1) unstable; urgency=low
++
++ * New upstream release.
++ * Bumped shlibs version to 7.15.4-1.
++
++ -- Domenico Andreoli <cavok@debian.org> Wed, 14 Jun 2006 14:41:16 +0200
++
++curl (7.15.3-2) unstable; urgency=low
++
++ * Fixed bug in configure.ac that makes FTBFS (closes: #367954).
++
++ -- Domenico Andreoli <cavok@debian.org> Wed, 31 May 2006 15:18:26 +0200
++
++curl (7.15.3-1) unstable; urgency=high
++
++ * New upstream release:
++ - fixed TFTP packet buffer overflow vulnerability
++ [lib/tftp.c, CVE-2006-1061].
++ - improved curl_getenv.3 manpage grammar (closes: #357388).
++
++ -- Domenico Andreoli <cavok@debian.org> Mon, 20 Mar 2006 11:46:25 +0100
++
++curl (7.15.2-3) unstable; urgency=low
++
++ * Applied upstream patch to fix multi interface and multi-part formposts
++ (closes: #355715).
++ * Build back with -O2, gcc 4.0.2-10 fixed the previously trigged bug.
++
++ -- Domenico Andreoli <cavok@debian.org> Wed, 8 Mar 2006 15:29:15 +0100
++
++curl (7.15.2-2) unstable; urgency=low
++
++ * Added missing autotools invocation. Re-added versioned symbols
++ (closes: #355241).
++ * Bumped shlibs version to 7.15.2-2.
++ * Build with -O3 to work around sospicious segfaults on tests 253
++ and 255.
++
++ -- Domenico Andreoli <cavok@debian.org> Sat, 4 Mar 2006 22:47:23 +0100
++
++curl (7.15.2-1) unstable; urgency=low
++
++ * New upstream release.
++ * Bumped shlibs version to 7.15.2-1.
++ * Adopted debhelper's compatibility level 5.
++
++ -- Domenico Andreoli <cavok@debian.org> Wed, 1 Mar 2006 16:12:51 +0100
++
++curl (7.15.1-1ubuntu2) dapper; urgency=low
++
++ * SECURITY UPDATE: Arbitrary remote code execution with long tftp:// URLs.
++ * lib/tftp.c: Fix unbounded sprintf() to avoid buffer overflow. Thanks to
++ Ulf Harnhammar for discovering this.
++ * CVE-2006-1061
++
++ -- Martin Pitt <martin.pitt@ubuntu.com> Thu, 16 Mar 2006 11:30:25 +0100
++
++curl (7.15.1-1ubuntu1) dapper; urgency=low
++
++ * Resynchronise with Debian to get URL parser overflow fix from 7.15.1
++ (CVE-2005-4077).
++
++ -- Martin Pitt <martin.pitt@ubuntu.com> Mon, 12 Dec 2005 15:04:52 +0100
++
++curl (7.15.1-1) unstable; urgency=low
++
++ * New upstream release:
++ - fixed buffer overflow in URL parser function (closes: #342339).
++
++ -- Domenico Andreoli <cavok@debian.org> Wed, 7 Dec 2005 11:11:38 +0100
++
++curl (7.15.0-5.1) unstable; urgency=high
++
++ * Non-maintainer upload.
++ * Urgency high for RC bug fix.
++ * Let libcurl3-*-dev depend on libkrb5-dev (closes: #340784, #340916).
++
++ -- Luk Claes <luk@debian.org> Sun, 4 Dec 2005 11:59:20 +0100
++
++curl (7.15.0-5) unstable; urgency=low
++
++ * libcurl3-gnutls-dev and libcurl3-openssl-dev now only recommend
++ libkrb5-dev (closes: #334888).
++ * Applied upstream patch to fix error message in case FTP-path does
++ not exist (closes: #338680).
++ * Applied upstream patch to fix parsing of --limit-rate command line
++ option (closes: #338681).
++
++ -- Domenico Andreoli <cavok@debian.org> Fri, 25 Nov 2005 10:30:25 +0100
++
++curl (7.15.0-4ubuntu1) dapper; urgency=low
++
++ * Resynchronise with Debian (only change left: Removal of stunnel build
++ dependency).
++ * Remove libdb4.2-dev build dependency.
++
++ -- Martin Pitt <martin.pitt@ubuntu.com> Thu, 10 Nov 2005 17:44:35 -0500
++
++curl (7.15.0-4) unstable; urgency=low
++
++ * Fixed output of curl-config --vernum (closes: #335296).
++ * libcurl3-openssl-dev now replaces libcurl3-dev older than 7.14.1-1
++ (closes: #335277).
++
++ -- Domenico Andreoli <cavok@debian.org> Tue, 25 Oct 2005 11:48:53 +0200
++
++curl (7.15.0-3) unstable; urgency=low
++
++ * libcurl3 and libcurl3-gnutls now suggest libldap2 (closes: #294407).
++
++ * Re-introduced libcurl3-dev package for transition reasons.
++
++ -- Domenico Andreoli <cavok@debian.org> Wed, 19 Oct 2005 12:45:43 +0200
++
++curl (7.15.0-2) unstable; urgency=low
++
++ * Fixed depends of libcurl3-*-dev packages (closes: #334021, #333609, #334048).
++ * Bumped shlibs version to 7.15.0-1 (closes: #334053).
++
++ -- Domenico Andreoli <cavok@debian.org> Sun, 16 Oct 2005 15:34:40 +0200
++
++curl (7.15.0-1) unstable; urgency=low
++
++ * New upstream release:
++ - fixed user+domain name buffer overflow in the NTLM code
++ (CAN-2005-3185, closes: #333734).
++ - libcurl3-*-dev packages now depend on libkrb5-dev (closes: #333609).
++ - improved docs about curl_easy_setopt() and ERRORBUFFER (closes: #329313).
++
++ -- Domenico Andreoli <cavok@debian.org> Fri, 14 Oct 2005 13:32:06 +0200
++
++curl (7.14.1-5) unstable; urgency=low
++
++ * Added build dependency on libtool (closes: #332729, #333174).
++
++ -- Domenico Andreoli <cavok@debian.org> Tue, 11 Oct 2005 10:05:36 +0200
++
++curl (7.14.1-4) unstable; urgency=low
++
++ * Fixed SEE ALSO section in curl_excape.3 (closes: #331505).
++ * Fixed configure.ac when --host=i586-mingw32msvc is given (closes: #329444).
++ * Added missing example files (closes: #331722).
++ * Updated build dependency for OpenSSL 0.9.8 transition.
++
++ -- Domenico Andreoli <cavok@debian.org> Mon, 10 Oct 2005 12:43:25 +0200
++
++curl (7.14.1-3) experimental; urgency=low
++
++ * Fixed soname of libcurl-gnutls.so* variant.
++ * Fixed broken sentence (closes: #329305).
++ * Fixed reference to TheArtOfHttpScripting.gz (closes: #329299).
++ * Added clarification about WRITEFUNCTION and WRITEDATA (closes: #329311).
++
++ -- Domenico Andreoli <cavok@debian.org> Wed, 28 Sep 2005 17:13:51 +0200
++
++curl (7.14.1-2) experimental; urgency=low
++
++ * Started using the system-wide CA certificate file (closes: #308514).
++ * Fixed apostrophe typos in the curl man page (closes: #326511).
++ * Only curl_* symbols are now globally visible outside of libcurl.
++
++ -- Domenico Andreoli <cavok@debian.org> Sat, 17 Sep 2005 23:52:28 +0200
++
++curl (7.14.1-1) experimental; urgency=low
++
++ * New upstream release.
++ * libcurl3-gnutls has a modified soname and may be installed together
++ with libcurl3 (closes: #318590).
++ * Both libcurl3 and libcurl3-gnutls are built with versioned symbols
++ and with support of GSSAPI authentication.
++ * Renamed libcurl3-dev to libcurl3-openssl-dev.
++ * Dropped package libcurl3-gssapi.
++
++ -- Domenico Andreoli <cavok@debian.org> Thu, 15 Sep 2005 23:59:32 +0200
++
++curl (7.14.0-5) unstable; urgency=low
++
++ * Added libcurl3-gnutls and libcurl3-gnutls-dev packages (closes: #318590).
++ * libcurl3-gssapi now has its own shlibs file. Packages built with this
++ package installed will depend on it.
++
++ -- Domenico Andreoli <cavok@debian.org> Thu, 18 Aug 2005 02:26:38 +0200
++
++curl (7.14.0-4) unstable; urgency=low
++
++ * OpenSSL is back (closes: #321294, #321391).
++
++ -- Domenico Andreoli <cavok@debian.org> Fri, 5 Aug 2005 23:34:45 +0200
++
++curl (7.14.0-3) unstable; urgency=low
++
++ * Updated the use of dpkg-architecture (closes: #320046).
++ * Added missing aclocal file libcurl.m4 to libcurl3-dev (closes: #315848).
++ * Added (many) missing man pages (closes: #315850).
++ * OpenSSL is replaced by GnuTLS in providing SSL support (closes: #318590).
++ * Heimdal is replaced by MIT Kerberos in providing GSSAPI support.
++
++ -- Domenico Andreoli <cavok@debian.org> Tue, 2 Aug 2005 22:34:01 +0200
++
++curl (7.14.0-2ubuntu1) breezy; urgency=low
++
++ * Synchronize with Debian.
++
++ -- Matthias Klose <doko@ubuntu.com> Tue, 26 Jul 2005 19:03:01 +0200
++
++curl (7.14.0-2) unstable; urgency=low
++
++ * Rebuilt and uploaded to unstable.
++
++ -- Domenico Andreoli <cavok@debian.org> Wed, 15 Jun 2005 11:41:32 +0200
++
++curl (7.14.0-1) experimental; urgency=low
++
++ * New upstream release.
++
++ -- Domenico Andreoli <cavok@debian.org> Tue, 17 May 2005 10:42:35 +0200
++
++curl (7.13.2-3) unstable; urgency=high
++
++ * HTTP response headers with null bytes are now correctly managed
++ (closes: #310948).
++
++ -- Domenico Andreoli <cavok@debian.org> Fri, 3 Jun 2005 23:59:30 +0200
++
++curl (7.13.2-2) unstable; urgency=low
++
++ * Fixed conditional build of package libcurl3-gssapi
++ (closes: #303939, #303953).
++
++ -- Domenico Andreoli <cavok@debian.org> Mon, 11 Apr 2005 19:00:27 +0200
++
++curl (7.13.2-1) unstable; urgency=low
++
++ * New upstream release:
++ - fixed curl man page typos (closes: #302820).
++
++ -- Domenico Andreoli <cavok@debian.org> Tue, 5 Apr 2005 14:41:13 +0200
++
++curl (7.13.1-3) unstable; urgency=low
++
++ * Fixed hanging of some SSL connections (closes: #302366).
++
++ -- Domenico Andreoli <cavok@debian.org> Thu, 31 Mar 2005 16:27:41 +0200
++
++curl (7.13.1-2) unstable; urgency=low
++
++ * Rebuilt to get the correct libidn11 dependency (closes: #299348).
++ * Added some missing documentation files (closes: #298855).
++
++ -- Domenico Andreoli <cavok@debian.org> Wed, 16 Mar 2005 14:30:03 +0100
++
++curl (7.13.1-1) unstable; urgency=low
++
++ * New upstream release.
++ * Bumped up shlibs version for libcurl3 because of new curl options.
++
++ -- Domenico Andreoli <cavok@debian.org> Fri, 4 Mar 2005 16:03:17 +0100
++
++curl (7.13.0-2) unstable; urgency=high
++
++ * Fixed NTLM Authentication buffer overflow (closes: #296678).
++ Patch courtesy of Daniel Stenberg. This handles CAN-2005-0490.
++ * Removed libcurl2* packages and all the scary stuff used to build them
++ (closes: #274631).
++
++ -- Domenico Andreoli <cavok@debian.org> Thu, 24 Feb 2005 10:07:22 +0100
++
++curl (7.13.0-1) unstable; urgency=low
++
++ * New upstream release.
++ * libcurl3 now suggests package libldap2-dev to enable support for
++ LDAP protocol.
++ * Bumped up shlibs version for libcurl3 because of new curl options.
++
++ -- Domenico Andreoli <cavok@debian.org> Sat, 5 Feb 2005 10:39:52 +0100
++
++curl (7.12.3-2ubuntu3) hoary; urgency=low
++
++ * Fix the version numbers internal to debian/rules. Closes; #8088
++
++ -- LaMont Jones <lamont@ubuntu.com> Wed, 23 Mar 2005 18:41:29 -0700
++
++curl (7.12.3-2) unstable; urgency=low
++
++ * Disabled test suite on m68k, it stalls.
++
++ -- Domenico Andreoli <cavok@debian.org> Thu, 30 Dec 2004 11:11:48 +0100
++
++curl (7.12.3-1) unstable; urgency=low
++
++ * New upstream release:
++ - fixed debug tracing to network socket is stderr is closed
++ (closes: #278691).
++ * Applied patch to fix getpass license problems (closes: #286794).
++ Patch courtesy of Daniel Stenberg.
++ * Bumped up shlibs version for libcurl3 because of new curl options.
++
++ -- Domenico Andreoli <cavok@debian.org> Mon, 27 Dec 2004 12:50:30 +0100
++
++curl (7.12.2-2) unstable; urgency=low
++
++ * libcurl3-dbg package is now built by dh_strip --dbg-package
++ (closes: #274710).
++ * Added build dependency on libdb4.2-dev.
++
++ -- Domenico Andreoli <cavok@debian.org> Thu, 4 Nov 2004 11:36:17 +0100
++
++curl (7.12.2-1) unstable; urgency=low
++
++ * New upstream release.
++ * Update diff to 7.11.2.
++ * Add debian/watch file.
++ * Add myself as a uploader.
++
++ -- Matthias Klose <doko@debian.org> Wed, 3 Nov 2004 00:55:52 +0100
++
++curl (7.12.1-1) unstable; urgency=low
++
++ * New upstream release:
++ - workaround for ASN1_STRING_to_UTF8 failing if input is already
++ UTF-8 encoded (closes: #264711).
++ * Bumped up shlibs version for libcurl3 because of the introduction
++ of FTP 3rd party transfer support options.
++
++ -- Domenico Andreoli <cavok@debian.org> Tue, 10 Aug 2004 11:40:29 +0200
++
++curl (7.12.0.rel-6) unstable; urgency=low
++
++ * In rebuilding the 7.11.2 tree starting from the 7.12.0 one,
++ lib/getdate.y is patched before lib/getdate.c (closes: #262597).
++
++ -- Domenico Andreoli <cavok@debian.org> Sun, 1 Aug 2004 17:59:57 +0200
++
++curl (7.12.0.rel-5) unstable; urgency=low
++
++ * Tests are performed only if build target and building host are the
++ same and are not kfreebsd-gnu or knetbsd-gnu (closes: #261591).
++ * On hurd-i386 libcurl3-gssapi is not built.
++
++ -- Domenico Andreoli <cavok@debian.org> Thu, 29 Jul 2004 15:17:51 +0200
++
++curl (7.12.0.rel-4) unstable; urgency=low
++
++ * Added build dependency on groff-base to really build the built-in
++ manual.
++ * libcurl3 now replaces old libcurl2 versions (closes: #255262).
++
++ -- Domenico Andreoli <cavok@debian.org> Tue, 20 Jul 2004 11:40:09 +0200
++
++curl (7.12.0.rel-3) unstable; urgency=low
++
++ * Enabled curl's built-in manual.
++ * configure script for 7.11.2 is now managed correctly.
++
++ -- Domenico Andreoli <cavok@debian.org> Sun, 18 Jul 2004 22:25:00 +0200
++
++curl (7.12.0.rel-2) unstable; urgency=low
++
++ * libcurl2 uses curl-ca-bundle-7.11.2.crt (closes: #255262).
++ Yes, it is a hack to not add libcurl-common package right now.
++
++ -- Domenico Andreoli <cavok@debian.org> Sun, 18 Jul 2004 16:40:45 +0200
++
++curl (7.12.0.rel-1) experimental; urgency=low
++
++ * Version 7.12.0 is back with proper libcurl3* packages.
++ * libcurl2* 7.11.2 packages are still provided (closes: #252879).
++ * Enabled again the support for libidn.
++
++ -- Domenico Andreoli <cavok@debian.org> Sun, 6 Jun 2004 23:09:33 +0200
++
++curl (7.12.0.is.7.11.2-1) unstable; urgency=low
++
++ * Reverted to version 7.11.2 (closes: #252348).
++ * Disabled support for libidn (closes: #252367). This is to leave
++ curl in unstable as much similar as possible to the one in testing.
++
++ -- Domenico Andreoli <cavok@debian.org> Fri, 4 Jun 2004 19:09:25 +0200
++
++curl (7.12.0-1) unstable; urgency=low
++
++ * New upstream release:
++ - fixed minor man page problem (closes: #232928)
++ - improved --create-dirs description in curl man page (closes: #251351)
++ * Enabled support for libidn.
++
++ -- Domenico Andreoli <cavok@debian.org> Wed, 2 Jun 2004 18:06:05 +0200
++
++curl (7.11.2-2) unstable; urgency=low
++
++ * Fixed curl.1 man page (closes: #232928).
++ Patch courtesy of Daniel Stenberg, the upstream developer.
++
++ -- Domenico Andreoli <cavok@debian.org> Tue, 27 Apr 2004 19:47:09 +0200
++
++curl (7.11.2-1) unstable; urgency=low
++
++ * New upstream release.
++ * Bumped up shlibs version because of the introduction of
++ CURLOPT_TCP_NODELAY option.
++
++ -- Domenico Andreoli <cavok@debian.org> Mon, 26 Apr 2004 14:14:20 +0200
++
++curl (7.11.1-2) unstable; urgency=low
++
++ * Added GSSAPI support to package libcurl2-gssapi (closes: #241553).
++
++ -- Domenico Andreoli <cavok@debian.org> Fri, 2 Apr 2004 18:03:15 +0200
++
++curl (7.11.1-1) unstable; urgency=low
++
++ * New upstream release.
++ * Bumped up shlibs version because of the introduction of
++ CURLOPT_POSTFIELDSIZE_LARGE option.
++
++ -- Domenico Andreoli <cavok@debian.org> Fri, 19 Mar 2004 11:39:07 +0100
++
++curl (7.11.0-4) unstable; urgency=low
++
++ * Applied fix from upstream's CVS which adds another CRLF in
++ chunked-transfers.
++
++ -- Domenico Andreoli <cavok@debian.org> Sun, 1 Feb 2004 13:19:02 +0100
++
++curl (7.11.0-3) unstable; urgency=low
++
++ * "Fixed" build process, now the right file is searched for CA
++ certificates (closes: #228182).
++
++ -- Domenico Andreoli <cavok@debian.org> Sat, 31 Jan 2004 20:06:10 +0100
++
++curl (7.11.0-2) unstable; urgency=low
++
++ * Test suite is still performed but is not critical for the build
++ being successful any more.
++
++ -- Domenico Andreoli <cavok@debian.org> Fri, 30 Jan 2004 13:03:03 +0100
++
++curl (7.11.0-1) unstable; urgency=low
++
++ * New upstream release.
++
++ -- Domenico Andreoli <cavok@debian.org> Sun, 25 Jan 2004 17:50:43 +0100
++
++curl (7.10.8+7.11.0-pre1-1) unstable; urgency=low
++
++ * New upstream pre-release:
++ - proxy+ssl now passes post variables (closes: #222901)
++ - various test case problems exposed in #222140 should now be fixed.
++ * Bumped up shlibs version because of the introduction of
++ CURLOPT_NETRC_FILE and CURLOPT_FTP_SSL options in libcurl.
++
++ -- Domenico Andreoli <cavok@debian.org> Wed, 14 Jan 2004 17:35:46 +0100
++
++curl (7.10.8-1) unstable; urgency=low
++
++ * New upstream release:
++ - fixed LDAP support (closes: #149609)
++ - cleaner environment for testsuite execution (closes: #210253)
++ - fixed lib/Makefile.am's use of LDFLAGS (closes: #212086)
++ - fixed name clash in curl.h with respect to unistd.h (closes: #213180)
++ - fixed typo in curl manpage (closes: #218046).
++ * Bumped up shlibs version because of new libcurl options.
++ * Added stunnel to the Build-Depends in order to enable SSL test cases.
++
++ -- Domenico Andreoli <cavok@debian.org> Mon, 3 Nov 2003 10:26:12 +0100
++
++curl (7.10.7-2) unstable; urgency=low
++
++ * Fixed bug in cache_resolv_response on alpha and ia64 (closes: #207174).
++ Patch courtesy of Jurij Smakov.
++
++ -- Domenico Andreoli <cavok@debian.org> Mon, 8 Sep 2003 21:55:46 +0200
++
++curl (7.10.7-1) unstable; urgency=low
++
++ * New upstream release.
++ * Bumped up shlibs version because of the introduction of CURLOPT_PROXYAUTH
++ and CURLOPT_FTP_CREATE_MISSING_DIRS options in libcurl.
++
++ -- Domenico Andreoli <cavok@debian.org> Mon, 18 Aug 2003 00:19:43 +0200
++
++curl (7.10.6-3) unstable; urgency=low
++
++ * Applied patch to fix test 60 on ia64.
++
++ -- Domenico Andreoli <cavok@debian.org> Sat, 9 Aug 2003 04:26:15 +0200
++
++curl (7.10.6-2) unstable; urgency=low
++
++ * Applied patch from upstream to fix url globbing (closes: #203827).
++ * make test is still performed on building debug stuff but errors
++ are ignored.
++
++ -- Domenico Andreoli <cavok@debian.org> Thu, 7 Aug 2003 02:20:46 +0200
++
++curl (7.10.6-1) unstable; urgency=low
++
++ * New upstream release:
++ - added spport for http_proxy env var with name:passwd
++ (closes: #193630).
++ * make test is invoked after build
++
++ -- Domenico Andreoli <cavok@debian.org> Tue, 29 Jul 2003 01:26:50 +0200
++
++curl (7.10.5-1) unstable; urgency=low
++
++ * New upstream release:
++ - fixed typo in curl's man page (closes: #189272).
++ * New libcurl option CURLOPT_FTP_USE_EPRT has been added, bumped
++ up shlibs.
++
++ -- Domenico Andreoli <cavok@debian.org> Mon, 19 May 2003 23:57:12 +0200
++
++curl (7.10.4-1) unstable; urgency=low
++
++ * New upstream release:
++ - now uses new settings properly when re-using an existing connection
++ (closes: #185254)
++ - curl man page now refers to MANUAL (closes: #178509).
++ * Changed section of libcurl2-dev and libcurl2-dbg to libdevel.
++
++ -- Domenico Andreoli <cavok@debian.org> Wed, 2 Apr 2003 21:25:24 +0200
++
++curl (7.10.3-3) unstable; urgency=low
++
++ * Rebuilt to link against libssl0.9.7.
++ * Improved package descriptions thanks to suggestions provided by
++ Filip Van Raemdonck <mechanix@debian.org> (closes: #177995).
++
++ -- Domenico Andreoli <cavok@debian.org> Fri, 14 Mar 2003 16:08:38 +0100
++
++curl (7.10.3-2) unstable; urgency=low
++
++ * Development package is now named libcurl2-dev, it provides
++ libcurl-dev. People can now safely make their build dependencies
++ and be sure to use the right stuff.
++ * New package libcurl2-dbg is provided to help in debugging sessions.
++
++ -- Domenico Andreoli <cavok@debian.org> Mon, 20 Jan 2003 22:04:32 +0100
++
++curl (7.10.3-1) unstable; urgency=low
++
++ * New upstream release.
++ * It now suggests ca-certificates package.
++
++ -- Domenico Andreoli <cavok@debian.org> Thu, 16 Jan 2003 00:27:48 +0100
++
++curl (7.10.2-2) unstable; urgency=low
++
++ * Added AM_MAINTAINER_MODE to configure.in (closes: #170050).
++
++ -- Domenico Andreoli <cavok@debian.org> Fri, 22 Nov 2002 14:28:22 +0100
++
++curl (7.10.2-1) unstable; urgency=low
++
++ * New upstream release:
++ - fixed segfault on retrieving relative redirects (closes: #165382)
++ - fixed a leak of debug output (closes: #167678).
++ * Updated config.guess and config.sub (closes: #166153).
++ * Added zlib1g-dev to build and libcurl-dev dependencies
++ (closes: #169654).
++ * Added HTML and PDF versions of all manpages in libcurl-dev package.
++
++ -- Domenico Andreoli <cavok@debian.org> Wed, 20 Nov 2002 23:38:24 +0100
++
++curl (7.10.1-1) unstable; urgency=low
++
++ * New upstream release.
++
++ -- Domenico Andreoli <cavok@debian.org> Fri, 11 Oct 2002 23:26:50 +0200
++
++curl (7.10-1) unstable; urgency=low
++
++ * New upstream release:
++ - new way to use option -x to prevent curl from using any proxy
++ server (closes: #161153).
++
++ -- Domenico Andreoli <cavok@debian.org> Wed, 2 Oct 2002 01:04:20 +0200
++
++curl (7.9.8-2) unstable; urgency=low
++
++ * Added again libcurl2-ssl to the libcurl2 conflicts.
++
++ -- Domenico Andreoli <cavok@debian.org> Thu, 4 Jul 2002 02:35:24 +0200
++
++curl (7.9.8-1) unstable; urgency=low
++
++ * New upstream release.
++ * Double flavor of curl to support both non-SSL and SSL is gone.
++ Now curl comes only with SSL. Who needs SSL can require curl
++ version >= 7.9.8 .
++
++ -- Domenico Andreoli <cavok@debian.org> Mon, 24 Jun 2002 23:04:37 +0200
++
++curl (7.9.7-2) unstable; urgency=low
++
++ * Fixed the bashism in debian/rules (closes: #147352).
++ * SSL and non-SSL series of curl packages are now built from the
++ same source. thanks crypto-in-main! :)
++
++ -- Domenico Andreoli <cavok@debian.org> Mon, 20 May 2002 23:28:05 +0200
++
++curl (7.9.7-1) unstable; urgency=low
++
++ * New upstream release.
++
++ -- Domenico Andreoli <cavok@debian.org> Wed, 15 May 2002 21:09:19 +0200
++
++curl (7.9.6-1) unstable; urgency=low
++
++ * New upstream release.
++ * libcurl.3 manpage is now installed by libcurl-dev instead of
++ libcurl2. Indeed it provides an overview on how to use libcurl in
++ C programs.
++
++ -- Domenico Andreoli <cavok@debian.org> Sat, 20 Apr 2002 17:06:51 +0200
++
++curl (7.9.5-2) unstable; urgency=low
++
++ * curl-ssl stuff moved from non-US to main.
++
++ -- Domenico Andreoli <cavok@debian.org> Mon, 25 Mar 2002 23:40:02 +0100
++
++curl (7.9.5-1) unstable; urgency=low
++
++ * New upstream release (closes: #134608).
++ * Added autotools-dev to the build dependencies. config.{guess,sub}
++ can now be updated automatically in the build process.
++
++ -- Domenico Andreoli <cavok@debian.org> Tue, 12 Mar 2002 19:06:21 +0100
++
++curl (7.9.3-2) unstable; urgency=low
++
++ * Upstream source code has been correctly imported in my CVS
++ repository (closes: #130906).
++
++ -- Domenico Andreoli <cavok@debian.org> Sun, 27 Jan 2002 22:23:54 +0100
++
++curl (7.9.3-1) unstable; urgency=low
++
++ * New upstream release:
++ - fixed wrong assumption on char signedness (closes: #127011)
++ - missing header added accordingly (closes: #130401)
++ * Fixed a typo in curl description (closes: #124526).
++
++ -- Domenico Andreoli <cavok@debian.org> Thu, 24 Jan 2002 20:04:04 +0100
++
++curl (7.9.2-1) unstable; urgency=low
++
++ * New upstream release:
++ - two bad timeout matters in libcurl2 are now solved (closes: #118595).
++
++ -- Domenico Andreoli <cavok@debian.org> Fri, 7 Dec 2001 16:58:45 +0100
++
++curl (7.9.1-3) unstable; urgency=low
++
++ * Fixed return type of Curl_ftpsendf(...) to CURLcode (closes: #120485).
++ * Versions in debian/libcurl2.shlibs have been incremented to
++ ">= 7.9.1-1".
++
++ -- Domenico Andreoli <cavok@debian.org> Thu, 22 Nov 2001 15:35:40 +0100
++
++curl (7.9.1-2) unstable; urgency=low
++
++ * Reverted to unpatched released 7.9.1 source tree, patch behavior
++ was weird.
++
++ -- Domenico Andreoli <cavok@debian.org> Thu, 15 Nov 2001 18:05:58 +0100
++
++curl (7.9.1-1) unstable; urgency=low
++
++ * New upstream release.
++ * Applied upstream patch #478780 found on sourceforge, fixes libcurl
++ which didn't restore SIGALRM handler (closes: #118595).
++ * Applied patch for patch #478780 of above, see bug #118595 in BTS.
++ Patch courtesy of Enrik Berkhan <Enrik.Berkhan@planb.de>.
++ * Build-Depends reduced to what is strictly required for building.
++ autoconf, automake and libtool build dependencies are gone.
++
++ -- Domenico Andreoli <cavok@debian.org> Fri, 9 Nov 2001 13:56:36 +0100
++
++curl (7.9-1) unstable; urgency=low
++
++ * New upstream release:
++ - output of "curl-config --libs" now includes -lcurl.
++
++ -- Domenico Andreoli <cavok@debian.org> Tue, 25 Sep 2001 18:38:46 +0200
++
++curl (7.8-3) unstable; urgency=low
++
++ * Added libc6-dev to libcurl2-dev dependencies.
++ * Fixed lack of some FD_ZERO(...)s in lib/transfer.c (closes: #105516).
++
++ -- Domenico Andreoli <cavok@debian.org> Fri, 3 Aug 2001 16:32:20 +0200
++
++curl (7.8-2) unstable; urgency=low
++
++ * libcurl2.shlibs now includes version numbers. some new symbols have
++ been introduced in libcurl 7.8, so program linked against 7.8 cannot
++ work with older ones.
++ * IPv6 support is now enabled
++ * configure.in has been renamed to autoconf.ac to force the use of
++ autoconf 2.50
++
++ -- Domenico Andreoli <cavok@debian.org> Thu, 5 Jul 2001 01:38:24 +0200
++
++curl (7.8-1) unstable; urgency=low
++
++ * New upstream release.
++ * Applied patch for correct shared library versioning of libcurl, curl
++ 7.8 comes with broken shared library version out of the box.
++ Patch provided by upstream developer.
++
++ -- Domenico Andreoli <cavok@debian.org> Sat, 9 Jun 2001 21:12:05 +0200
++
++curl (7.7.3-3) unstable; urgency=low
++
++ * Fixed manpages libcurl-dev with required simlinks (closes: 99610).
++
++ -- Domenico Andreoli <cavok@debian.org> Mon, 4 Jun 2001 14:37:49 +0200
++
++curl (7.7.3-2) unstable; urgency=low
++
++ * lib/url.c and lib/version.c are now fixed (closes: #97709).
++ * install upstream changelog (closes: #97628).
++
++ -- Domenico Andreoli <cavok@debian.org> Fri, 18 May 2001 10:32:25 +0200
++
++curl (7.7.3-1) unstable; urgency=low
++
++ * New upstream release.
++ * Using dh_installman instead dh_installmanpages.
++ * Installing libcurl examples with dh_installexamples.
++ * Policy 3.5.3.0 compliant.
++
++ -- Domenico Andreoli <cavok@debian.org> Thu, 10 May 2001 09:45:05 +0200
++
++curl (7.7.2-1) unstable; urgency=low
++
++ * New upstream release.
++
++ -- Domenico Andreoli <cavok@debian.org> Tue, 24 Apr 2001 09:14:51 +0200
++
++curl (7.7.1-2) unstable; urgency=low
++
++ * Fixed debian/rules (closes: #78232, #93837).
++
++ -- Domenico Andreoli <cavok@debian.org> Tue, 17 Apr 2001 17:12:19 +0200
++
++curl (7.7.1-1) unstable; urgency=low
++
++ * New upstream release.
++
++ -- Domenico Andreoli <cavok@debian.org> Tue, 10 Apr 2001 13:26:09 +0200
++
++curl (7.7-1) unstable; urgency=low
++
++ * New upstream release.
++ * Fixed formatting errors in curl.1 (closes: #90281).
++
++ -- Domenico Andreoli <cavok@debian.org> Fri, 23 Mar 2001 18:25:26 +0100
++
++curl (7.6.1-5) unstable; urgency=low
++
++ * Fixed debian/libcurl1.shlibs in order to solve any problem for those
++ packages which should depend on either libcurl1 or libcurl1-ssl.
++ I should have done it long time ago.
++
++ -- Domenico Andreoli <cavok@debian.org> Tue, 13 Mar 2001 18:29:06 +0100
++
++curl (7.6.1-4) unstable; urgency=low
++
++ * Added versioned Build-Depend for debhelper.
++
++ -- Domenico Andreoli <cavok@debian.org> Tue, 6 Mar 2001 15:16:02 +0100
++
++curl (7.6.1-3) unstable; urgency=low
++
++ * Refining the transition to debhelper compatibility 2. I forgot the
++ executable in the curl package (closes: #87886).
++
++ -- Domenico Andreoli <cavok@debian.org> Wed, 28 Feb 2001 14:31:43 +0100
++
++curl (7.6.1-2) unstable; urgency=low
++
++ * Switched to debhelper compatibility version 2.
++
++ -- Domenico Andreoli <cavok@debian.org> Fri, 23 Feb 2001 18:24:02 +0100
++
++curl (7.6.1-1) unstable; urgency=low
++
++ * New upstream release.
++
++ -- Domenico Andreoli <cavok@libero.it> Tue, 13 Feb 2001 18:04:04 +0100
++
++curl (7.6-2) unstable; urgency=low
++
++ * Adjusted dependencies in order to let curl-ssl package manage a
++ smooth upgrade from potato.
++
++ -- Domenico Andreoli <cavok@libero.it> Fri, 9 Feb 2001 13:36:11 +0100
++
++curl (7.6-1) unstable; urgency=low
++
++ * New upstream release.
++
++ -- Domenico Andreoli <cavok@libero.it> Mon, 29 Jan 2001 16:00:59 +0100
++
++curl (7.5.2-2) unstable; urgency=low
++
++ * This is a service upload in order to fix dependencies problems arose
++ for a ill-formed upload of 7.5.2-1.
++
++ -- Domenico Andreoli <cavok@libero.it> Mon, 29 Jan 2001 14:54:57 +0100
++
++curl (7.5.2-1) unstable; urgency=low
++
++ * New upstream release.
++ * It needed to be recompiled against the new libc (closes: #80256).
++
++ -- Domenico Andreoli <cavok@libero.it> Mon, 15 Jan 2001 13:08:15 +0100
++
++curl (7.5-1) unstable; urgency=low
++
++ * New upstream release.
++
++ -- Domenico Andreoli <cavok@libero.it> Mon, 4 Dec 2000 13:15:33 +0100
++
++curl (7.4.2-2) unstable; urgency=low
++
++ * curl replaces curl-ssl. curl is only a frontend for libcurl and is not
++ aware of any protocol, libcurl is. so what is really different whether
++ ssl is enable or not is only libcurl.
++ * curl now depends on (libcurl0 | libcurl0-ssl).
++ * The workaround for libtool -rpath parameter is not required, so
++ it has been removed from configure.in.
++ * Removed "Suggests: " field in control file for libcurl0. It suggested
++ to install curl and libcurl-dev too but it really doesn't make sense
++ (this change was really applied in -1).
++
++ -- Domenico Andreoli <cavok@libero.it> Tue, 28 Nov 2000 14:27:29 +0100
++
++curl (7.4.2-1) unstable; urgency=low
++
++ * New upstream release.
++
++ -- Domenico Andreoli <cavok@libero.it> Fri, 17 Nov 2000 16:19:23 +0100
++
++curl (7.2.1-1) unstable; urgency=low
++
++ * New upstream release.
++
++ -- Domenico Andreoli <cavok@libero.it> Mon, 4 Sep 2000 01:22:44 +0200
++
++curl (7.1-3) unstable; urgency=low
++
++ * Added "Suggests: " field in control file for libcurl0. Now curl and
++ libcurl-dev are suggested upon installation of libcurl0.
++
++ -- Domenico Andreoli <cavok@libero.it> Mon, 14 Aug 2000 15:01:08 +0200
++
++curl (7.1-2) unstable; urgency=low
++
++ * Fixed a line that did not install development manpages.
++
++ -- Domenico Andreoli <cavok@libero.it> Thu, 10 Aug 2000 14:32:23 +0200
++
++curl (7.1-1) unstable; urgency=low
++
++ * New upstream release.
++ * libcurl is now a separate package, it provides shared libraries and
++ includes to allow developing for other applications.
++
++ -- Domenico Andreoli <cavok@libero.it> Wed, 9 Aug 2000 01:21:25 +0200
++
++curl (6.5.2-4) unstable; urgency=low
++
++ * Some missing build dependencies (autoconf, automake, libtool) added.
++
++ -- Domenico Andreoli <cavok@libero.it> Sat, 8 Jul 2000 00:13:16 +0200
++
++curl (6.5.2-3) unstable; urgency=low
++
++ * Due to some policy and technical restrictions, curl's source package
++ has been splitted again in two, one for main archive and one for non-US.
++
++ -- Domenico Andreoli <cavok@libero.it> Tue, 4 Jul 2000 15:52:14 +0200
++
++curl (6.5.2-2) unstable; urgency=low
++
++ * Added a Build-Depends in order to compile curl-ssl only if
++ libssl09-dev is installed.
++ * Documentation reflects the new location of curl debian packages
++ home page (http://curl-deb.sourceforge.net).
++ * Corrected minor spelling errors in README.Debian.
++
++ -- Domenico Andreoli <cavok@libero.it> Sat, 17 Jun 2000 01:13:19 +0200
++
++curl (6.5.2-1) unstable; urgency=low
++
++ * New upstream release.
++ * Now curl and curl-ssl binary packages are generated from the same
++ debian source package.
++ * Uploads and downloads are now performed simultaneously (closes: #56627).
++
++ -- Domenico Andreoli <cavok@libero.it> Sat, 25 Mar 2000 01:06:35 +0100
++
++curl (6.4-1) unstable; urgency=low
++
++ * New upstream release.
++
++ -- Domenico Andreoli <cavok@libero.it> Sun, 30 Jan 2000 02:21:32 +0100
++
++curl (6.3.1-1) unstable; urgency=low
++
++ * New upstream release.
++
++ -- Domenico Andreoli <cavok@libero.it> Sat, 11 Dec 1999 17:38:13 +0100
++
++curl (6.2-1) unstable; urgency=low
++
++ * New upstream release.
++ * No hack to compile without SSL is required anymore. Fixed by
++ upstream maintainer.
++
++ -- Domenico Andreoli <cavok@libero.it> Mon, 1 Nov 1999 00:37:32 +0100
++
++curl (6.0-1) unstable; urgency=low
++
++ * New upstream release.
++
++ -- Domenico Andreoli <cavok@freemail.it> Mon, 27 Sep 1999 22:28:13 +0200
++
++curl (5.11-1.1) unstable; urgency=low
++
++ * Put sources into the right section.
++
++ -- Domenico Andreoli <cavok@freemail.it> Mon, 30 Aug 1999 03:14:21 +0200
++
++curl (5.11-1) unstable; urgency=low
++
++ * New upstream release.
++ * New debian maintainer.
++
++ -- Domenico Andreoli <cavok@freemail.it> Fri, 27 Aug 1999 11:50:04 +0200
++
++curl (5.9-2) unstable; urgency=low
++
++ * Moved to non-US, and compiled against ssl (closes: #40099).
++
++ -- Leon Breedt <ljb@debian.org> Sat, 3 Jul 1999 15:46:54 +0200
++
++curl (5.9-1) unstable; urgency=low
++
++ * New upstream release.
++
++ -- Leon Breedt <ljb@debian.org> Sun, 23 May 1999 21:51:30 +0200
++
++curl (5.8-1) unstable; urgency=low
++
++ * Initial Release.
++
++ -- Leon Breedt <ljb@debian.org> Sun, 9 May 1999 18:55:48 +0200
--- /dev/null
--- /dev/null
++Source: curl
++Section: web
++Priority: optional
++Maintainer: Alessandro Ghedini <ghedo@debian.org>
++Uploaders: Samuel Henrique <samueloph@debian.org>,
++ Sergio Durigan Junior <sergiodj@debian.org>
++Build-Depends:
++ debhelper-compat (= 13),
++ autoconf,
++ automake,
++ ca-certificates,
++ dh-exec,
++ groff-base,
++ libbrotli-dev,
++ libgnutls28-dev,
++ libidn2-dev,
++ libkrb5-dev,
++ libldap2-dev,
++ libnghttp2-dev,
++ libnss3-dev,
++ libpsl-dev,
++ librtmp-dev,
++ libssh-dev,
++ libssh2-1-dev,
++ libssl-dev,
++ libtool,
++ libzstd-dev,
++ locales-all <!nocheck>,
++ openssh-server <!nocheck>,
++ python3:native <!nocheck>,
++ python3-impacket <!nocheck>,
++ gnutls-bin [amd64 arm64 armel armhf i386 mips64el mipsel s390x powerpc ppc64 riscv64] <!nocheck>,
++ quilt,
++ stunnel4 <!nocheck>,
++ zlib1g-dev,
++ nss-plugin-pem <!nocheck>,
++Build-Conflicts: autoconf2.13, automake1.4
++Standards-Version: 4.6.2
++Vcs-Git: https://salsa.debian.org/debian/curl.git
++Vcs-Browser: https://salsa.debian.org/debian/curl
++Homepage: https://curl.se/
++Rules-Requires-Root: no
++
++Package: curl
++Architecture: any
++Depends: ${shlibs:Depends}, ${misc:Depends}, libcurl4 (= ${binary:Version})
++Multi-Arch: foreign
++Description: command line tool for transferring data with URL syntax
++ curl is a command line tool for transferring data with URL syntax, supporting
++ DICT, FILE, FTP, FTPS, GOPHER, HTTP, HTTPS, IMAP, IMAPS, LDAP, LDAPS, POP3,
++ POP3S, RTMP, RTSP, SCP, SFTP, SMTP, SMTPS, TELNET and TFTP.
++ .
++ curl supports SSL certificates, HTTP POST, HTTP PUT, FTP uploading, HTTP form
++ based upload, proxies, cookies, user+password authentication (Basic, Digest,
++ NTLM, Negotiate, kerberos...), file transfer resume, proxy tunneling and a
++ busload of other useful tricks.
++
++Package: libcurl4
++Architecture: any
++Section: libs
++Depends: ${shlibs:Depends}, ${misc:Depends}
++Recommends: ca-certificates
++Pre-Depends: ${misc:Pre-Depends}
++Conflicts: libcurl3
++Replaces: libcurl3
++Multi-Arch: same
++Description: easy-to-use client-side URL transfer library (OpenSSL flavour)
++ libcurl is an easy-to-use client-side URL transfer library, supporting DICT,
++ FILE, FTP, FTPS, GOPHER, HTTP, HTTPS, IMAP, IMAPS, LDAP, LDAPS, POP3, POP3S,
++ RTMP, RTSP, SCP, SFTP, SMTP, SMTPS, TELNET and TFTP.
++ .
++ libcurl supports SSL certificates, HTTP POST, HTTP PUT, FTP uploading, HTTP
++ form based upload, proxies, cookies, user+password authentication (Basic,
++ Digest, NTLM, Negotiate, Kerberos), file transfer resume, http proxy tunneling
++ and more!
++ .
++ libcurl is free, thread-safe, IPv6 compatible, feature rich, well supported,
++ fast, thoroughly documented and is already used by many known, big and
++ successful companies and numerous applications.
++ .
++ SSL support is provided by OpenSSL.
++
++Package: libcurl3-gnutls
++Architecture: any
++Section: libs
++Depends: ${shlibs:Depends}, ${misc:Depends}
++Recommends: ca-certificates
++Pre-Depends: ${misc:Pre-Depends}
++Multi-Arch: same
++Description: easy-to-use client-side URL transfer library (GnuTLS flavour)
++ libcurl is an easy-to-use client-side URL transfer library, supporting DICT,
++ FILE, FTP, FTPS, GOPHER, HTTP, HTTPS, IMAP, IMAPS, LDAP, LDAPS, POP3, POP3S,
++ RTMP, RTSP, SCP, SFTP, SMTP, SMTPS, TELNET and TFTP.
++ .
++ libcurl supports SSL certificates, HTTP POST, HTTP PUT, FTP uploading, HTTP
++ form based upload, proxies, cookies, user+password authentication (Basic,
++ Digest, NTLM, Negotiate, Kerberos), file transfer resume, http proxy tunneling
++ and more!
++ .
++ libcurl is free, thread-safe, IPv6 compatible, feature rich, well supported,
++ fast, thoroughly documented and is already used by many known, big and
++ successful companies and numerous applications.
++ .
++ SSL support is provided by GnuTLS.
++
++Package: libcurl3-nss
++Architecture: any
++Section: libs
++Depends: ${shlibs:Depends}, ${misc:Depends}, nss-plugin-pem
++Recommends: ca-certificates
++Pre-Depends: ${misc:Pre-Depends}
++Multi-Arch: same
++Description: easy-to-use client-side URL transfer library (NSS flavour)
++ libcurl is an easy-to-use client-side URL transfer library, supporting DICT,
++ FILE, FTP, FTPS, GOPHER, HTTP, HTTPS, IMAP, IMAPS, LDAP, LDAPS, POP3, POP3S,
++ RTMP, RTSP, SCP, SFTP, SMTP, SMTPS, TELNET and TFTP.
++ .
++ libcurl supports SSL certificates, HTTP POST, HTTP PUT, FTP uploading, HTTP
++ form based upload, proxies, cookies, user+password authentication (Basic,
++ Digest, NTLM, Negotiate, Kerberos), file transfer resume, http proxy tunneling
++ and more!
++ .
++ libcurl is free, thread-safe, IPv6 compatible, feature rich, well supported,
++ fast, thoroughly documented and is already used by many known, big and
++ successful companies and numerous applications.
++ .
++ SSL support is provided by NSS.
++
++Package: libcurl4-openssl-dev
++Architecture: any
++Section: libdevel
++Provides: libcurl-dev,
++ libcurl-ssl-dev,
++ libcurl3-openssl-dev,
++ libcurl4-dev,
++ libcurl3-dev
++Conflicts: libcurl4-gnutls-dev, libcurl4-nss-dev, libssl1.0-dev
++Depends: ${misc:Depends}, libcurl4 (= ${binary:Version})
++Suggests: libcurl4-doc,
++ libidn-dev,
++ libkrb5-dev,
++ libldap2-dev,
++ librtmp-dev,
++ libssh2-1-dev,
++ libssl-dev,
++ pkg-config,
++ zlib1g-dev
++Multi-Arch: same
++Description: development files and documentation for libcurl (OpenSSL flavour)
++ libcurl is an easy-to-use client-side URL transfer library, supporting DICT,
++ FILE, FTP, FTPS, GOPHER, HTTP, HTTPS, IMAP, IMAPS, LDAP, LDAPS, POP3, POP3S,
++ RTMP, RTSP, SCP, SFTP, SMTP, SMTPS, TELNET and TFTP.
++ .
++ libcurl supports SSL certificates, HTTP POST, HTTP PUT, FTP uploading, HTTP
++ form based upload, proxies, cookies, user+password authentication (Basic,
++ Digest, NTLM, Negotiate, Kerberos), file transfer resume, http proxy tunneling
++ and more!
++ .
++ libcurl is free, thread-safe, IPv6 compatible, feature rich, well supported,
++ fast, thoroughly documented and is already used by many known, big and
++ successful companies and numerous applications.
++ .
++ This package provides the development files (ie. includes, static library,
++ manual pages) that allow one to build software which uses libcurl.
++ .
++ SSL support is provided by OpenSSL.
++
++Package: libcurl4-gnutls-dev
++Architecture: any
++Section: libdevel
++Provides: libcurl-dev,
++ libcurl-ssl-dev,
++ libcurl3-gnutls-dev,
++ libcurl4-dev
++Conflicts: libcurl4-openssl-dev, libcurl4-nss-dev
++Depends: ${misc:Depends}, libcurl3-gnutls (= ${binary:Version})
++Suggests: libcurl4-doc,
++ libgnutls28-dev,
++ libidn-dev,
++ libkrb5-dev,
++ libldap2-dev,
++ librtmp-dev,
++ libssh2-1-dev,
++ pkg-config,
++ zlib1g-dev
++Multi-Arch: same
++Description: development files and documentation for libcurl (GnuTLS flavour)
++ libcurl is an easy-to-use client-side URL transfer library, supporting DICT,
++ FILE, FTP, FTPS, GOPHER, HTTP, HTTPS, IMAP, IMAPS, LDAP, LDAPS, POP3, POP3S,
++ RTMP, RTSP, SCP, SFTP, SMTP, SMTPS, TELNET and TFTP.
++ .
++ libcurl supports SSL certificates, HTTP POST, HTTP PUT, FTP uploading, HTTP
++ form based upload, proxies, cookies, user+password authentication (Basic,
++ Digest, NTLM, Negotiate, Kerberos), file transfer resume, http proxy tunneling
++ and more!
++ .
++ libcurl is free, thread-safe, IPv6 compatible, feature rich, well supported,
++ fast, thoroughly documented and is already used by many known, big and
++ successful companies and numerous applications.
++ .
++ This package provides the development files (ie. includes, static library,
++ manual pages) that allow one to build software which uses libcurl.
++ .
++ SSL support is provided by GnuTLS.
++
++Package: libcurl4-nss-dev
++Architecture: any
++Section: libdevel
++Provides: libcurl-dev,
++ libcurl-ssl-dev,
++ libcurl3-nss-dev,
++ libcurl4-dev
++Conflicts: libcurl4-openssl-dev, libcurl4-gnutls-dev
++Depends: ${misc:Depends}, libcurl3-nss (= ${binary:Version})
++Suggests: libcurl4-doc,
++ libidn-dev,
++ libkrb5-dev,
++ libldap2-dev,
++ libnss3-dev,
++ librtmp-dev,
++ libssh2-1-dev,
++ pkg-config,
++ zlib1g-dev
++Multi-Arch: same
++Description: development files and documentation for libcurl (NSS flavour)
++ libcurl is an easy-to-use client-side URL transfer library, supporting DICT,
++ FILE, FTP, FTPS, GOPHER, HTTP, HTTPS, IMAP, IMAPS, LDAP, LDAPS, POP3, POP3S,
++ RTMP, RTSP, SCP, SFTP, SMTP, SMTPS, TELNET and TFTP.
++ .
++ libcurl supports SSL certificates, HTTP POST, HTTP PUT, FTP uploading, HTTP
++ form based upload, proxies, cookies, user+password authentication (Basic,
++ Digest, NTLM, Negotiate, Kerberos), file transfer resume, http proxy tunneling
++ and more!
++ .
++ libcurl is free, thread-safe, IPv6 compatible, feature rich, well supported,
++ fast, thoroughly documented and is already used by many known, big and
++ successful companies and numerous applications.
++ .
++ This package provides the development files (ie. includes, static library,
++ manual pages) that allow one to build software which uses libcurl.
++ .
++ SSL support is provided by NSS.
++
++Package: libcurl4-doc
++Section: doc
++Architecture: all
++Multi-Arch: foreign
++Depends: ${misc:Depends}
++Description: documentation for libcurl
++ libcurl is an easy-to-use client-side URL transfer library, supporting DICT,
++ FILE, FTP, FTPS, GOPHER, HTTP, HTTPS, IMAP, IMAPS, LDAP, LDAPS, POP3, POP3S,
++ RTMP, RTSP, SCP, SFTP, SMTP, SMTPS, TELNET and TFTP.
++ .
++ libcurl supports SSL certificates, HTTP POST, HTTP PUT, FTP uploading, HTTP
++ form based upload, proxies, cookies, user+password authentication (Basic,
++ Digest, NTLM, Negotiate, Kerberos), file transfer resume, http proxy tunneling
++ and more!
++ .
++ libcurl is free, thread-safe, IPv6 compatible, feature rich, well supported,
++ fast, thoroughly documented and is already used by many known, big and
++ successful companies and numerous applications.
++ .
++ This package provides the documentation files for libcurl.
--- /dev/null
--- /dev/null
++Format: https://www.debian.org/doc/packaging-manuals/copyright-format/1.0/
++Upstream-Name: curl
++Source: https://curl.se/
++
++Files: *
++Copyright: 1997-2022, Daniel Stenberg, <daniel@haxx.se>, et al.
++License: curl
++
++Files: debian/*
++Copyright: 1999, Leon Breedt <ljb@debian.org>
++ 2005, Luk Claes <luk@debian.org>
++ 2005, LaMont Jones <lamont@ubuntu.com>
++ 2004-2005, Matthias Klose <doko@debian.org>
++ 2005-2006, Martin Pitt <martin.pitt@ubuntu.com>
++ 2008, Andreas Schuldei <andreas@debian.org>
++ 2000-2010, Domenico Andreoli <cavok@debian.org>
++ 1999-2010, Domenico Andreoli <cavok@debian.org>
++ 2010-2011, Ramakrishnan Muthukrishnan <rkrishnan@debian.org>
++ 2007, 2011, 2018, Steve Langasek <vorlon@debian.org>
++ 2011-2020, Alessandro Ghedini <ghedo@debian.org>
++ 2021, Bruno Kleinert <fuddl@debian.org>
++ 2021, Jeremy Bicha <jbicha@debian.org>
++ 2014-2011, Helmut Grohne <helmutg@debian.org>
++ 2022, Paul Gevers <elbrus@debian.org>
++ 2013, 2022, Salvatore Bonaccorso <carnil@debian.org>
++ 2022, Sergio Durigan Junior <sergiodj@debian.org>
++ 2021-2022, Samuel Henrique <samueloph@debian.org>
++License: curl
++
++Files: packages/vms/backup_gnv_curl_src.com
++ packages/vms/build_curl-config_script.com
++ packages/vms/build_gnv_curl.com
++ packages/vms/build_gnv_curl_pcsi_desc.com
++ packages/vms/build_gnv_curl_pcsi_text.com
++ packages/vms/build_gnv_curl_release_notes.com
++ packages/vms/build_libcurl_pc.com
++ packages/vms/clean_gnv_curl.com
++ packages/vms/config_h.com
++ packages/vms/curl_gnv_build_steps.txt
++ packages/vms/curl_startup.com
++ packages/vms/generate_config_vms_h_curl.com
++ packages/vms/generate_vax_transfer.com
++ packages/vms/gnv_conftest.c_first
++ packages/vms/gnv_curl_configure.sh
++ packages/vms/gnv_libcurl_symbols.opt
++ packages/vms/gnv_link_curl.com
++ packages/vms/make_gnv_curl_install.sh
++ packages/vms/make_pcsi_curl_kit_name.com
++ packages/vms/pcsi_gnv_curl_file_list.txt
++ packages/vms/pcsi_product_gnv_curl.com
++ packages/vms/report_openssl_version.c
++ packages/vms/setup_gnv_curl_build.com
++ packages/vms/stage_curl_install.com
++ packages/vms/vms_eco_level.h
++Copyright: 2009-2022, John Malmberg
++License: ISC
++
++Files: lib/curl_des.c
++ lib/curl_des.h
++ lib/system_win32.c
++ lib/system_win32.h
++ lib/vauth/krb5_sspi.c
++ lib/vauth/vauth.c
++ lib/vauth/vauth.h
++ lib/version_win32.c
++ lib/version_win32.h
++ projects/build-openssl.bat
++ projects/checksrc.bat
++ projects/generate.bat
++ tests/libtest/lib1520.c
++Copyright: 2012-2022, Steve Holme, <steve_holme@hotmail.com>
++License: curl
++
++Files: m4/xc-am-iface.m4
++ m4/xc-cc-check.m4
++ m4/xc-lt-iface.m4
++ m4/xc-translit.m4
++ m4/xc-val-flgs.m4
++ m4/zz40-xc-ovr.m4
++ m4/zz50-xc-ovr.m4
++ m4/zz60-xc-ovr.m4
++Copyright: 2011-2022, Daniel Stenberg <daniel@haxx.se>
++License: ISC
++
++Files: compile
++ depcomp
++ missing
++ test-driver
++Copyright: 1996-2021, Free Software Foundation, Inc.
++License: GPL-2+ with Autoconf-data exception
++
++Files: lib/vtls/mbedtls.c
++ lib/vtls/mbedtls.h
++ lib/vtls/mbedtls_threadlock.c
++ lib/vtls/mbedtls_threadlock.h
++Copyright: 2010-2011, Hoi-Ho Chan, <hoiho.chan@gmail.com>
++ 2012-2022, Daniel Stenberg, <daniel@haxx.se>, et al.
++License: curl
++
++Files: tests/libtest/lib1506.c
++ tests/libtest/lib1508.c
++ tests/libtest/lib1510.c
++ tests/libtest/lib1512.c
++Copyright: 2013-2022, Linus Nielsen Feltzing <linus@haxx.se>
++License: curl
++
++Files: config.guess
++ config.sub
++Copyright: 1992-2022, Free Software Foundation, Inc.
++License: GPL-3+ with Autoconf-data exception
++
++Files: lib/inet_ntop.c
++ lib/inet_pton.c
++Copyright: 1996-2022, Internet Software Consortium.
++License: ISC
++
++Files: tests/certs/scripts/genroot.sh
++ tests/certs/scripts/genserv.sh
++Copyright: 2000-2020, EdelWeb for EdelKey and OpenEvidence
++License: curl
++
++Files: lib/smb.c
++ lib/smb.h
++Copyright: 2014, 2018, Bill Nagel <wnagel@tycoint.com>, Exacq Technologies
++ 2018-2022, Daniel Stenberg, <daniel@haxx.se>, et al.
++License: curl
++
++Files: lib/curl_sha256.h
++ lib/sha256.c
++Copyright: 2017, Florin Petriuc, <petriuc.florin@gmail.com>
++ 2018-2022, Daniel Stenberg, <daniel@haxx.se>, et al.
++License: curl
++
++Files: lib/conncache.c
++ lib/conncache.h
++Copyright: 2012-2016, Linus Nielsen Feltzing, <linus@haxx.se>
++ 2012-2022, Daniel Stenberg, <daniel@haxx.se>, et al.
++License: curl
++
++Files: tests/appveyor.pm
++ tests/azure.pm
++Copyright: 2020-2022, Daniel Stenberg, <daniel@haxx.se>, et al.
++ 2020-2022, Marc Hoersken, <info@marc-hoersken.de>
++License: curl
++
++Files: lib/vtls/schannel.c
++ lib/vtls/schannel_verify.c
++Copyright: 2012, Mark Salisbury, <mark.salisbury@hp.com>
++ 2012-2016, Marc Hoersken, <info@marc-hoersken.de>
++ 2012-2022, Daniel Stenberg, <daniel@haxx.se>, et al.
++License: curl
++
++Files: lib/socks_gssapi.c
++ lib/socks_sspi.c
++Copyright: 2011-2012, Markus Moeller, <markus_moeller@compuserve.com>
++ 2012-2022, Daniel Stenberg, <daniel@haxx.se>, et al.
++License: curl
++
++Files: lib/vtls/sectransp.c
++ lib/vtls/sectransp.h
++Copyright: 2012-2017, Nick Zitzmann, <nickzman@gmail.com>.
++ 2012-2022, Daniel Stenberg, <daniel@haxx.se>, et al.
++License: curl
++
++Files: lib/vauth/digest_sspi.c
++ lib/vauth/krb5_gssapi.c
++Copyright: 2014-2019, Steve Holme, <steve_holme@hotmail.com>.
++ 2015-2022, Daniel Stenberg, <daniel@haxx.se>, et al.
++License: curl
++
++Files: lib/vtls/rustls.c
++ lib/vtls/rustls.h
++Copyright: 2020-2022, Jacob Hoffman-Andrews,
++License: curl
++
++Files: tests/libtest/lib1908.c
++ tests/libtest/lib1910.c
++Copyright: 2013-2022, Linus Nielsen Feltzing, <linus@haxx.se>
++License: curl
++
++Files: docs/libcurl/opts/CURLOPT_PREREQDATA.3
++ docs/libcurl/opts/CURLOPT_PREREQFUNCTION.3
++Copyright: 2022, Max Dymond, <max.dymond@microsoft.com>, et al.
++License: curl
++
++Files: lib/vtls/bearssl.c
++ lib/vtls/bearssl.h
++Copyright: 2019-2022, Michael Forney, <mforney@mforney.org>
++License: curl
++
++Files: tests/libtest/lib1526.c
++ tests/libtest/lib1527.c
++Copyright: 1998-2022, Vijay Panghal, <vpanghal@maginatics.com>, et al.
++License: curl
++
++Files: m4/libtool.m4
++ ltmain.sh
++Copyright: 1996-2022, Free Software Foundation, Inc.
++License: GPL-2+ with Libtool exception
++
++Files: lib/krb5.c
++Copyright: 1995-1999, Kungliga Tekniska Högskolan
++ 2004-2022, Daniel Stenberg
++License: BSD-3-clause
++
++Files: tests/server/tftpd.c
++Copyright: 1983, Regents of the University of California.
++ 2005-2022, Daniel Stenberg, <daniel@haxx.se>, et al.
++License: BSD-4-Clause-UC
++
++Files: aclocal.m4
++ m4/ltsugar.m4
++ m4/ltversion.m4
++ m4/ltoptions.m4
++ m4/lt~obsolete.m4
++Copyright: 1996-2022, Free Software Foundation, Inc.
++License: FSFULLR
++
++Files: install-sh
++Copyright: 1994, X Consortium
++License: X11
++
++Files: lib/mqtt.h
++Copyright: 2019-2022, Björn Stenberg, <bjorn@haxx.se>
++License: curl
++
++Files: lib/mqtt.c
++Copyright: 2019, Björn Stenberg, <bjorn@haxx.se>
++ 2020-2022, Daniel Stenberg, <daniel@haxx.se>, et al.
++License: curl
++
++Files: lib/curl_rtmp.c
++Copyright: 2012, Howard Chu, <hyc@highlandsun.com>
++ 2012-2022, Daniel Stenberg, <daniel@haxx.se>, et al.
++License: curl
++
++Files: lib/openldap.c
++Copyright: 2010, Howard Chu, <hyc@openldap.org>
++ 2011-2022, Daniel Stenberg, <daniel@haxx.se>, et al.
++License: curl
++
++Files: tests/server/fake_ntlm.c
++Copyright: 2010, Mandy Wu, <mandy.wu@intel.com>
++ 2011-2022, Daniel Stenberg, <daniel@haxx.se>, et al.
++License: curl
++
++Files: lib/vtls/schannel.h
++Copyright: 2012, Marc Hoersken, <info@marc-hoersken.de>, et al.
++ 2012-2022, Daniel Stenberg, <daniel@haxx.se>, et al.
++License: curl
++
++Files: tests/libtest/lib1525.c
++Copyright: 1998, Vijay Panghal, <vpanghal@maginatics.com>, et al.
++ 1998-2022, Daniel Stenberg, <daniel@haxx.se>, et al.
++License: curl
++
++Files: docs/libcurl/libcurl.m4
++Copyright: 2006-2022, David Shaw <dshaw@jabberwocky.com>
++License: curl
++
++Files: tests/pathhelp.pm
++Copyright: 2016-2022, Evgeny Grin (Karlson2k), <k2k@narod.ru>.
++License: curl
++
++Files: lib/curl_rtmp.h
++Copyright: 2010-2022, Howard Chu, <hyc@highlandsun.com>
++License: curl
++
++Files: projects/build-wolfssl.bat
++Copyright: 2012-2020, Steve Holme, <steve_holme@hotmail.com>.
++ 2015-2022, Jay Satiro, <raysatiro@yahoo.com>.
++License: curl
++
++Files: docs/examples/crawler.c
++Copyright: 2018-2022, Jeroen Ooms <jeroenooms@gmail.com>
++License: curl
++
++Files: tests/libtest/libprereq.c
++Copyright: 2021-2022, Max Dymond, <max.dymond@microsoft.com>
++License: curl
++
++Files: tests/libtest/lib3010.c
++Copyright: 2020-2022, Nicolas Sterchele, <nicolas@sterchelen.net>
++License: curl
++
++Files: lib/vssh/libssh.c
++Copyright: 2017-2022, Red Hat, Inc.
++License: curl
++
++Files: lib/vauth/gsasl.c
++Copyright: 2020-2022, Simon Josefsson, <simon@josefsson.org>, et al.
++License: curl
++
++License: curl
++ All rights reserved.
++ .
++ Permission to use, copy, modify, and distribute this software for any purpose
++ with or without fee is hereby granted, provided that the above copyright
++ notice and this permission notice appear in all copies.
++ .
++ THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
++ IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
++ FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS. IN
++ NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM,
++ DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR
++ OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE
++ OR OTHER DEALINGS IN THE SOFTWARE.
++ .
++ Except as contained in this notice, the name of a copyright holder shall not
++ be used in advertising or otherwise to promote the sale, use or other dealings
++ in this Software without prior written authorization of the copyright holder.
++
++License: BSD-3-Clause
++ Redistribution and use in source and binary forms, with or without
++ modification, are permitted provided that the following conditions
++ are met:
++ .
++ 1. Redistributions of source code must retain the above copyright
++ notice, this list of conditions and the following disclaimer.
++ .
++ 2. Redistributions in binary form must reproduce the above copyright
++ notice, this list of conditions and the following disclaimer in the
++ documentation and/or other materials provided with the distribution.
++ .
++ 3. Neither the name of the Institute nor the names of its contributors
++ may be used to endorse or promote products derived from this software
++ without specific prior written permission.
++ .
++ THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
++ ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
++ IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
++ ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
++ FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
++ DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
++ OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
++ HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
++ LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
++ OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
++ SUCH DAMAGE.
++
++License: BSD-4-Clause-UC
++ Redistribution and use in source and binary forms, with or without
++ modification, are permitted provided that the following conditions
++ are met:
++ 1. Redistributions of source code must retain the above copyright
++ notice, this list of conditions and the following disclaimer.
++ 2. Redistributions in binary form must reproduce the above copyright
++ notice, this list of conditions and the following disclaimer in the
++ documentation and/or other materials provided with the distribution.
++ 3. All advertising materials mentioning features or use of this software
++ must display the following acknowledgement:
++ This product includes software developed by the University of
++ California, Berkeley and its contributors.
++ 4. Neither the name of the University nor the names of its contributors
++ may be used to endorse or promote products derived from this software
++ without specific prior written permission.
++ .
++ THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
++ ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
++ IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
++ ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
++ FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
++ DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
++ OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
++ HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
++ LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
++ OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
++ SUCH DAMAGE.
++Comment: Clause 3 has been deleted:
++ July 22, 1999
++ .
++ To All Licensees, Distributors of Any Version of BSD:
++ .
++ As you know, certain of the Berkeley Software Distribution ("BSD") source
++ code files require that further distributions of products containing all or
++ portions of the software, acknowledge within their advertising materials
++ that such products contain software developed by UC Berkeley and its
++ contributors.
++ .
++ Specifically, the provision reads:
++ .
++ " * 3. All advertising materials mentioning features or use of this software
++ * must display the following acknowledgement:
++ * This product includes software developed by the University of
++ * California, Berkeley and its contributors."
++ .
++ Effective immediately, licensees and distributors are no longer required to
++ include the acknowledgement within advertising materials. Accordingly, the
++ foregoing paragraph of those BSD Unix files containing it is hereby deleted
++ in its entirety.
++ .
++ William Hoskins
++ Director, Office of Technology Licensing
++ University of California, Berkeley
++
++License: ISC
++ Permission to use, copy, modify, and/or distribute this software for any
++ purpose with or without fee is hereby granted, provided that the above
++ copyright notice and this permission notice appear in all copies.
++ .
++ THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
++ WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
++ MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
++ ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
++ WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
++ ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
++ OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
++
++License: GPL-2+ with Autoconf-data exception
++ This program is free software; you can redistribute it and/or modify
++ it under the terms of the GNU General Public License as published by
++ the Free Software Foundation; either version 2, or (at your option)
++ any later version.
++ .
++ This program is distributed in the hope that it will be useful,
++ but WITHOUT ANY WARRANTY; without even the implied warranty of
++ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
++ GNU General Public License for more details.
++ .
++ You should have received a copy of the GNU General Public License
++ along with this program. If not, see <https://www.gnu.org/licenses/>.
++ As a special exception to the GNU General Public License, if you
++ distribute this file as part of a program that contains a
++ configuration script generated by Autoconf, you may include it under
++ the same distribution terms that you use for the rest of that program.
++
++License: X11
++ Permission is hereby granted, free of charge, to any person obtaining a copy
++ of this software and associated documentation files (the "Software"), to
++ deal in the Software without restriction, including without limitation the
++ rights to use, copy, modify, merge, publish, distribute, sublicense, and/or
++ sell copies of the Software, and to permit persons to whom the Software is
++ furnished to do so, subject to the following conditions:
++ .
++ The above copyright notice and this permission notice shall be included in
++ all copies or substantial portions of the Software.
++ .
++ THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
++ IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
++ FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
++ X CONSORTIUM BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN
++ AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNEC-
++ TION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
++ .
++ Except as contained in this notice, the name of the X Consortium shall not
++ be used in advertising or otherwise to promote the sale, use or other deal-
++ ings in this Software without prior written authorization from the X Consor-
++ tium.
++
++License: GPL-2+ with Libtool exception
++ GNU Libtool is free software; you can redistribute it and/or modify
++ it under the terms of the GNU General Public License as published by
++ the Free Software Foundation; either version 2 of the License, or
++ (at your option) any later version.
++ .
++ As a special exception to the GNU General Public License,
++ if you distribute this file as part of a program or library that
++ is built using GNU Libtool, you may include this file under the
++ same distribution terms that you use for the rest of that program.
++ .
++ GNU Libtool is distributed in the hope that it will be useful, but
++ WITHOUT ANY WARRANTY; without even the implied warranty of
++ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
++ General Public License for more details.
++ .
++ You should have received a copy of the GNU General Public License
++ along with GNU Libtool; see the file COPYING. If not, a copy
++ can be downloaded from http://www.gnu.org/licenses/gpl.html,
++ or obtained by writing to the Free Software Foundation, Inc.,
++ 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
++ .
++ On Debian systems, the full text of the GNU General Public
++ License version 2 can be found in the file
++ `/usr/share/common-licenses/GPL-2'.
++
++License: GPL-3+ with Autoconf-data exception
++ This program is free software: you can redistribute it and/or modify it
++ under the terms of the GNU General Public License as published by the
++ Free Software Foundation, either version 3 of the License, or (at your
++ option) any later version.
++ .
++ This program is distributed in the hope that it will be useful, but
++ WITHOUT ANY WARRANTY; without even the implied warranty of
++ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General
++ Public License for more details.
++ .
++ You should have received a copy of the GNU General Public License along
++ with this program. If not, see <https://www.gnu.org/licenses/>.
++ .
++ As a special exception, the respective Autoconf Macro's copyright owner
++ gives unlimited permission to copy, distribute and modify the configure
++ scripts that are the output of Autoconf when processing the Macro. You
++ need not follow the terms of the GNU General Public License when using
++ or distributing such scripts, even though portions of the text of the
++ Macro appear in them. The GNU General Public License (GPL) does govern
++ all other use of the material that constitutes the Autoconf Macro.
++ .
++ This special exception to the GPL applies to versions of the Autoconf
++ Macro released by the Autoconf Archive. When you make and distribute a
++ modified version of the Autoconf Macro, you may extend this special
++ exception to the GPL to apply to your modified version as well.
++
++License: FSFULLR
++ This file is free software; the Free Software Foundation
++ gives unlimited permission to copy and/or distribute it,
++ with or without modifications, as long as this notice is preserved.
--- /dev/null
--- /dev/null
++#!/usr/bin/dh-exec
++usr/bin/curl
++<!cross> usr/share/zsh/*
--- /dev/null
--- /dev/null
++docs/curl.1
--- /dev/null
--- /dev/null
++[DEFAULT]
++pristine-tar = True
++cleaner = /bin/true
++ignore-branch = True
++debian-branch = debian/unstable
++sign-tags = True
++
++[import-orig]
++filter-pristine-tar = True
++
++[pq]
++patch-numbers = False
++
++[dch]
++multimaint-merge = True
--- /dev/null
--- /dev/null
++usr/lib/*/libcurl-gnutls.so.4*
--- /dev/null
--- /dev/null
++#!/bin/sh
++
++echo usr/lib/$DEB_HOST_MULTIARCH/libcurl-gnutls.so.4 usr/lib/$DEB_HOST_MULTIARCH/libcurl-gnutls.so.3
--- /dev/null
--- /dev/null
++libcurl3-gnutls: package-name-doesnt-match-sonames libcurl-gnutls4
--- /dev/null
--- /dev/null
++libcurl-gnutls.so.4 libcurl3-gnutls #MINVER#
++* Build-Depends-Package: libcurl4-gnutls-dev
++ CURL_GNUTLS_3@CURL_GNUTLS_3 7.16.2
++ HIDDEN@HIDDEN 7.16.2
++ curl_easy_cleanup@CURL_GNUTLS_3 7.16.2
++ curl_easy_duphandle@CURL_GNUTLS_3 7.16.2
++ curl_easy_escape@CURL_GNUTLS_3 7.16.2
++ curl_easy_getinfo@CURL_GNUTLS_3 7.16.2
++ curl_easy_header@CURL_GNUTLS_3 7.83.0
++ curl_easy_init@CURL_GNUTLS_3 7.16.2
++ curl_easy_nextheader@CURL_GNUTLS_3 7.83.0
++ curl_easy_option_by_id@CURL_GNUTLS_3 7.74.0
++ curl_easy_option_by_name@CURL_GNUTLS_3 7.74.0
++ curl_easy_option_next@CURL_GNUTLS_3 7.74.0
++ curl_easy_pause@CURL_GNUTLS_3 7.18.0
++ curl_easy_perform@CURL_GNUTLS_3 7.16.2
++ curl_easy_recv@CURL_GNUTLS_3 7.18.2
++ curl_easy_reset@CURL_GNUTLS_3 7.16.2
++ curl_easy_send@CURL_GNUTLS_3 7.18.2
++ curl_easy_setopt@CURL_GNUTLS_3 7.16.2
++ curl_easy_strerror@CURL_GNUTLS_3 7.16.2
++ curl_easy_unescape@CURL_GNUTLS_3 7.16.2
++ curl_easy_upkeep@CURL_GNUTLS_3 7.63.0
++ curl_escape@CURL_GNUTLS_3 7.16.2
++ curl_formadd@CURL_GNUTLS_3 7.16.2
++ curl_formfree@CURL_GNUTLS_3 7.16.2
++ curl_formget@CURL_GNUTLS_3 7.16.2
++ curl_free@CURL_GNUTLS_3 7.16.2
++ curl_getdate@CURL_GNUTLS_3 7.16.2
++ curl_getenv@CURL_GNUTLS_3 7.16.2
++ curl_global_cleanup@CURL_GNUTLS_3 7.16.2
++ curl_global_init@CURL_GNUTLS_3 7.16.2
++ curl_global_init_mem@CURL_GNUTLS_3 7.16.2
++ curl_global_sslset@CURL_GNUTLS_3 7.56.1
++ curl_maprintf@CURL_GNUTLS_3 7.16.2
++ curl_mfprintf@CURL_GNUTLS_3 7.16.2
++ curl_mime_addpart@CURL_GNUTLS_3 7.56.1
++ curl_mime_data@CURL_GNUTLS_3 7.56.1
++ curl_mime_data_cb@CURL_GNUTLS_3 7.56.1
++ curl_mime_encoder@CURL_GNUTLS_3 7.56.1
++ curl_mime_filedata@CURL_GNUTLS_3 7.56.1
++ curl_mime_filename@CURL_GNUTLS_3 7.56.1
++ curl_mime_free@CURL_GNUTLS_3 7.56.1
++ curl_mime_headers@CURL_GNUTLS_3 7.56.1
++ curl_mime_init@CURL_GNUTLS_3 7.56.1
++ curl_mime_name@CURL_GNUTLS_3 7.56.1
++ curl_mime_subparts@CURL_GNUTLS_3 7.56.1
++ curl_mime_type@CURL_GNUTLS_3 7.56.1
++ curl_mprintf@CURL_GNUTLS_3 7.16.2
++ curl_msnprintf@CURL_GNUTLS_3 7.16.2
++ curl_msprintf@CURL_GNUTLS_3 7.16.2
++ curl_multi_add_handle@CURL_GNUTLS_3 7.16.2
++ curl_multi_assign@CURL_GNUTLS_3 7.16.2
++ curl_multi_cleanup@CURL_GNUTLS_3 7.16.2
++ curl_multi_fdset@CURL_GNUTLS_3 7.16.2
++ curl_multi_info_read@CURL_GNUTLS_3 7.16.2
++ curl_multi_init@CURL_GNUTLS_3 7.16.2
++ curl_multi_perform@CURL_GNUTLS_3 7.16.2
++ curl_multi_poll@CURL_GNUTLS_3 7.66.0
++ curl_multi_remove_handle@CURL_GNUTLS_3 7.16.2
++ curl_multi_setopt@CURL_GNUTLS_3 7.16.2
++ curl_multi_socket@CURL_GNUTLS_3 7.16.2
++ curl_multi_socket_action@CURL_GNUTLS_3 7.16.3
++ curl_multi_socket_all@CURL_GNUTLS_3 7.16.2
++ curl_multi_strerror@CURL_GNUTLS_3 7.16.2
++ curl_multi_timeout@CURL_GNUTLS_3 7.16.2
++ curl_multi_wait@CURL_GNUTLS_3 7.28.0
++ curl_multi_wakeup@CURL_GNUTLS_3 7.68.0
++ curl_mvaprintf@CURL_GNUTLS_3 7.16.2
++ curl_mvfprintf@CURL_GNUTLS_3 7.16.2
++ curl_mvprintf@CURL_GNUTLS_3 7.16.2
++ curl_mvsnprintf@CURL_GNUTLS_3 7.16.2
++ curl_mvsprintf@CURL_GNUTLS_3 7.16.2
++ curl_pushheader_byname@CURL_GNUTLS_3 7.44.0
++ curl_pushheader_bynum@CURL_GNUTLS_3 7.44.0
++ curl_share_cleanup@CURL_GNUTLS_3 7.16.2
++ curl_share_init@CURL_GNUTLS_3 7.16.2
++ curl_share_setopt@CURL_GNUTLS_3 7.16.2
++ curl_share_strerror@CURL_GNUTLS_3 7.16.2
++ curl_slist_append@CURL_GNUTLS_3 7.16.2
++ curl_slist_free_all@CURL_GNUTLS_3 7.16.2
++ curl_strequal@CURL_GNUTLS_3 7.16.2
++ curl_strnequal@CURL_GNUTLS_3 7.16.2
++ curl_unescape@CURL_GNUTLS_3 7.16.2
++ curl_url@CURL_GNUTLS_3 7.63.0
++ curl_url_cleanup@CURL_GNUTLS_3 7.63.0
++ curl_url_dup@CURL_GNUTLS_3 7.63.0
++ curl_url_get@CURL_GNUTLS_3 7.63.0
++ curl_url_set@CURL_GNUTLS_3 7.63.0
++ curl_url_strerror@CURL_GNUTLS_3 7.80.0
++ curl_version@CURL_GNUTLS_3 7.16.2
++ curl_version_info@CURL_GNUTLS_3 7.16.2
++ curl_ws_meta@CURL_GNUTLS_3 7.86.0
++ curl_ws_recv@CURL_GNUTLS_3 7.86.0
++ curl_ws_send@CURL_GNUTLS_3 7.86.0
--- /dev/null
--- /dev/null
++usr/lib/*/libcurl-nss.so.4*
--- /dev/null
--- /dev/null
++#!/bin/sh
++
++echo usr/lib/$DEB_HOST_MULTIARCH/libcurl-nss.so.4 usr/lib/$DEB_HOST_MULTIARCH/libcurl-nss.so.3
--- /dev/null
--- /dev/null
++libcurl3-nss: package-name-doesnt-match-sonames libcurl-nss4
--- /dev/null
--- /dev/null
++libcurl-nss.so.4 libcurl3-nss #MINVER#
++* Build-Depends-Package: libcurl4-nss-dev
++ CURL_NSS_3@CURL_NSS_3 7.23.1
++ HIDDEN@HIDDEN 7.23.1
++ curl_easy_cleanup@CURL_NSS_3 7.23.1
++ curl_easy_duphandle@CURL_NSS_3 7.23.1
++ curl_easy_escape@CURL_NSS_3 7.23.1
++ curl_easy_getinfo@CURL_NSS_3 7.23.1
++ curl_easy_header@CURL_NSS_3 7.83.0
++ curl_easy_init@CURL_NSS_3 7.23.1
++ curl_easy_nextheader@CURL_NSS_3 7.83.0
++ curl_easy_option_by_id@CURL_NSS_3 7.74.0
++ curl_easy_option_by_name@CURL_NSS_3 7.74.0
++ curl_easy_option_next@CURL_NSS_3 7.74.0
++ curl_easy_pause@CURL_NSS_3 7.23.1
++ curl_easy_perform@CURL_NSS_3 7.23.1
++ curl_easy_recv@CURL_NSS_3 7.23.1
++ curl_easy_reset@CURL_NSS_3 7.23.1
++ curl_easy_send@CURL_NSS_3 7.23.1
++ curl_easy_setopt@CURL_NSS_3 7.23.1
++ curl_easy_strerror@CURL_NSS_3 7.23.1
++ curl_easy_unescape@CURL_NSS_3 7.23.1
++ curl_easy_upkeep@CURL_NSS_3 7.63.0
++ curl_escape@CURL_NSS_3 7.23.1
++ curl_formadd@CURL_NSS_3 7.23.1
++ curl_formfree@CURL_NSS_3 7.23.1
++ curl_formget@CURL_NSS_3 7.23.1
++ curl_free@CURL_NSS_3 7.23.1
++ curl_getdate@CURL_NSS_3 7.23.1
++ curl_getenv@CURL_NSS_3 7.23.1
++ curl_global_cleanup@CURL_NSS_3 7.23.1
++ curl_global_init@CURL_NSS_3 7.23.1
++ curl_global_init_mem@CURL_NSS_3 7.23.1
++ curl_global_sslset@CURL_NSS_3 7.56.1
++ curl_maprintf@CURL_NSS_3 7.23.1
++ curl_mfprintf@CURL_NSS_3 7.23.1
++ curl_mime_addpart@CURL_NSS_3 7.56.1
++ curl_mime_data@CURL_NSS_3 7.56.1
++ curl_mime_data_cb@CURL_NSS_3 7.56.1
++ curl_mime_encoder@CURL_NSS_3 7.56.1
++ curl_mime_filedata@CURL_NSS_3 7.56.1
++ curl_mime_filename@CURL_NSS_3 7.56.1
++ curl_mime_free@CURL_NSS_3 7.56.1
++ curl_mime_headers@CURL_NSS_3 7.56.1
++ curl_mime_init@CURL_NSS_3 7.56.1
++ curl_mime_name@CURL_NSS_3 7.56.1
++ curl_mime_subparts@CURL_NSS_3 7.56.1
++ curl_mime_type@CURL_NSS_3 7.56.1
++ curl_mprintf@CURL_NSS_3 7.23.1
++ curl_msnprintf@CURL_NSS_3 7.23.1
++ curl_msprintf@CURL_NSS_3 7.23.1
++ curl_multi_add_handle@CURL_NSS_3 7.23.1
++ curl_multi_assign@CURL_NSS_3 7.23.1
++ curl_multi_cleanup@CURL_NSS_3 7.23.1
++ curl_multi_fdset@CURL_NSS_3 7.23.1
++ curl_multi_info_read@CURL_NSS_3 7.23.1
++ curl_multi_init@CURL_NSS_3 7.23.1
++ curl_multi_perform@CURL_NSS_3 7.23.1
++ curl_multi_poll@CURL_NSS_3 7.66.0
++ curl_multi_remove_handle@CURL_NSS_3 7.23.1
++ curl_multi_setopt@CURL_NSS_3 7.23.1
++ curl_multi_socket@CURL_NSS_3 7.23.1
++ curl_multi_socket_action@CURL_NSS_3 7.23.1
++ curl_multi_socket_all@CURL_NSS_3 7.23.1
++ curl_multi_strerror@CURL_NSS_3 7.23.1
++ curl_multi_timeout@CURL_NSS_3 7.23.1
++ curl_multi_wait@CURL_NSS_3 7.28.0
++ curl_multi_wakeup@CURL_NSS_3 7.68.0
++ curl_mvaprintf@CURL_NSS_3 7.23.1
++ curl_mvfprintf@CURL_NSS_3 7.23.1
++ curl_mvprintf@CURL_NSS_3 7.23.1
++ curl_mvsnprintf@CURL_NSS_3 7.23.1
++ curl_mvsprintf@CURL_NSS_3 7.23.1
++ curl_pushheader_byname@CURL_NSS_3 7.44.0
++ curl_pushheader_bynum@CURL_NSS_3 7.44.0
++ curl_share_cleanup@CURL_NSS_3 7.23.1
++ curl_share_init@CURL_NSS_3 7.23.1
++ curl_share_setopt@CURL_NSS_3 7.23.1
++ curl_share_strerror@CURL_NSS_3 7.23.1
++ curl_slist_append@CURL_NSS_3 7.23.1
++ curl_slist_free_all@CURL_NSS_3 7.23.1
++ curl_strequal@CURL_NSS_3 7.23.1
++ curl_strnequal@CURL_NSS_3 7.23.1
++ curl_unescape@CURL_NSS_3 7.23.1
++ curl_url@CURL_NSS_3 7.63.0
++ curl_url_cleanup@CURL_NSS_3 7.63.0
++ curl_url_dup@CURL_NSS_3 7.63.0
++ curl_url_get@CURL_NSS_3 7.63.0
++ curl_url_set@CURL_NSS_3 7.63.0
++ curl_url_strerror@CURL_NSS_3 7.80.0
++ curl_version@CURL_NSS_3 7.23.1
++ curl_version_info@CURL_NSS_3 7.23.1
++ curl_ws_meta@CURL_NSS_3 7.86.0
++ curl_ws_recv@CURL_NSS_3 7.86.0
++ curl_ws_send@CURL_NSS_3 7.86.0
--- /dev/null
--- /dev/null
++README
++docs/*.md
++docs/FAQ
++docs/KNOWN_BUGS
++docs/THANKS
++docs/TODO
--- /dev/null
--- /dev/null
++docs/examples/*
--- /dev/null
--- /dev/null
++/usr/share/man/man3/curl_strequal.3 /usr/share/man/man3/curl_strnequal.3
++/usr/share/man/man3/curl_mprintf.3 /usr/share/man/man3/curl_maprintf.3
++/usr/share/man/man3/curl_mprintf.3 /usr/share/man/man3/curl_mfprintf.3
++/usr/share/man/man3/curl_mprintf.3 /usr/share/man/man3/curl_msnprintf.3
++/usr/share/man/man3/curl_mprintf.3 /usr/share/man/man3/curl_msprintf.3
++/usr/share/man/man3/curl_mprintf.3 /usr/share/man/man3/curl_mvaprintf.3
++/usr/share/man/man3/curl_mprintf.3 /usr/share/man/man3/curl_mvfprintf.3
++/usr/share/man/man3/curl_mprintf.3 /usr/share/man/man3/curl_mvprintf.3
++/usr/share/man/man3/curl_mprintf.3 /usr/share/man/man3/curl_mvsnprintf.3
++/usr/share/man/man3/curl_mprintf.3 /usr/share/man/man3/curl_mvsprintf.3
--- /dev/null
--- /dev/null
++docs/libcurl/*.3
++docs/libcurl/opts/*.3
--- /dev/null
--- /dev/null
++usr/bin/curl-config
++usr/lib/*/libcurl-gnutls.a
++usr/lib/*/libcurl-gnutls.so
++usr/lib/*/pkgconfig/libcurl.pc
++usr/include
++../../docs/libcurl/libcurl.m4 usr/share/aclocal
--- /dev/null
--- /dev/null
++#!/bin/sh
++
++echo /usr/lib/$DEB_HOST_MULTIARCH/libcurl-gnutls.a /usr/lib/$DEB_HOST_MULTIARCH/libcurl.a
++echo /usr/lib/$DEB_HOST_MULTIARCH/libcurl-gnutls.so /usr/lib/$DEB_HOST_MULTIARCH/libcurl.so
--- /dev/null
--- /dev/null
++docs/curl-config.1
--- /dev/null
--- /dev/null
++usr/bin/curl-config
++usr/lib/*/libcurl-nss.a
++usr/lib/*/libcurl-nss.so
++usr/lib/*/pkgconfig/libcurl.pc
++usr/include
++../../docs/libcurl/libcurl.m4 usr/share/aclocal
--- /dev/null
--- /dev/null
++#!/bin/sh
++
++echo /usr/lib/$DEB_HOST_MULTIARCH/libcurl-nss.a /usr/lib/$DEB_HOST_MULTIARCH/libcurl.a
++echo /usr/lib/$DEB_HOST_MULTIARCH/libcurl-nss.so /usr/lib/$DEB_HOST_MULTIARCH/libcurl.so
--- /dev/null
--- /dev/null
++docs/curl-config.1
--- /dev/null
--- /dev/null
++usr/bin/curl-config
++usr/lib/*/libcurl.a
++usr/lib/*/libcurl.so
++usr/lib/*/pkgconfig/libcurl.pc
++usr/include
++../../docs/libcurl/libcurl.m4 usr/share/aclocal
--- /dev/null
--- /dev/null
++docs/curl-config.1
--- /dev/null
--- /dev/null
++usr/lib/*/libcurl.so.4*
--- /dev/null
--- /dev/null
++libcurl.so.4 libcurl4 #MINVER#
++* Build-Depends-Package: libcurl4-openssl-dev
++ CURL_OPENSSL_4@CURL_OPENSSL_4 7.16.2
++ HIDDEN@HIDDEN 7.16.2
++ curl_easy_cleanup@CURL_OPENSSL_4 7.16.2
++ curl_easy_duphandle@CURL_OPENSSL_4 7.16.2
++ curl_easy_escape@CURL_OPENSSL_4 7.16.2
++ curl_easy_getinfo@CURL_OPENSSL_4 7.16.2
++ curl_easy_header@CURL_OPENSSL_4 7.83.0
++ curl_easy_init@CURL_OPENSSL_4 7.16.2
++ curl_easy_nextheader@CURL_OPENSSL_4 7.83.0
++ curl_easy_option_by_id@CURL_OPENSSL_4 7.74.0
++ curl_easy_option_by_name@CURL_OPENSSL_4 7.74.0
++ curl_easy_option_next@CURL_OPENSSL_4 7.74.0
++ curl_easy_pause@CURL_OPENSSL_4 7.18.0
++ curl_easy_perform@CURL_OPENSSL_4 7.16.2
++ curl_easy_recv@CURL_OPENSSL_4 7.18.2
++ curl_easy_reset@CURL_OPENSSL_4 7.16.2
++ curl_easy_send@CURL_OPENSSL_4 7.18.2
++ curl_easy_setopt@CURL_OPENSSL_4 7.16.2
++ curl_easy_strerror@CURL_OPENSSL_4 7.16.2
++ curl_easy_unescape@CURL_OPENSSL_4 7.16.2
++ curl_easy_upkeep@CURL_OPENSSL_4 7.63.0
++ curl_escape@CURL_OPENSSL_4 7.16.2
++ curl_formadd@CURL_OPENSSL_4 7.16.2
++ curl_formfree@CURL_OPENSSL_4 7.16.2
++ curl_formget@CURL_OPENSSL_4 7.16.2
++ curl_free@CURL_OPENSSL_4 7.16.2
++ curl_getdate@CURL_OPENSSL_4 7.16.2
++ curl_getenv@CURL_OPENSSL_4 7.16.2
++ curl_global_cleanup@CURL_OPENSSL_4 7.16.2
++ curl_global_init@CURL_OPENSSL_4 7.16.2
++ curl_global_init_mem@CURL_OPENSSL_4 7.16.2
++ curl_global_sslset@CURL_OPENSSL_4 7.56.1
++ curl_maprintf@CURL_OPENSSL_4 7.16.2
++ curl_mfprintf@CURL_OPENSSL_4 7.16.2
++ curl_mime_addpart@CURL_OPENSSL_4 7.56.1
++ curl_mime_data@CURL_OPENSSL_4 7.56.1
++ curl_mime_data_cb@CURL_OPENSSL_4 7.56.1
++ curl_mime_encoder@CURL_OPENSSL_4 7.56.1
++ curl_mime_filedata@CURL_OPENSSL_4 7.56.1
++ curl_mime_filename@CURL_OPENSSL_4 7.56.1
++ curl_mime_free@CURL_OPENSSL_4 7.56.1
++ curl_mime_headers@CURL_OPENSSL_4 7.56.1
++ curl_mime_init@CURL_OPENSSL_4 7.56.1
++ curl_mime_name@CURL_OPENSSL_4 7.56.1
++ curl_mime_subparts@CURL_OPENSSL_4 7.56.1
++ curl_mime_type@CURL_OPENSSL_4 7.56.1
++ curl_mprintf@CURL_OPENSSL_4 7.16.2
++ curl_msnprintf@CURL_OPENSSL_4 7.16.2
++ curl_msprintf@CURL_OPENSSL_4 7.16.2
++ curl_multi_add_handle@CURL_OPENSSL_4 7.16.2
++ curl_multi_assign@CURL_OPENSSL_4 7.16.2
++ curl_multi_cleanup@CURL_OPENSSL_4 7.16.2
++ curl_multi_fdset@CURL_OPENSSL_4 7.16.2
++ curl_multi_info_read@CURL_OPENSSL_4 7.16.2
++ curl_multi_init@CURL_OPENSSL_4 7.16.2
++ curl_multi_perform@CURL_OPENSSL_4 7.16.2
++ curl_multi_poll@CURL_OPENSSL_4 7.66.0
++ curl_multi_remove_handle@CURL_OPENSSL_4 7.16.2
++ curl_multi_setopt@CURL_OPENSSL_4 7.16.2
++ curl_multi_socket@CURL_OPENSSL_4 7.16.2
++ curl_multi_socket_action@CURL_OPENSSL_4 7.16.3
++ curl_multi_socket_all@CURL_OPENSSL_4 7.16.2
++ curl_multi_strerror@CURL_OPENSSL_4 7.16.2
++ curl_multi_timeout@CURL_OPENSSL_4 7.16.2
++ curl_multi_wait@CURL_OPENSSL_4 7.28.0
++ curl_multi_wakeup@CURL_OPENSSL_4 7.68.0
++ curl_mvaprintf@CURL_OPENSSL_4 7.16.2
++ curl_mvfprintf@CURL_OPENSSL_4 7.16.2
++ curl_mvprintf@CURL_OPENSSL_4 7.16.2
++ curl_mvsnprintf@CURL_OPENSSL_4 7.16.2
++ curl_mvsprintf@CURL_OPENSSL_4 7.16.2
++ curl_pushheader_byname@CURL_OPENSSL_4 7.44.0
++ curl_pushheader_bynum@CURL_OPENSSL_4 7.44.0
++ curl_share_cleanup@CURL_OPENSSL_4 7.16.2
++ curl_share_init@CURL_OPENSSL_4 7.16.2
++ curl_share_setopt@CURL_OPENSSL_4 7.16.2
++ curl_share_strerror@CURL_OPENSSL_4 7.16.2
++ curl_slist_append@CURL_OPENSSL_4 7.16.2
++ curl_slist_free_all@CURL_OPENSSL_4 7.16.2
++ curl_strequal@CURL_OPENSSL_4 7.16.2
++ curl_strnequal@CURL_OPENSSL_4 7.16.2
++ curl_unescape@CURL_OPENSSL_4 7.16.2
++ curl_url@CURL_OPENSSL_4 7.63.0
++ curl_url_cleanup@CURL_OPENSSL_4 7.63.0
++ curl_url_dup@CURL_OPENSSL_4 7.63.0
++ curl_url_get@CURL_OPENSSL_4 7.63.0
++ curl_url_set@CURL_OPENSSL_4 7.63.0
++ curl_url_strerror@CURL_OPENSSL_4 7.80.0
++ curl_version@CURL_OPENSSL_4 7.16.2
++ curl_version_info@CURL_OPENSSL_4 7.16.2
++ curl_ws_meta@CURL_OPENSSL_4 7.86.0
++ curl_ws_recv@CURL_OPENSSL_4 7.86.0
++ curl_ws_send@CURL_OPENSSL_4 7.86.0
--- /dev/null
--- /dev/null
++Description: Work around libtool --as-needed reordering bug
++Origin: vendor
++Bug-Debian: http://bugs.debian.org/347650
++Forwarded: not-needed
++Author: Alessandro Ghedini <ghedo@debian.org>
++Reviewed-by: Alessandro Ghedini <ghedo@debian.org>
++Last-Update: 2016-08-03
++
++Index: curl/ltmain.sh
++===================================================================
++--- curl.orig/ltmain.sh
+++++ curl/ltmain.sh
++@@ -7500,6 +7500,11 @@ func_mode_link ()
++ arg=$func_stripname_result
++ ;;
++
+++ -Wl,--as-needed|-Wl,--no-as-needed)
+++ deplibs="$arg $deplibs"
+++ continue
+++ ;;
+++
++ -Wl,*)
++ func_stripname '-Wl,' '' "$arg"
++ args=$func_stripname_result
++@@ -7899,6 +7904,15 @@ func_mode_link ()
++ lib=
++ found=false
++ case $deplib in
+++ -Wl,--as-needed|-Wl,--no-as-needed)
+++ if test "$linkmode,$pass" = "prog,link"; then
+++ compile_deplibs="$deplib $compile_deplibs"
+++ finalize_deplibs="$deplib $finalize_deplibs"
+++ else
+++ deplibs="$deplib $deplibs"
+++ fi
+++ continue
+++ ;;
++ -mt|-mthreads|-kthread|-Kthread|-pthread|-pthreads|--thread-safe \
++ |-threads|-fopenmp|-openmp|-mp|-xopenmp|-omp|-qsmp=*)
++ if test prog,link = "$linkmode,$pass"; then
--- /dev/null
--- /dev/null
++Description: Enable zsh completion generation
++Origin: vendor
++Forwarded: not-needed
++Author: Alessandro Ghedini <ghedo@debian.org>
++Reviewed-by: Alessandro Ghedini <ghedo@debian.org>
++Last-Update: 2016-08-03
++
++Index: curl/Makefile.am
++===================================================================
++--- curl.orig/Makefile.am
+++++ curl/Makefile.am
++@@ -157,8 +157,8 @@ CLEANFILES = $(VC10_LIBVCXPROJ) $(VC10_S
++
++ bin_SCRIPTS = curl-config
++
++-SUBDIRS = lib src
++-DIST_SUBDIRS = $(SUBDIRS) tests packages scripts include docs
+++SUBDIRS = lib src scripts
+++DIST_SUBDIRS = $(SUBDIRS) tests packages include docs
++
++ pkgconfigdir = $(libdir)/pkgconfig
++ pkgconfig_DATA = libcurl.pc
--- /dev/null
--- /dev/null
++Description: In order to (partially) multi-arch-ify curl-config, remove all
++ mention of @includedir@ and @libdir@ from the script. On Debian, the actual
++ header and library directories are architecture-dependent, but will always be
++ in the C compiler's default search path, so -I and -L options are not
++ necessary (and may be harmful in multi-arch environments.)
++Origin: vendor
++Bug-Debian: http://bugs.debian.org/731998
++Forwarded: not-needed
++Author: Benjamin Moody <benjamin.moody@gmail.com>
++Reviewed-by: Alessandro Ghedini <ghedo@debian.org>
++Last-Update: 2017-01-10
++
++Index: curl/curl-config.in
++===================================================================
++--- curl.orig/curl-config.in
+++++ curl/curl-config.in
++@@ -25,7 +25,6 @@
++
++ prefix="@prefix@"
++ exec_prefix=@exec_prefix@
++-includedir=@includedir@
++ cppflag_curl_staticlib=@CPPFLAG_CURL_STATICLIB@
++
++ usage()
++@@ -149,19 +148,11 @@ while test $# -gt 0; do
++ else
++ CPPFLAG_CURL_STATICLIB=""
++ fi
++- if test "X@includedir@" = "X/usr/include"; then
++- echo "$CPPFLAG_CURL_STATICLIB"
++- else
++- echo "${CPPFLAG_CURL_STATICLIB}-I@includedir@"
++- fi
+++ echo "$CPPFLAG_CURL_STATICLIB"
++ ;;
++
++ --libs)
++- if test "X@libdir@" != "X/usr/lib" -a "X@libdir@" != "X/usr/lib64"; then
++- CURLLIBDIR="-L@libdir@ "
++- else
++- CURLLIBDIR=""
++- fi
+++ CURLLIBDIR=""
++ if test "X@ENABLE_SHARED@" = "Xno"; then
++ echo ${CURLLIBDIR}-lcurl @LIBCURL_LIBS@
++ else
++@@ -174,7 +165,7 @@ while test $# -gt 0; do
++
++ --static-libs)
++ if test "X@ENABLE_STATIC@" != "Xno" ; then
++- echo "@libdir@/libcurl.@libext@" @LDFLAGS@ @LIBCURL_LIBS@
+++ echo -Wl,-Bstatic -lcurl -Wl,-Bdynamic @LDFLAGS@ @LIBCURL_LIBS@
++ else
++ echo "curl was built with static libraries disabled" >&2
++ exit 1
--- /dev/null
--- /dev/null
++Description: Build with GnuTLS.
++Origin: vendor
++Forwarded: not-needed
++Author: Ramakrishnan Muthukrishnan <vu3rdd@gmail.com>
++Reviewed-by: Alessandro Ghedini <ghedo@debian.org>
++Last-Update: 2018-05-23
++
++Index: curl/docs/examples/Makefile.am
++===================================================================
++--- curl.orig/docs/examples/Makefile.am
+++++ curl/docs/examples/Makefile.am
++@@ -51,9 +51,9 @@ LIBS = $(BLANK_AT_MAKETIME)
++
++ # Dependencies
++ if USE_EXPLICIT_LIB_DEPS
++-LDADD = $(LIBDIR)/libcurl.la @LIBCURL_LIBS@
+++LDADD = $(LIBDIR)/libcurl-gnutls.la @LIBCURL_LIBS@
++ else
++-LDADD = $(LIBDIR)/libcurl.la
+++LDADD = $(LIBDIR)/libcurl-gnutls.la
++ endif
++
++ # This might hold -Werror
++Index: curl/lib/Makefile.am
++===================================================================
++--- curl.orig/lib/Makefile.am
+++++ curl/lib/Makefile.am
++@@ -31,7 +31,7 @@ EXTRA_DIST = Makefile.mk config-win32.h
++ config-os400.h setup-os400.h $(CMAKE_DIST) setup-win32.h .checksrc \
++ Makefile.soname
++
++-lib_LTLIBRARIES = libcurl.la
+++lib_LTLIBRARIES = libcurl-gnutls.la
++
++ if BUILD_UNITTESTS
++ noinst_LTLIBRARIES = libcurlu.la
++@@ -67,55 +67,55 @@ AM_CFLAGS =
++ # Makefile.inc provides the CSOURCES and HHEADERS defines
++ include Makefile.inc
++
++-libcurl_la_SOURCES = $(CSOURCES) $(HHEADERS)
++-libcurlu_la_SOURCES = $(CSOURCES) $(HHEADERS)
+++libcurl_gnutls_la_SOURCES = $(CSOURCES) $(HHEADERS)
+++libcurlu_gnutls_la_SOURCES = $(CSOURCES) $(HHEADERS)
++
++-libcurl_la_CPPFLAGS_EXTRA =
++-libcurl_la_LDFLAGS_EXTRA =
++-libcurl_la_CFLAGS_EXTRA =
+++libcurl_gnutls_la_CPPFLAGS_EXTRA =
+++libcurl_gnutls_la_LDFLAGS_EXTRA =
+++libcurl_gnutls_la_CFLAGS_EXTRA =
++
++ if CURL_LT_SHLIB_USE_VERSION_INFO
++-libcurl_la_LDFLAGS_EXTRA += $(VERSIONINFO)
+++libcurl_gnutls_la_LDFLAGS_EXTRA += $(VERSIONINFO)
++ endif
++
++ if CURL_LT_SHLIB_USE_NO_UNDEFINED
++-libcurl_la_LDFLAGS_EXTRA += -no-undefined
+++libcurl_gnutls_la_LDFLAGS_EXTRA += -no-undefined
++ endif
++
++ if CURL_LT_SHLIB_USE_MIMPURE_TEXT
++-libcurl_la_LDFLAGS_EXTRA += -mimpure-text
+++libcurl_gnutls_la_LDFLAGS_EXTRA += -mimpure-text
++ endif
++
++ if CURL_LT_SHLIB_USE_VERSIONED_SYMBOLS
++-libcurl_la_LDFLAGS_EXTRA += -Wl,--version-script=libcurl.vers
+++libcurl_gnutls_la_LDFLAGS_EXTRA += -Wl,--version-script=libcurl.vers
++ else
++ # if symbol-hiding is enabled, hide them!
++ if DOING_CURL_SYMBOL_HIDING
++-libcurl_la_LDFLAGS_EXTRA += -export-symbols-regex '^curl_.*'
+++libcurl_gnutls_la_LDFLAGS_EXTRA += -export-symbols-regex '^curl_.*'
++ endif
++ endif
++
++ if USE_CPPFLAG_CURL_STATICLIB
++-libcurl_la_CPPFLAGS_EXTRA += -DCURL_STATICLIB
+++libcurl_gnutls_la_CPPFLAGS_EXTRA += -DCURL_STATICLIB
++ else
++ if HAVE_WINDRES
++-libcurl_la_SOURCES += $(LIB_RCFILES)
+++libcurl_gnutls_la_SOURCES += $(LIB_RCFILES)
++ $(LIB_RCFILES): $(top_srcdir)/include/curl/curlver.h
++ endif
++ endif
++
++ if DOING_CURL_SYMBOL_HIDING
++-libcurl_la_CPPFLAGS_EXTRA += -DCURL_HIDDEN_SYMBOLS
++-libcurl_la_CFLAGS_EXTRA += $(CFLAG_CURL_SYMBOL_HIDING)
+++libcurl_gnutls_la_CPPFLAGS_EXTRA += -DCURL_HIDDEN_SYMBOLS
+++libcurl_gnutls_la_CFLAGS_EXTRA += $(CFLAG_CURL_SYMBOL_HIDING)
++ endif
++
++-libcurl_la_CPPFLAGS = $(AM_CPPFLAGS) $(libcurl_la_CPPFLAGS_EXTRA)
++-libcurl_la_LDFLAGS = $(AM_LDFLAGS) $(libcurl_la_LDFLAGS_EXTRA) $(LDFLAGS) $(LIBCURL_LIBS)
++-libcurl_la_CFLAGS = $(AM_CFLAGS) $(libcurl_la_CFLAGS_EXTRA)
+++libcurl_gnutls_la_CPPFLAGS = $(AM_CPPFLAGS) $(libcurl_gnutls_la_CPPFLAGS_EXTRA)
+++libcurl_gnutls_la_LDFLAGS = $(AM_LDFLAGS) $(libcurl_gnutls_la_LDFLAGS_EXTRA) $(LDFLAGS) $(LIBCURL_LIBS)
+++libcurl_gnutls_la_CFLAGS = $(AM_CFLAGS) $(libcurl_gnutls_la_CFLAGS_EXTRA)
++
++-libcurlu_la_CPPFLAGS = $(AM_CPPFLAGS) -DCURL_STATICLIB -DUNITTESTS
++-libcurlu_la_LDFLAGS = $(AM_LDFLAGS) -static $(LIBCURL_LIBS)
++-libcurlu_la_CFLAGS = $(AM_CFLAGS)
+++libcurlu_gnutls_la_CPPFLAGS = $(AM_CPPFLAGS) -DCURL_STATICLIB -DUNITTESTS
+++libcurlu_gnutls_la_LDFLAGS = $(AM_LDFLAGS) -static $(LIBCURL_LIBS)
+++libcurlu_gnutls_la_CFLAGS = $(AM_CFLAGS)
++
++ CHECKSRC = $(CS_$(V))
++ CS_0 = @echo " RUN " $@;
++Index: curl/src/Makefile.am
++===================================================================
++--- curl.orig/src/Makefile.am
+++++ curl/src/Makefile.am
++@@ -67,9 +67,9 @@ CFLAGS += @CURL_CFLAG_EXTRAS@
++ LIBS = $(BLANK_AT_MAKETIME)
++
++ if USE_EXPLICIT_LIB_DEPS
++-curl_LDADD = $(top_builddir)/lib/libcurl.la @LIBCURL_LIBS@
+++curl_LDADD = $(top_builddir)/lib/libcurl-gnutls.la @LIBCURL_LIBS@
++ else
++-curl_LDADD = $(top_builddir)/lib/libcurl.la @NSS_LIBS@ @SSL_LIBS@ @ZLIB_LIBS@ @CURL_NETWORK_AND_TIME_LIBS@
+++curl_LDADD = $(top_builddir)/lib/libcurl-gnutls.la @NSS_LIBS@ @SSL_LIBS@ @ZLIB_LIBS@ @CURL_NETWORK_AND_TIME_LIBS@
++ endif
++
++ # if unit tests are enabled, build a static library to link them with
++Index: curl/tests/libtest/Makefile.am
++===================================================================
++--- curl.orig/tests/libtest/Makefile.am
+++++ curl/tests/libtest/Makefile.am
++@@ -49,11 +49,11 @@ CLEANFILES = lib1521.c
++ LIBS = $(BLANK_AT_MAKETIME)
++
++ if USE_EXPLICIT_LIB_DEPS
++-SUPPORTFILES_LIBS = $(top_builddir)/lib/libcurl.la @LIBCURL_LIBS@
++-TESTUTIL_LIBS = $(top_builddir)/lib/libcurl.la @LIBCURL_LIBS@
+++SUPPORTFILES_LIBS = $(top_builddir)/lib/libcurl-gnutls.la @LIBCURL_LIBS@
+++TESTUTIL_LIBS = $(top_builddir)/lib/libcurl-gnutls.la @LIBCURL_LIBS@
++ else
++-SUPPORTFILES_LIBS = $(top_builddir)/lib/libcurl.la @CURL_NETWORK_LIBS@ @NSS_LIBS@
++-TESTUTIL_LIBS = $(top_builddir)/lib/libcurl.la @CURL_NETWORK_AND_TIME_LIBS@ @NSS_LIBS@
+++SUPPORTFILES_LIBS = $(top_builddir)/lib/libcurl-gnutls.la @CURL_NETWORK_LIBS@ @NSS_LIBS@
+++TESTUTIL_LIBS = $(top_builddir)/lib/libcurl-gnutls.la @CURL_NETWORK_AND_TIME_LIBS@ @NSS_LIBS@
++ endif
++
++ # Dependencies (may need to be overridden)
++Index: curl/lib/libcurl.vers.in
++===================================================================
++--- curl.orig/lib/libcurl.vers.in
+++++ curl/lib/libcurl.vers.in
++@@ -6,7 +6,7 @@ HIDDEN
++ _save*;
++ };
++
++-CURL_@CURL_LT_SHLIB_VERSIONED_FLAVOUR@4
+++CURL_@CURL_LT_SHLIB_VERSIONED_FLAVOUR@3
++ {
++ global: curl_*;
++ local: *;
--- /dev/null
--- /dev/null
++Description: Build with NSS.
++Origin: vendor
++Forwarded: not-needed
++Author: Ramakrishnan Muthukrishnan <vu3rdd@gmail.com>
++Reviewed-by: Alessandro Ghedini <ghedo@debian.org>
++Last-Update: 2015-08-12
++
++Index: curl/docs/examples/Makefile.am
++===================================================================
++--- curl.orig/docs/examples/Makefile.am
+++++ curl/docs/examples/Makefile.am
++@@ -51,9 +51,9 @@ LIBS = $(BLANK_AT_MAKETIME)
++
++ # Dependencies
++ if USE_EXPLICIT_LIB_DEPS
++-LDADD = $(LIBDIR)/libcurl-gnutls.la @LIBCURL_LIBS@
+++LDADD = $(LIBDIR)/libcurl-nss.la @LIBCURL_LIBS@
++ else
++-LDADD = $(LIBDIR)/libcurl-gnutls.la
+++LDADD = $(LIBDIR)/libcurl-nss.la
++ endif
++
++ # This might hold -Werror
++Index: curl/lib/Makefile.am
++===================================================================
++--- curl.orig/lib/Makefile.am
+++++ curl/lib/Makefile.am
++@@ -31,7 +31,7 @@ EXTRA_DIST = Makefile.mk config-win32.h
++ config-os400.h setup-os400.h $(CMAKE_DIST) setup-win32.h .checksrc \
++ Makefile.soname
++
++-lib_LTLIBRARIES = libcurl-gnutls.la
+++lib_LTLIBRARIES = libcurl-nss.la
++
++ if BUILD_UNITTESTS
++ noinst_LTLIBRARIES = libcurlu.la
++@@ -67,55 +67,55 @@ AM_CFLAGS =
++ # Makefile.inc provides the CSOURCES and HHEADERS defines
++ include Makefile.inc
++
++-libcurl_gnutls_la_SOURCES = $(CSOURCES) $(HHEADERS)
++-libcurlu_gnutls_la_SOURCES = $(CSOURCES) $(HHEADERS)
+++libcurl_nss_la_SOURCES = $(CSOURCES) $(HHEADERS)
+++libcurlu_nss_la_SOURCES = $(CSOURCES) $(HHEADERS)
++
++-libcurl_gnutls_la_CPPFLAGS_EXTRA =
++-libcurl_gnutls_la_LDFLAGS_EXTRA =
++-libcurl_gnutls_la_CFLAGS_EXTRA =
+++libcurl_nss_la_CPPFLAGS_EXTRA =
+++libcurl_nss_la_LDFLAGS_EXTRA =
+++libcurl_nss_la_CFLAGS_EXTRA =
++
++ if CURL_LT_SHLIB_USE_VERSION_INFO
++-libcurl_gnutls_la_LDFLAGS_EXTRA += $(VERSIONINFO)
+++libcurl_nss_la_LDFLAGS_EXTRA += $(VERSIONINFO)
++ endif
++
++ if CURL_LT_SHLIB_USE_NO_UNDEFINED
++-libcurl_gnutls_la_LDFLAGS_EXTRA += -no-undefined
+++libcurl_nss_la_LDFLAGS_EXTRA += -no-undefined
++ endif
++
++ if CURL_LT_SHLIB_USE_MIMPURE_TEXT
++-libcurl_gnutls_la_LDFLAGS_EXTRA += -mimpure-text
+++libcurl_nss_la_LDFLAGS_EXTRA += -mimpure-text
++ endif
++
++ if CURL_LT_SHLIB_USE_VERSIONED_SYMBOLS
++-libcurl_gnutls_la_LDFLAGS_EXTRA += -Wl,--version-script=libcurl.vers
+++libcurl_nss_la_LDFLAGS_EXTRA += -Wl,--version-script=libcurl.vers
++ else
++ # if symbol-hiding is enabled, hide them!
++ if DOING_CURL_SYMBOL_HIDING
++-libcurl_gnutls_la_LDFLAGS_EXTRA += -export-symbols-regex '^curl_.*'
+++libcurl_nss_la_LDFLAGS_EXTRA += -export-symbols-regex '^curl_.*'
++ endif
++ endif
++
++ if USE_CPPFLAG_CURL_STATICLIB
++-libcurl_gnutls_la_CPPFLAGS_EXTRA += -DCURL_STATICLIB
+++libcurl_nss_la_CPPFLAGS_EXTRA += -DCURL_STATICLIB
++ else
++ if HAVE_WINDRES
++-libcurl_gnutls_la_SOURCES += $(LIB_RCFILES)
+++libcurl_nss_la_SOURCES += $(LIB_RCFILES)
++ $(LIB_RCFILES): $(top_srcdir)/include/curl/curlver.h
++ endif
++ endif
++
++ if DOING_CURL_SYMBOL_HIDING
++-libcurl_gnutls_la_CPPFLAGS_EXTRA += -DCURL_HIDDEN_SYMBOLS
++-libcurl_gnutls_la_CFLAGS_EXTRA += $(CFLAG_CURL_SYMBOL_HIDING)
+++libcurl_nss_la_CPPFLAGS_EXTRA += -DCURL_HIDDEN_SYMBOLS
+++libcurl_nss_la_CFLAGS_EXTRA += $(CFLAG_CURL_SYMBOL_HIDING)
++ endif
++
++-libcurl_gnutls_la_CPPFLAGS = $(AM_CPPFLAGS) $(libcurl_gnutls_la_CPPFLAGS_EXTRA)
++-libcurl_gnutls_la_LDFLAGS = $(AM_LDFLAGS) $(libcurl_gnutls_la_LDFLAGS_EXTRA) $(LDFLAGS) $(LIBCURL_LIBS)
++-libcurl_gnutls_la_CFLAGS = $(AM_CFLAGS) $(libcurl_gnutls_la_CFLAGS_EXTRA)
+++libcurl_nss_la_CPPFLAGS = $(AM_CPPFLAGS) $(libcurl_nss_la_CPPFLAGS_EXTRA)
+++libcurl_nss_la_LDFLAGS = $(AM_LDFLAGS) $(libcurl_nss_la_LDFLAGS_EXTRA) $(LDFLAGS) $(LIBCURL_LIBS)
+++libcurl_nss_la_CFLAGS = $(AM_CFLAGS) $(libcurl_nss_la_CFLAGS_EXTRA)
++
++-libcurlu_gnutls_la_CPPFLAGS = $(AM_CPPFLAGS) -DCURL_STATICLIB -DUNITTESTS
++-libcurlu_gnutls_la_LDFLAGS = $(AM_LDFLAGS) -static $(LIBCURL_LIBS)
++-libcurlu_gnutls_la_CFLAGS = $(AM_CFLAGS)
+++libcurlu_nss_la_CPPFLAGS = $(AM_CPPFLAGS) -DCURL_STATICLIB -DUNITTESTS
+++libcurlu_nss_la_LDFLAGS = $(AM_LDFLAGS) -static $(LIBCURL_LIBS)
+++libcurlu_nss_la_CFLAGS = $(AM_CFLAGS)
++
++ CHECKSRC = $(CS_$(V))
++ CS_0 = @echo " RUN " $@;
++Index: curl/src/Makefile.am
++===================================================================
++--- curl.orig/src/Makefile.am
+++++ curl/src/Makefile.am
++@@ -67,9 +67,9 @@ CFLAGS += @CURL_CFLAG_EXTRAS@
++ LIBS = $(BLANK_AT_MAKETIME)
++
++ if USE_EXPLICIT_LIB_DEPS
++-curl_LDADD = $(top_builddir)/lib/libcurl-gnutls.la @LIBCURL_LIBS@
+++curl_LDADD = $(top_builddir)/lib/libcurl-nss.la @LIBCURL_LIBS@
++ else
++-curl_LDADD = $(top_builddir)/lib/libcurl-gnutls.la @NSS_LIBS@ @SSL_LIBS@ @ZLIB_LIBS@ @CURL_NETWORK_AND_TIME_LIBS@
+++curl_LDADD = $(top_builddir)/lib/libcurl-nss.la @NSS_LIBS@ @SSL_LIBS@ @ZLIB_LIBS@ @CURL_NETWORK_AND_TIME_LIBS@
++ endif
++
++ # if unit tests are enabled, build a static library to link them with
++Index: curl/tests/libtest/Makefile.am
++===================================================================
++--- curl.orig/tests/libtest/Makefile.am
+++++ curl/tests/libtest/Makefile.am
++@@ -49,11 +49,11 @@ CLEANFILES = lib1521.c
++ LIBS = $(BLANK_AT_MAKETIME)
++
++ if USE_EXPLICIT_LIB_DEPS
++-SUPPORTFILES_LIBS = $(top_builddir)/lib/libcurl-gnutls.la @LIBCURL_LIBS@
++-TESTUTIL_LIBS = $(top_builddir)/lib/libcurl-gnutls.la @LIBCURL_LIBS@
+++SUPPORTFILES_LIBS = $(top_builddir)/lib/libcurl-nss.la @LIBCURL_LIBS@
+++TESTUTIL_LIBS = $(top_builddir)/lib/libcurl-nss.la @LIBCURL_LIBS@
++ else
++-SUPPORTFILES_LIBS = $(top_builddir)/lib/libcurl-gnutls.la @CURL_NETWORK_LIBS@ @NSS_LIBS@
++-TESTUTIL_LIBS = $(top_builddir)/lib/libcurl-gnutls.la @CURL_NETWORK_AND_TIME_LIBS@ @NSS_LIBS@
+++SUPPORTFILES_LIBS = $(top_builddir)/lib/libcurl-nss.la @CURL_NETWORK_LIBS@ @NSS_LIBS@
+++TESTUTIL_LIBS = $(top_builddir)/lib/libcurl-nss.la @CURL_NETWORK_AND_TIME_LIBS@ @NSS_LIBS@
++ endif
++
++ # Dependencies (may need to be overridden)
--- /dev/null
--- /dev/null
++From 538b1e79a6e7b0bb829ab4cecc828d32105d0684 Mon Sep 17 00:00:00 2001
++From: Daniel Stenberg <daniel@haxx.se>
++Date: Mon, 6 Mar 2023 12:07:33 +0100
++Subject: [PATCH] telnet: only accept option arguments in ascii
++
++To avoid embedded telnet negotiation commands etc.
++
++Reported-by: Harry Sintonen
++Closes #10728
++
++Backported to Debian by Samuel Henrique <samueloph@debian.org>
++---
++ lib/telnet.c | 15 +++++++++++++++
++ 1 file changed, 15 insertions(+)
++
++Index: curl/lib/telnet.c
++===================================================================
++--- curl.orig/lib/telnet.c
+++++ curl/lib/telnet.c
++@@ -770,6 +770,17 @@ static void printsub(struct Curl_easy *d
++ }
++ }
++
+++static bool str_is_nonascii(const char *str)
+++{
+++ size_t len = strlen(str);
+++ while(len--) {
+++ if(*str & 0x80)
+++ return TRUE;
+++ str++;
+++ }
+++ return FALSE;
+++}
+++
++ static CURLcode check_telnet_options(struct Curl_easy *data)
++ {
++ struct curl_slist *head;
++@@ -784,6 +795,8 @@ static CURLcode check_telnet_options(str
++ /* Add the user name as an environment variable if it
++ was given on the command line */
++ if(data->state.aptr.user) {
+++ if(str_is_nonascii(data->conn->user))
+++ return CURLE_BAD_FUNCTION_ARGUMENT;
++ msnprintf(option_arg, sizeof(option_arg), "USER,%s", conn->user);
++ beg = curl_slist_append(tn->telnet_vars, option_arg);
++ if(!beg) {
++@@ -798,7 +811,8 @@ static CURLcode check_telnet_options(str
++ for(head = data->set.telnet_options; head; head = head->next) {
++ if(sscanf(head->data, "%127[^= ]%*[ =]%255s",
++ option_keyword, option_arg) == 2) {
++-
+++ if(str_is_nonascii(option_arg))
+++ continue;
++ /* Terminal type */
++ if(strcasecompare(option_keyword, "TTYPE")) {
++ strncpy(tn->subopt_ttype, option_arg, 31);
--- /dev/null
--- /dev/null
++From 4e2b52b5f7a3bf50a0f1494155717b02cc1df6d6 Mon Sep 17 00:00:00 2001
++From: Daniel Stenberg <daniel@haxx.se>
++Date: Thu, 9 Mar 2023 16:22:11 +0100
++Subject: [PATCH] curl_path: create the new path with dynbuf
++
++Closes #10729
++---
++ lib/curl_path.c | 75 +++++++++++++++++++++++--------------------------
++ 1 file changed, 35 insertions(+), 40 deletions(-)
++
++diff --git a/lib/curl_path.c b/lib/curl_path.c
++index 2df8687a557ba..977e5336f552c 100644
++--- a/lib/curl_path.c
+++++ b/lib/curl_path.c
++@@ -32,70 +32,65 @@
++ #include "escape.h"
++ #include "memdebug.h"
++
+++#define MAX_SSHPATH_LEN 100000 /* arbitrary */
+++
++ /* figure out the path to work with in this particular request */
++ CURLcode Curl_getworkingpath(struct Curl_easy *data,
++ char *homedir, /* when SFTP is used */
++ char **path) /* returns the allocated
++ real path to work with */
++ {
++- char *real_path = NULL;
++ char *working_path;
++ size_t working_path_len;
+++ struct dynbuf npath;
++ CURLcode result =
++ Curl_urldecode(data->state.up.path, 0, &working_path,
++ &working_path_len, REJECT_ZERO);
++ if(result)
++ return result;
++
+++ /* new path to switch to in case we need to */
+++ Curl_dyn_init(&npath, MAX_SSHPATH_LEN);
+++
++ /* Check for /~/, indicating relative to the user's home directory */
++- if(data->conn->handler->protocol & CURLPROTO_SCP) {
++- real_path = malloc(working_path_len + 1);
++- if(!real_path) {
+++ if((data->conn->handler->protocol & CURLPROTO_SCP) &&
+++ (working_path_len > 3) && (!memcmp(working_path, "/~/", 3))) {
+++ /* It is referenced to the home directory, so strip the leading '/~/' */
+++ if(Curl_dyn_addn(&npath, &working_path[3], working_path_len - 3)) {
++ free(working_path);
++ return CURLE_OUT_OF_MEMORY;
++ }
++- if((working_path_len > 3) && (!memcmp(working_path, "/~/", 3)))
++- /* It is referenced to the home directory, so strip the leading '/~/' */
++- memcpy(real_path, working_path + 3, working_path_len - 2);
++- else
++- memcpy(real_path, working_path, 1 + working_path_len);
++ }
++- else if(data->conn->handler->protocol & CURLPROTO_SFTP) {
++- if((working_path_len > 1) && (working_path[1] == '~')) {
++- size_t homelen = strlen(homedir);
++- real_path = malloc(homelen + working_path_len + 1);
++- if(!real_path) {
++- free(working_path);
++- return CURLE_OUT_OF_MEMORY;
++- }
++- /* It is referenced to the home directory, so strip the
++- leading '/' */
++- memcpy(real_path, homedir, homelen);
++- /* Only add a trailing '/' if homedir does not end with one */
++- if(homelen == 0 || real_path[homelen - 1] != '/') {
++- real_path[homelen] = '/';
++- homelen++;
++- real_path[homelen] = '\0';
++- }
++- if(working_path_len > 3) {
++- memcpy(real_path + homelen, working_path + 3,
++- 1 + working_path_len -3);
++- }
+++ else if((data->conn->handler->protocol & CURLPROTO_SFTP) &&
+++ (working_path_len > 2) && !memcmp(working_path, "/~/", 3)) {
+++ size_t len;
+++ const char *p;
+++ int copyfrom = 3;
+++ if(Curl_dyn_add(&npath, homedir)) {
+++ free(working_path);
+++ return CURLE_OUT_OF_MEMORY;
++ }
++- else {
++- real_path = malloc(working_path_len + 1);
++- if(!real_path) {
++- free(working_path);
++- return CURLE_OUT_OF_MEMORY;
++- }
++- memcpy(real_path, working_path, 1 + working_path_len);
+++ /* Copy a separating '/' if homedir does not end with one */
+++ len = Curl_dyn_len(&npath);
+++ p = Curl_dyn_ptr(&npath);
+++ if(len && (p[len-1] != '/'))
+++ copyfrom = 2;
+++
+++ if(Curl_dyn_addn(&npath,
+++ &working_path[copyfrom], working_path_len - copyfrom)) {
+++ free(working_path);
+++ return CURLE_OUT_OF_MEMORY;
++ }
++ }
++
++- free(working_path);
+++ if(Curl_dyn_len(&npath)) {
+++ free(working_path);
++
++- /* store the pointer for the caller to receive */
++- *path = real_path;
+++ /* store the pointer for the caller to receive */
+++ *path = Curl_dyn_ptr(&npath);
+++ }
+++ else
+++ *path = working_path;
++
++ return CURLE_OK;
++ }
--- /dev/null
--- /dev/null
++From 8f4608468b890dce2dad9f91d5607ee7e9c1aba1 Mon Sep 17 00:00:00 2001
++From: Daniel Stenberg <daniel@haxx.se>
++Date: Thu, 9 Mar 2023 17:47:06 +0100
++Subject: [PATCH] ftp: add more conditions for connection reuse
++
++Reported-by: Harry Sintonen
++Closes #10730
++---
++ lib/ftp.c | 28 ++++++++++++++++++++++++++--
++ lib/ftp.h | 5 +++++
++ lib/setopt.c | 2 +-
++ lib/url.c | 17 +++++++++++++++--
++ lib/urldata.h | 4 ++--
++ 5 files changed, 49 insertions(+), 7 deletions(-)
++
++Index: curl/lib/ftp.c
++===================================================================
++--- curl.orig/lib/ftp.c
+++++ curl/lib/ftp.c
++@@ -4052,6 +4052,8 @@ static CURLcode ftp_disconnect(struct Cu
++ }
++
++ freedirs(ftpc);
+++ Curl_safefree(ftpc->account);
+++ Curl_safefree(ftpc->alternative_to_user);
++ Curl_safefree(ftpc->prevpath);
++ Curl_safefree(ftpc->server_os);
++ Curl_pp_disconnect(pp);
++@@ -4321,11 +4323,31 @@ static CURLcode ftp_setup_connection(str
++ char *type;
++ struct FTP *ftp;
++ CURLcode result = CURLE_OK;
+++ struct ftp_conn *ftpc = &conn->proto.ftpc;
++
++- data->req.p.ftp = ftp = calloc(sizeof(struct FTP), 1);
+++ ftp = calloc(sizeof(struct FTP), 1);
++ if(!ftp)
++ return CURLE_OUT_OF_MEMORY;
++
+++ /* clone connection related data that is FTP specific */
+++ if(data->set.str[STRING_FTP_ACCOUNT]) {
+++ ftpc->account = strdup(data->set.str[STRING_FTP_ACCOUNT]);
+++ if(!ftpc->account) {
+++ free(ftp);
+++ return CURLE_OUT_OF_MEMORY;
+++ }
+++ }
+++ if(data->set.str[STRING_FTP_ALTERNATIVE_TO_USER]) {
+++ ftpc->alternative_to_user =
+++ strdup(data->set.str[STRING_FTP_ALTERNATIVE_TO_USER]);
+++ if(!ftpc->alternative_to_user) {
+++ Curl_safefree(ftpc->account);
+++ free(ftp);
+++ return CURLE_OUT_OF_MEMORY;
+++ }
+++ }
+++ data->req.p.ftp = ftp;
+++
++ ftp->path = &data->state.up.path[1]; /* don't include the initial slash */
++
++ /* FTP URLs support an extension like ";type=<typecode>" that
++@@ -4360,7 +4382,9 @@ static CURLcode ftp_setup_connection(str
++ /* get some initial data into the ftp struct */
++ ftp->transfer = PPTRANSFER_BODY;
++ ftp->downloadsize = 0;
++- conn->proto.ftpc.known_filesize = -1; /* unknown size for now */
+++ ftpc->known_filesize = -1; /* unknown size for now */
+++ ftpc->use_ssl = data->set.use_ssl;
+++ ftpc->ccc = data->set.ftp_ccc;
++
++ return result;
++ }
++Index: curl/lib/ftp.h
++===================================================================
++--- curl.orig/lib/ftp.h
+++++ curl/lib/ftp.h
++@@ -120,6 +120,8 @@ struct FTP {
++ struct */
++ struct ftp_conn {
++ struct pingpong pp;
+++ char *account;
+++ char *alternative_to_user;
++ char *entrypath; /* the PWD reply when we logged on */
++ char *file; /* url-decoded file name (or path) */
++ char **dirs; /* realloc()ed array for path components */
++@@ -143,6 +145,9 @@ struct ftp_conn {
++ ftpstate state; /* always use ftp.c:state() to change state! */
++ ftpstate state_saved; /* transfer type saved to be reloaded after data
++ connection is established */
+++ unsigned char use_ssl; /* if AUTH TLS is to be attempted etc, for FTP or
+++ IMAP or POP3 or others! (type: curl_usessl)*/
+++ unsigned char ccc; /* ccc level for this connection */
++ BIT(ftp_trying_alternative);
++ BIT(dont_check); /* Set to TRUE to prevent the final (post-transfer)
++ file size and 226/250 status check. It should still
++Index: curl/lib/setopt.c
++===================================================================
++--- curl.orig/lib/setopt.c
+++++ curl/lib/setopt.c
++@@ -2369,7 +2369,7 @@ CURLcode Curl_vsetopt(struct Curl_easy *
++ arg = va_arg(param, long);
++ if((arg < CURLUSESSL_NONE) || (arg >= CURLUSESSL_LAST))
++ return CURLE_BAD_FUNCTION_ARGUMENT;
++- data->set.use_ssl = (curl_usessl)arg;
+++ data->set.use_ssl = (unsigned char)arg;
++ break;
++
++ case CURLOPT_SSL_OPTIONS:
++Index: curl/lib/url.c
++===================================================================
++--- curl.orig/lib/url.c
+++++ curl/lib/url.c
++@@ -1299,11 +1299,24 @@ ConnectionExists(struct Curl_easy *data,
++ || ((check->httpversion >= 30) &&
++ (data->state.httpwant < CURL_HTTP_VERSION_3))))
++ continue;
++-
++- if(get_protocol_family(needle->handler) & PROTO_FAMILY_SSH) {
+++#ifdef USE_SSH
+++ else if(get_protocol_family(needle->handler) & PROTO_FAMILY_SSH) {
++ if(!ssh_config_matches(needle, check))
++ continue;
++ }
+++#endif
+++#ifndef CURL_DISABLE_FTP
+++ else if(get_protocol_family(needle->handler) & PROTO_FAMILY_FTP) {
+++ /* Also match ACCOUNT, ALTERNATIVE-TO-USER, USE_SSL and CCC options */
+++ if(Curl_timestrcmp(needle->proto.ftpc.account,
+++ check->proto.ftpc.account) ||
+++ Curl_timestrcmp(needle->proto.ftpc.alternative_to_user,
+++ check->proto.ftpc.alternative_to_user) ||
+++ (needle->proto.ftpc.use_ssl != check->proto.ftpc.use_ssl) ||
+++ (needle->proto.ftpc.ccc != check->proto.ftpc.ccc))
+++ continue;
+++ }
+++#endif
++
++ if((needle->handler->flags&PROTOPT_SSL)
++ #ifndef CURL_DISABLE_PROXY
++Index: curl/lib/urldata.h
++===================================================================
++--- curl.orig/lib/urldata.h
+++++ curl/lib/urldata.h
++@@ -1713,8 +1713,6 @@ struct UserDefined {
++ #ifndef CURL_DISABLE_NETRC
++ unsigned char use_netrc; /* enum CURL_NETRC_OPTION values */
++ #endif
++- curl_usessl use_ssl; /* if AUTH TLS is to be attempted etc, for FTP or
++- IMAP or POP3 or others! */
++ unsigned int new_file_perms; /* when creating remote files */
++ char *str[STRING_LAST]; /* array of strings, pointing to allocated memory */
++ struct curl_blob *blobs[BLOB_LAST];
++@@ -1773,6 +1771,8 @@ struct UserDefined {
++ BIT(mail_rcpt_allowfails); /* allow RCPT TO command to fail for some
++ recipients */
++ #endif
+++ unsigned char use_ssl; /* if AUTH TLS is to be attempted etc, for FTP or
+++ IMAP or POP3 or others! (type: curl_usessl)*/
++ unsigned char connect_only; /* make connection/request, then let
++ application use the socket */
++ BIT(is_fread_set); /* has read callback been set to non-NULL? */
--- /dev/null
--- /dev/null
++From cb49e67303dbafbab1cebf4086e3ec15b7d56ee5 Mon Sep 17 00:00:00 2001
++From: Daniel Stenberg <daniel@haxx.se>
++Date: Fri, 10 Mar 2023 09:22:43 +0100
++Subject: [PATCH] url: only reuse connections with same GSS delegation
++
++Reported-by: Harry Sintonen
++Closes #10731
++---
++ lib/url.c | 6 ++++++
++ lib/urldata.h | 1 +
++ 2 files changed, 7 insertions(+)
++
++Index: curl/lib/url.c
++===================================================================
++--- curl.orig/lib/url.c
+++++ curl/lib/url.c
++@@ -1291,6 +1291,11 @@ ConnectionExists(struct Curl_easy *data,
++ }
++ }
++
+++ /* GSS delegation differences do not actually affect every connection
+++ and auth method, but this check takes precaution before efficiency */
+++ if(needle->gssapi_delegation != check->gssapi_delegation)
+++ continue;
+++
++ /* If multiplexing isn't enabled on the h2 connection and h1 is
++ explicitly requested, handle it: */
++ if((needle->handler->protocol & PROTO_FAMILY_HTTP) &&
++@@ -1602,6 +1607,7 @@ static struct connectdata *allocate_conn
++ conn->fclosesocket = data->set.fclosesocket;
++ conn->closesocket_client = data->set.closesocket_client;
++ conn->lastused = Curl_now(); /* used now */
+++ conn->gssapi_delegation = data->set.gssapi_delegation;
++
++ return conn;
++ error:
++Index: curl/lib/urldata.h
++===================================================================
++--- curl.orig/lib/urldata.h
+++++ curl/lib/urldata.h
++@@ -1057,6 +1057,7 @@ struct connectdata {
++ unsigned char ip_version; /* copied from the Curl_easy at creation time */
++ unsigned char httpversion; /* the HTTP version*10 reported by the server */
++ unsigned char connect_only;
+++ unsigned char gssapi_delegation; /* inherited from set.gssapi_delegation */
++ };
++
++ /* The end of connectdata. */
--- /dev/null
--- /dev/null
++From dca4cdf071be095bcdc7126eaa77a8946ea4790b Mon Sep 17 00:00:00 2001
++From: Daniel Stenberg <daniel@haxx.se>
++Date: Thu, 9 Mar 2023 18:01:34 +0100
++Subject: [PATCH] CURLSHOPT_SHARE.3: HSTS sharing is not thread-safe
++
++Reported-by: Hiroki Kurosawa
++Closes #10732
++---
++ docs/libcurl/opts/CURLSHOPT_SHARE.3 | 5 +++--
++ 1 file changed, 3 insertions(+), 2 deletions(-)
++
++Index: curl/docs/libcurl/opts/CURLSHOPT_SHARE.3
++===================================================================
++--- curl.orig/docs/libcurl/opts/CURLSHOPT_SHARE.3
+++++ curl/docs/libcurl/opts/CURLSHOPT_SHARE.3
++@@ -57,8 +57,7 @@ implemented until 7.23.0.
++ Put the connection cache in the share object and make all easy handles using
++ this share object share the connection cache.
++
++-Note that due to a known bug, it is not safe to share connections this way
++-between multiple concurrent threads.
+++It is not supported to share connections between multiple concurrent threads.
++
++ Connections that are used for HTTP/1.1 Pipelining or HTTP/2 multiplexing only
++ get additional transfers added to them if the existing connection is held by
++@@ -82,6 +81,8 @@ multi handle will share PSL cache by def
++ .IP CURL_LOCK_DATA_HSTS
++ The in-memory HSTS cache.
++
+++It is not supported to share the HSTS between multiple concurrent threads.
+++
++ Added in 7.88.0
++ .SH PROTOCOLS
++ All
--- /dev/null
--- /dev/null
++From af369db4d3833272b8ed443f7fcc2e757a0872eb Mon Sep 17 00:00:00 2001
++From: Daniel Stenberg <daniel@haxx.se>
++Date: Fri, 10 Mar 2023 08:22:51 +0100
++Subject: [PATCH] url: fix the SSH connection reuse check
++
++Reported-by: Harry Sintonen
++Closes #10735
++---
++ lib/url.c | 2 +-
++ 1 file changed, 1 insertion(+), 1 deletion(-)
++
++Index: curl/lib/url.c
++===================================================================
++--- curl.orig/lib/url.c
+++++ curl/lib/url.c
++@@ -1300,7 +1300,7 @@ ConnectionExists(struct Curl_easy *data,
++ (data->state.httpwant < CURL_HTTP_VERSION_3))))
++ continue;
++
++- if(get_protocol_family(needle->handler) == PROTO_FAMILY_SSH) {
+++ if(get_protocol_family(needle->handler) & PROTO_FAMILY_SSH) {
++ if(!ssh_config_matches(needle, check))
++ continue;
++ }
--- /dev/null
--- /dev/null
++From 8e21b1a05f3c0ee098dbcb6c3d84cb61f102a122 Mon Sep 17 00:00:00 2001
++From: Daniel Stenberg <daniel@haxx.se>
++Date: Mon, 8 May 2023 14:33:54 +0200
++Subject: [PATCH] libssh2: free fingerprint better
++
++Reported-by: Wei Chong Tan
++Closes #11088
++---
++ lib/vssh/libssh2.c | 3 +--
++ 1 file changed, 1 insertion(+), 2 deletions(-)
++
++Index: curl/lib/vssh/libssh2.c
++===================================================================
++--- curl.orig/lib/vssh/libssh2.c
+++++ curl/lib/vssh/libssh2.c
++@@ -723,11 +723,10 @@ static CURLcode ssh_check_fingerprint(st
++ */
++ if((pub_pos != b64_pos) ||
++ strncmp(fingerprint_b64, pubkey_sha256, pub_pos)) {
++- free(fingerprint_b64);
++-
++ failf(data,
++ "Denied establishing ssh session: mismatch sha256 fingerprint. "
++ "Remote %s is not equal to %s", fingerprint_b64, pubkey_sha256);
+++ free(fingerprint_b64);
++ state(data, SSH_SESSION_FREE);
++ sshc->actualcode = CURLE_PEER_FAILED_VERIFICATION;
++ return sshc->actualcode;
--- /dev/null
--- /dev/null
++From f446258f0269a62289cca0210157cb8558d0edc3 Mon Sep 17 00:00:00 2001
++From: Daniel Stenberg <daniel@haxx.se>
++Date: Tue, 16 May 2023 23:40:42 +0200
++Subject: [PATCH] hostip: include easy_lock.h before using
++ GLOBAL_INIT_IS_THREADSAFE
++
++Since that header file is the only place that define can be defined.
++
++Reported-by: Marc Deslauriers
++
++Follow-up to 13718030ad4b3209
++
++Closes #11121
++---
++ lib/hostip.c | 10 ++++------
++ lib/hostip.h | 9 ---------
++ 2 files changed, 4 insertions(+), 15 deletions(-)
++
++Index: curl/lib/hostip.c
++===================================================================
++--- curl.orig/lib/hostip.c
+++++ curl/lib/hostip.c
++@@ -70,6 +70,8 @@
++ #include <SystemConfiguration/SCDynamicStoreCopySpecific.h>
++ #endif
++
+++#include "easy_lock.h"
+++
++ #if defined(CURLRES_SYNCH) && \
++ defined(HAVE_ALARM) && \
++ defined(SIGALRM) && \
++@@ -79,10 +81,6 @@
++ #define USE_ALARM_TIMEOUT
++ #endif
++
++-#ifdef USE_ALARM_TIMEOUT
++-#include "easy_lock.h"
++-#endif
++-
++ #define MAX_HOSTCACHE_LEN (255 + 7) /* max FQDN + colon + port number + zero */
++
++ /*
++@@ -258,8 +256,8 @@ void Curl_hostcache_prune(struct Curl_ea
++ /* Beware this is a global and unique instance. This is used to store the
++ return address that we can jump back to from inside a signal handler. This
++ is not thread-safe stuff. */
++-sigjmp_buf curl_jmpenv;
++-curl_simple_lock curl_jmpenv_lock;
+++static sigjmp_buf curl_jmpenv;
+++static curl_simple_lock curl_jmpenv_lock;
++ #endif
++
++ /* lookup address, returns entry if found and not stale */
++Index: curl/lib/hostip.h
++===================================================================
++--- curl.orig/lib/hostip.h
+++++ curl/lib/hostip.h
++@@ -186,15 +186,6 @@ Curl_cache_addr(struct Curl_easy *data,
++ #define CURL_INADDR_NONE INADDR_NONE
++ #endif
++
++-#ifdef HAVE_SIGSETJMP
++-/* Forward-declaration of variable defined in hostip.c. Beware this
++- * is a global and unique instance. This is used to store the return
++- * address that we can jump back to from inside a signal handler.
++- * This is not thread-safe stuff.
++- */
++-extern sigjmp_buf curl_jmpenv;
++-#endif
++-
++ /*
++ * Function provided by the resolver backend to set DNS servers to use.
++ */
--- /dev/null
--- /dev/null
++From 13718030ad4b3209a7583b4f27f683cd3a6fa5f2 Mon Sep 17 00:00:00 2001
++From: Harry Sintonen <sintonen@iki.fi>
++Date: Tue, 25 Apr 2023 09:22:26 +0200
++Subject: [PATCH] hostip: add locks around use of global buffer for alarm()
++
++When building with the sync name resolver and timeout ability we now
++require thread-safety to be present to enable it.
++
++Closes #11030
++---
++ lib/hostip.c | 19 +++++++++++++++----
++ 1 file changed, 15 insertions(+), 4 deletions(-)
++
++Index: curl/lib/hostip.c
++===================================================================
++--- curl.orig/lib/hostip.c
+++++ curl/lib/hostip.c
++@@ -70,12 +70,19 @@
++ #include <SystemConfiguration/SCDynamicStoreCopySpecific.h>
++ #endif
++
++-#if defined(CURLRES_SYNCH) && \
++- defined(HAVE_ALARM) && defined(SIGALRM) && defined(HAVE_SIGSETJMP)
+++#if defined(CURLRES_SYNCH) && \
+++ defined(HAVE_ALARM) && \
+++ defined(SIGALRM) && \
+++ defined(HAVE_SIGSETJMP) && \
+++ defined(GLOBAL_INIT_IS_THREADSAFE)
++ /* alarm-based timeouts can only be used with all the dependencies satisfied */
++ #define USE_ALARM_TIMEOUT
++ #endif
++
+++#ifdef USE_ALARM_TIMEOUT
+++#include "easy_lock.h"
+++#endif
+++
++ #define MAX_HOSTCACHE_LEN (255 + 7) /* max FQDN + colon + port number + zero */
++
++ /*
++@@ -247,11 +254,12 @@ void Curl_hostcache_prune(struct Curl_ea
++ Curl_share_unlock(data, CURL_LOCK_DATA_DNS);
++ }
++
++-#ifdef HAVE_SIGSETJMP
+++#ifdef USE_ALARM_TIMEOUT
++ /* Beware this is a global and unique instance. This is used to store the
++ return address that we can jump back to from inside a signal handler. This
++ is not thread-safe stuff. */
++ sigjmp_buf curl_jmpenv;
+++curl_simple_lock curl_jmpenv_lock;
++ #endif
++
++ /* lookup address, returns entry if found and not stale */
++@@ -818,7 +826,6 @@ enum resolve_t Curl_resolv(struct Curl_e
++ static
++ void alarmfunc(int sig)
++ {
++- /* this is for "-ansi -Wall -pedantic" to stop complaining! (rabe) */
++ (void)sig;
++ siglongjmp(curl_jmpenv, 1);
++ }
++@@ -898,6 +905,8 @@ enum resolve_t Curl_resolv_timeout(struc
++ This should be the last thing we do before calling Curl_resolv(),
++ as otherwise we'd have to worry about variables that get modified
++ before we invoke Curl_resolv() (and thus use "volatile"). */
+++ curl_simple_lock_lock(&curl_jmpenv_lock);
+++
++ if(sigsetjmp(curl_jmpenv, 1)) {
++ /* this is coming from a siglongjmp() after an alarm signal */
++ failf(data, "name lookup timed out");
++@@ -966,6 +975,8 @@ clean_up:
++ #endif
++ #endif /* HAVE_SIGACTION */
++
+++ curl_simple_lock_unlock(&curl_jmpenv_lock);
+++
++ /* switch back the alarm() to either zero or to what it was before minus
++ the time we spent until now! */
++ if(prev_alarm) {
--- /dev/null
--- /dev/null
++From 199f2d440d8659b42670c1b796220792b01a97bf Mon Sep 17 00:00:00 2001
++From: Daniel Stenberg <daniel@haxx.se>
++Date: Mon, 24 Apr 2023 21:07:02 +0200
++Subject: [PATCH] hostcheck: fix host name wildcard checking
++
++The leftmost "label" of the host name can now only match against single
++'*'. Like the browsers have worked for a long time.
++
++- extended unit test 1397 for this
++- move some SOURCE variables from unit/Makefile.am to unit/Makefile.inc
++
++Reported-by: Hiroki Kurosawa
++Closes #11018
++
++Backported to Debian by Samuel Henrique <samueloph@debian.org>
++---
++ lib/vtls/hostcheck.c | 50 +++++++--------
++ tests/data/test1397 | 10 ++-
++ tests/unit/Makefile.am | 94 ----------------------------
++ tests/unit/Makefile.inc | 94 ++++++++++++++++++++++++++++
++ tests/unit/unit1397.c | 134 ++++++++++++++++++++++++----------------
++ 5 files changed, 202 insertions(+), 180 deletions(-)
++
++Index: curl/lib/vtls/hostcheck.c
++===================================================================
++--- curl.orig/lib/vtls/hostcheck.c
+++++ curl/lib/vtls/hostcheck.c
++@@ -71,7 +71,12 @@ static bool pmatch(const char *hostname,
++ * apparent distinction between a name and an IP. We need to detect the use of
++ * an IP address and not wildcard match on such names.
++ *
+++ * Only match on "*" being used for the leftmost label, not "a*", "a*b" nor
+++ * "*b".
+++ *
++ * Return TRUE on a match. FALSE if not.
+++ *
+++ * @unittest: 1397
++ */
++
++ static bool hostmatch(const char *hostname,
++@@ -79,53 +84,42 @@ static bool hostmatch(const char *hostna
++ const char *pattern,
++ size_t patternlen)
++ {
++- const char *pattern_label_end, *wildcard, *hostname_label_end;
++- size_t prefixlen, suffixlen;
+++ const char *pattern_label_end;
++
++- /* normalize pattern and hostname by stripping off trailing dots */
+++ DEBUGASSERT(pattern);
++ DEBUGASSERT(patternlen);
+++ DEBUGASSERT(hostname);
+++ DEBUGASSERT(hostlen);
+++
+++ /* normalize pattern and hostname by stripping off trailing dots */
++ if(hostname[hostlen-1]=='.')
++ hostlen--;
++ if(pattern[patternlen-1]=='.')
++ patternlen--;
++
++- wildcard = memchr(pattern, '*', patternlen);
++- if(!wildcard)
+++ if(strncmp(pattern, "*.", 2))
++ return pmatch(hostname, hostlen, pattern, patternlen);
++
++ /* detect IP address as hostname and fail the match if so */
++- if(Curl_host_is_ipnum(hostname))
+++ else if(Curl_host_is_ipnum(hostname))
++ return FALSE;
++
++ /* We require at least 2 dots in the pattern to avoid too wide wildcard
++ match. */
++ pattern_label_end = memchr(pattern, '.', patternlen);
++ if(!pattern_label_end ||
++- (memrchr(pattern, '.', patternlen) == pattern_label_end) ||
++- strncasecompare(pattern, "xn--", 4))
+++ (memrchr(pattern, '.', patternlen) == pattern_label_end))
++ return pmatch(hostname, hostlen, pattern, patternlen);
++-
++- hostname_label_end = memchr(hostname, '.', hostlen);
++- if(!hostname_label_end)
++- return FALSE;
++ else {
++- size_t skiphost = hostname_label_end - hostname;
++- size_t skiplen = pattern_label_end - pattern;
++- if(!pmatch(hostname_label_end, hostlen - skiphost,
++- pattern_label_end, patternlen - skiplen))
++- return FALSE;
+++ const char *hostname_label_end = memchr(hostname, '.', hostlen);
+++ if(hostname_label_end) {
+++ size_t skiphost = hostname_label_end - hostname;
+++ size_t skiplen = pattern_label_end - pattern;
+++ return pmatch(hostname_label_end, hostlen - skiphost,
+++ pattern_label_end, patternlen - skiplen);
+++ }
++ }
++- /* The wildcard must match at least one character, so the left-most
++- label of the hostname is at least as large as the left-most label
++- of the pattern. */
++- if(hostname_label_end - hostname < pattern_label_end - pattern)
++- return FALSE;
++-
++- prefixlen = wildcard - pattern;
++- suffixlen = pattern_label_end - (wildcard + 1);
++- return strncasecompare(pattern, hostname, prefixlen) &&
++- strncasecompare(wildcard + 1, hostname_label_end - suffixlen,
++- suffixlen) ? TRUE : FALSE;
+++ return FALSE;
++ }
++
++ /*
++Index: curl/tests/data/test1397
++===================================================================
++--- curl.orig/tests/data/test1397
+++++ curl/tests/data/test1397
++@@ -2,8 +2,7 @@
++ <info>
++ <keywords>
++ unittest
++-ssl
++-wildcard
+++Curl_cert_hostcheck
++ </keywords>
++ </info>
++
++@@ -16,9 +15,8 @@ none
++ <features>
++ unittest
++ </features>
++- <name>
++-Check wildcard certificate matching function Curl_cert_hostcheck
++- </name>
+++<name>
+++Curl_cert_hostcheck unit tests
+++</name>
++ </client>
++-
++ </testcase>
++Index: curl/tests/unit/unit1397.c
++===================================================================
++--- curl.orig/tests/unit/unit1397.c
+++++ curl/tests/unit/unit1397.c
++@@ -23,7 +23,6 @@
++ ***************************************************************************/
++ #include "curlcheck.h"
++
++-#include "vtls/hostcheck.h" /* from the lib dir */
++
++ static CURLcode unit_setup(void)
++ {
++@@ -32,63 +31,94 @@ static CURLcode unit_setup(void)
++
++ static void unit_stop(void)
++ {
++- /* done before shutting down and exiting */
++ }
++
++-UNITTEST_START
++-
++ /* only these backends define the tested functions */
++-#if defined(USE_OPENSSL) || defined(USE_GSKIT)
++-
++- /* here you start doing things and checking that the results are good */
+++#if defined(USE_OPENSSL) || defined(USE_GSKIT) || defined(USE_SCHANNEL)
+++#include "vtls/hostcheck.h"
+++struct testcase {
+++ const char *host;
+++ const char *pattern;
+++ bool match;
+++};
+++
+++static struct testcase tests[] = {
+++ {"", "", FALSE},
+++ {"a", "", FALSE},
+++ {"", "b", FALSE},
+++ {"a", "b", FALSE},
+++ {"aa", "bb", FALSE},
+++ {"\xff", "\xff", TRUE},
+++ {"aa.aa.aa", "aa.aa.bb", FALSE},
+++ {"aa.aa.aa", "aa.aa.aa", TRUE},
+++ {"aa.aa.aa", "*.aa.bb", FALSE},
+++ {"aa.aa.aa", "*.aa.aa", TRUE},
+++ {"192.168.0.1", "192.168.0.1", TRUE},
+++ {"192.168.0.1", "*.168.0.1", FALSE},
+++ {"192.168.0.1", "*.0.1", FALSE},
+++ {"h.ello", "*.ello", FALSE},
+++ {"h.ello.", "*.ello", FALSE},
+++ {"h.ello", "*.ello.", FALSE},
+++ {"h.e.llo", "*.e.llo", TRUE},
+++ {"h.e.llo", " *.e.llo", FALSE},
+++ {" h.e.llo", "*.e.llo", TRUE},
+++ {"h.e.llo.", "*.e.llo", TRUE},
+++ {"*.e.llo.", "*.e.llo", TRUE},
+++ {"************.e.llo.", "*.e.llo", TRUE},
+++ {"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA"
+++ "BBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBB"
+++ "CCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCC"
+++ "DDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDD"
+++ "EEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEE"
+++ ".e.llo.", "*.e.llo", TRUE},
+++ {"\xfe\xfe.e.llo.", "*.e.llo", TRUE},
+++ {"h.e.llo.", "*.e.llo.", TRUE},
+++ {"h.e.llo", "*.e.llo.", TRUE},
+++ {".h.e.llo", "*.e.llo.", FALSE},
+++ {"h.e.llo", "*.*.llo.", FALSE},
+++ {"h.e.llo", "h.*.llo", FALSE},
+++ {"h.e.llo", "h.e.*", FALSE},
+++ {"hello", "*.ello", FALSE},
+++ {"hello", "**llo", FALSE},
+++ {"bar.foo.example.com", "*.example.com", FALSE},
+++ {"foo.example.com", "*.example.com", TRUE},
+++ {"baz.example.net", "b*z.example.net", FALSE},
+++ {"foobaz.example.net", "*baz.example.net", FALSE},
+++ {"xn--l8j.example.local", "x*.example.local", FALSE},
+++ {"xn--l8j.example.net", "*.example.net", TRUE},
+++ {"xn--l8j.example.net", "*j.example.net", FALSE},
+++ {"xn--l8j.example.net", "xn--l8j.example.net", TRUE},
+++ {"xn--l8j.example.net", "xn--l8j.*.net", FALSE},
+++ {"xl8j.example.net", "*.example.net", TRUE},
+++ {"fe80::3285:a9ff:fe46:b619", "*::3285:a9ff:fe46:b619", FALSE},
+++ {"fe80::3285:a9ff:fe46:b619", "fe80::3285:a9ff:fe46:b619", TRUE},
+++ {NULL, NULL, FALSE}
+++};
++
++-fail_unless(Curl_cert_hostcheck(STRCONST("www.example.com"),
++- STRCONST("www.example.com")), "good 1");
++-fail_unless(Curl_cert_hostcheck(STRCONST("*.example.com"),
++- STRCONST("www.example.com")),
++- "good 2");
++-fail_unless(Curl_cert_hostcheck(STRCONST("xxx*.example.com"),
++- STRCONST("xxxwww.example.com")), "good 3");
++-fail_unless(Curl_cert_hostcheck(STRCONST("f*.example.com"),
++- STRCONST("foo.example.com")), "good 4");
++-fail_unless(Curl_cert_hostcheck(STRCONST("192.168.0.0"),
++- STRCONST("192.168.0.0")), "good 5");
++-
++-fail_if(Curl_cert_hostcheck(STRCONST("xxx.example.com"),
++- STRCONST("www.example.com")), "bad 1");
++-fail_if(Curl_cert_hostcheck(STRCONST("*"),
++- STRCONST("www.example.com")),"bad 2");
++-fail_if(Curl_cert_hostcheck(STRCONST("*.*.com"),
++- STRCONST("www.example.com")), "bad 3");
++-fail_if(Curl_cert_hostcheck(STRCONST("*.example.com"),
++- STRCONST("baa.foo.example.com")), "bad 4");
++-fail_if(Curl_cert_hostcheck(STRCONST("f*.example.com"),
++- STRCONST("baa.example.com")), "bad 5");
++-fail_if(Curl_cert_hostcheck(STRCONST("*.com"),
++- STRCONST("example.com")), "bad 6");
++-fail_if(Curl_cert_hostcheck(STRCONST("*fail.com"),
++- STRCONST("example.com")), "bad 7");
++-fail_if(Curl_cert_hostcheck(STRCONST("*.example."),
++- STRCONST("www.example.")), "bad 8");
++-fail_if(Curl_cert_hostcheck(STRCONST("*.example."),
++- STRCONST("www.example")), "bad 9");
++-fail_if(Curl_cert_hostcheck(STRCONST(""), STRCONST("www")), "bad 10");
++-fail_if(Curl_cert_hostcheck(STRCONST("*"), STRCONST("www")), "bad 11");
++-fail_if(Curl_cert_hostcheck(STRCONST("*.168.0.0"),
++- STRCONST("192.168.0.0")), "bad 12");
++-fail_if(Curl_cert_hostcheck(STRCONST("www.example.com"),
++- STRCONST("192.168.0.0")), "bad 13");
++-
++-#ifdef ENABLE_IPV6
++-fail_if(Curl_cert_hostcheck(STRCONST("*::3285:a9ff:fe46:b619"),
++- STRCONST("fe80::3285:a9ff:fe46:b619")), "bad 14");
++-fail_unless(Curl_cert_hostcheck(STRCONST("fe80::3285:a9ff:fe46:b619"),
++- STRCONST("fe80::3285:a9ff:fe46:b619")),
++- "good 6");
++-#endif
+++UNITTEST_START
+++{
+++ int i;
+++ for(i = 0; tests[i].host; i++) {
+++ if(tests[i].match != Curl_cert_hostcheck(tests[i].pattern,
+++ strlen(tests[i].pattern),
+++ tests[i].host,
+++ strlen(tests[i].host))) {
+++ fprintf(stderr,
+++ "HOST: %s\n"
+++ "PTRN: %s\n"
+++ "did %sMATCH\n",
+++ tests[i].host,
+++ tests[i].pattern,
+++ tests[i].match ? "NOT ": "");
+++ unitfail++;
+++ }
+++ }
+++}
++
++-#endif
+++UNITTEST_STOP
+++#else
++
++- /* you end the test code like this: */
+++UNITTEST_START
++
++ UNITTEST_STOP
+++#endif
--- /dev/null
--- /dev/null
++From 7815647d6582c0a4900be2e1de6c5e61272c496b Mon Sep 17 00:00:00 2001
++From: Daniel Stenberg <daniel@haxx.se>
++Date: Tue, 25 Apr 2023 08:28:01 +0200
++Subject: [PATCH] lib: unify the upload/method handling
++
++By making sure we set state.upload based on the set.method value and not
++independently as set.upload, we reduce confusion and mixup risks, both
++internally and externally.
++
++Closes #11017
++---
++ lib/curl_rtmp.c | 4 ++--
++ lib/file.c | 4 ++--
++ lib/ftp.c | 8 ++++----
++ lib/http.c | 4 ++--
++ lib/imap.c | 6 +++---
++ lib/rtsp.c | 4 ++--
++ lib/setopt.c | 6 ++----
++ lib/smb.c | 6 +++---
++ lib/smtp.c | 4 ++--
++ lib/tftp.c | 8 ++++----
++ lib/transfer.c | 4 ++--
++ lib/urldata.h | 2 +-
++ lib/vssh/libssh.c | 6 +++---
++ lib/vssh/libssh2.c | 6 +++---
++ lib/vssh/wolfssh.c | 2 +-
++ 15 files changed, 36 insertions(+), 38 deletions(-)
++
++Index: curl/lib/curl_rtmp.c
++===================================================================
++--- curl.orig/lib/curl_rtmp.c
+++++ curl/lib/curl_rtmp.c
++@@ -231,7 +231,7 @@ static CURLcode rtmp_connect(struct Curl
++ /* We have to know if it's a write before we send the
++ * connect request packet
++ */
++- if(data->set.upload)
+++ if(data->state.upload)
++ r->Link.protocol |= RTMP_FEATURE_WRITE;
++
++ /* For plain streams, use the buffer toggle trick to keep data flowing */
++@@ -263,7 +263,7 @@ static CURLcode rtmp_do(struct Curl_easy
++ if(!RTMP_ConnectStream(r, 0))
++ return CURLE_FAILED_INIT;
++
++- if(data->set.upload) {
+++ if(data->state.upload) {
++ Curl_pgrsSetUploadSize(data, data->state.infilesize);
++ Curl_setup_transfer(data, -1, -1, FALSE, FIRSTSOCKET);
++ }
++Index: curl/lib/file.c
++===================================================================
++--- curl.orig/lib/file.c
+++++ curl/lib/file.c
++@@ -240,7 +240,7 @@ static CURLcode file_connect(struct Curl
++ file->freepath = real_path; /* free this when done */
++
++ file->fd = fd;
++- if(!data->set.upload && (fd == -1)) {
+++ if(!data->state.upload && (fd == -1)) {
++ failf(data, "Couldn't open file %s", data->state.up.path);
++ file_done(data, CURLE_FILE_COULDNT_READ_FILE, FALSE);
++ return CURLE_FILE_COULDNT_READ_FILE;
++@@ -422,7 +422,7 @@ static CURLcode file_do(struct Curl_easy
++
++ Curl_pgrsStartNow(data);
++
++- if(data->set.upload)
+++ if(data->state.upload)
++ return file_upload(data);
++
++ file = data->req.p.file;
++Index: curl/lib/ftp.c
++===================================================================
++--- curl.orig/lib/ftp.c
+++++ curl/lib/ftp.c
++@@ -1344,7 +1344,7 @@ static CURLcode ftp_state_prepare_transf
++ data->set.str[STRING_CUSTOMREQUEST]?
++ data->set.str[STRING_CUSTOMREQUEST]:
++ (data->state.list_only?"NLST":"LIST"));
++- else if(data->set.upload)
+++ else if(data->state.upload)
++ result = Curl_pp_sendf(data, &ftpc->pp, "PRET STOR %s",
++ conn->proto.ftpc.file);
++ else
++@@ -3346,7 +3346,7 @@ static CURLcode ftp_done(struct Curl_eas
++ /* the response code from the transfer showed an error already so no
++ use checking further */
++ ;
++- else if(data->set.upload) {
+++ else if(data->state.upload) {
++ if((-1 != data->state.infilesize) &&
++ (data->state.infilesize != data->req.writebytecount) &&
++ !data->set.crlf &&
++@@ -3602,7 +3602,7 @@ static CURLcode ftp_do_more(struct Curl_
++ connected back to us */
++ }
++ }
++- else if(data->set.upload) {
+++ else if(data->state.upload) {
++ result = ftp_nb_type(data, conn, data->state.prefer_ascii,
++ FTP_STOR_TYPE);
++ if(result)
++@@ -4191,7 +4191,7 @@ CURLcode ftp_parse_url_path(struct Curl_
++ ftpc->file = NULL; /* instead of point to a zero byte,
++ we make it a NULL pointer */
++
++- if(data->set.upload && !ftpc->file && (ftp->transfer == PPTRANSFER_BODY)) {
+++ if(data->state.upload && !ftpc->file && (ftp->transfer == PPTRANSFER_BODY)) {
++ /* We need a file name when uploading. Return error! */
++ failf(data, "Uploading to a URL without a file name");
++ free(rawPath);
++Index: curl/lib/http.c
++===================================================================
++--- curl.orig/lib/http.c
+++++ curl/lib/http.c
++@@ -1958,7 +1958,7 @@ void Curl_http_method(struct Curl_easy *
++ Curl_HttpReq httpreq = (Curl_HttpReq)data->state.httpreq;
++ const char *request;
++ if((conn->handler->protocol&(PROTO_FAMILY_HTTP|CURLPROTO_FTP)) &&
++- data->set.upload)
+++ data->state.upload)
++ httpreq = HTTPREQ_PUT;
++
++ /* Now set the 'request' pointer to the proper request string */
++@@ -2275,7 +2275,7 @@ CURLcode Curl_http_body(struct Curl_easy
++ if((conn->handler->protocol & PROTO_FAMILY_HTTP) &&
++ (((httpreq == HTTPREQ_POST_MIME || httpreq == HTTPREQ_POST_FORM) &&
++ http->postsize < 0) ||
++- ((data->set.upload || httpreq == HTTPREQ_POST) &&
+++ ((data->state.upload || httpreq == HTTPREQ_POST) &&
++ data->state.infilesize == -1))) {
++ if(conn->bits.authneg)
++ /* don't enable chunked during auth neg */
++Index: curl/lib/imap.c
++===================================================================
++--- curl.orig/lib/imap.c
+++++ curl/lib/imap.c
++@@ -1511,11 +1511,11 @@ static CURLcode imap_done(struct Curl_ea
++ result = status; /* use the already set error code */
++ }
++ else if(!data->set.connect_only && !imap->custom &&
++- (imap->uid || imap->mindex || data->set.upload ||
+++ (imap->uid || imap->mindex || data->state.upload ||
++ data->set.mimepost.kind != MIMEKIND_NONE)) {
++ /* Handle responses after FETCH or APPEND transfer has finished */
++
++- if(!data->set.upload && data->set.mimepost.kind == MIMEKIND_NONE)
+++ if(!data->state.upload && data->set.mimepost.kind == MIMEKIND_NONE)
++ state(data, IMAP_FETCH_FINAL);
++ else {
++ /* End the APPEND command first by sending an empty line */
++@@ -1581,7 +1581,7 @@ static CURLcode imap_perform(struct Curl
++ selected = TRUE;
++
++ /* Start the first command in the DO phase */
++- if(data->set.upload || data->set.mimepost.kind != MIMEKIND_NONE)
+++ if(data->state.upload || data->set.mimepost.kind != MIMEKIND_NONE)
++ /* APPEND can be executed directly */
++ result = imap_perform_append(data);
++ else if(imap->custom && (selected || !imap->mailbox))
++Index: curl/lib/rtsp.c
++===================================================================
++--- curl.orig/lib/rtsp.c
+++++ curl/lib/rtsp.c
++@@ -494,7 +494,7 @@ static CURLcode rtsp_do(struct Curl_easy
++ rtspreq == RTSPREQ_SET_PARAMETER ||
++ rtspreq == RTSPREQ_GET_PARAMETER) {
++
++- if(data->set.upload) {
+++ if(data->state.upload) {
++ putsize = data->state.infilesize;
++ data->state.httpreq = HTTPREQ_PUT;
++
++@@ -513,7 +513,7 @@ static CURLcode rtsp_do(struct Curl_easy
++ result =
++ Curl_dyn_addf(&req_buffer,
++ "Content-Length: %" CURL_FORMAT_CURL_OFF_T"\r\n",
++- (data->set.upload ? putsize : postsize));
+++ (data->state.upload ? putsize : postsize));
++ if(result)
++ return result;
++ }
++Index: curl/lib/setopt.c
++===================================================================
++--- curl.orig/lib/setopt.c
+++++ curl/lib/setopt.c
++@@ -329,8 +329,8 @@ CURLcode Curl_vsetopt(struct Curl_easy *
++ * We want to sent data to the remote host. If this is HTTP, that equals
++ * using the PUT request.
++ */
++- data->set.upload = (0 != va_arg(param, long)) ? TRUE : FALSE;
++- if(data->set.upload) {
+++ arg = va_arg(param, long);
+++ if(arg) {
++ /* If this is HTTP, PUT is what's needed to "upload" */
++ data->set.method = HTTPREQ_PUT;
++ data->set.opt_no_body = FALSE; /* this is implied */
++@@ -660,7 +660,6 @@ CURLcode Curl_vsetopt(struct Curl_easy *
++ }
++ else
++ data->set.method = HTTPREQ_GET;
++- data->set.upload = FALSE;
++ break;
++
++ #ifndef CURL_DISABLE_MIME
++@@ -884,7 +883,6 @@ CURLcode Curl_vsetopt(struct Curl_easy *
++ */
++ if(va_arg(param, long)) {
++ data->set.method = HTTPREQ_GET;
++- data->set.upload = FALSE; /* switch off upload */
++ data->set.opt_no_body = FALSE; /* this is implied */
++ }
++ break;
++Index: curl/lib/smb.c
++===================================================================
++--- curl.orig/lib/smb.c
+++++ curl/lib/smb.c
++@@ -531,7 +531,7 @@ static CURLcode smb_send_open(struct Cur
++ byte_count = strlen(req->path);
++ msg.name_length = smb_swap16((unsigned short)byte_count);
++ msg.share_access = smb_swap32(SMB_FILE_SHARE_ALL);
++- if(data->set.upload) {
+++ if(data->state.upload) {
++ msg.access = smb_swap32(SMB_GENERIC_READ | SMB_GENERIC_WRITE);
++ msg.create_disposition = smb_swap32(SMB_FILE_OVERWRITE_IF);
++ }
++@@ -763,7 +763,7 @@ static CURLcode smb_request_state(struct
++ void *msg = NULL;
++ const struct smb_nt_create_response *smb_m;
++
++- if(data->set.upload && (data->state.infilesize < 0)) {
+++ if(data->state.upload && (data->state.infilesize < 0)) {
++ failf(data, "SMB upload needs to know the size up front");
++ return CURLE_SEND_ERROR;
++ }
++@@ -814,7 +814,7 @@ static CURLcode smb_request_state(struct
++ smb_m = (const struct smb_nt_create_response*) msg;
++ req->fid = smb_swap16(smb_m->fid);
++ data->req.offset = 0;
++- if(data->set.upload) {
+++ if(data->state.upload) {
++ data->req.size = data->state.infilesize;
++ Curl_pgrsSetUploadSize(data, data->req.size);
++ next_state = SMB_UPLOAD;
++Index: curl/lib/smtp.c
++===================================================================
++--- curl.orig/lib/smtp.c
+++++ curl/lib/smtp.c
++@@ -1419,7 +1419,7 @@ static CURLcode smtp_done(struct Curl_ea
++ result = status; /* use the already set error code */
++ }
++ else if(!data->set.connect_only && data->set.mail_rcpt &&
++- (data->set.upload || data->set.mimepost.kind)) {
+++ (data->state.upload || data->set.mimepost.kind)) {
++ /* Calculate the EOB taking into account any terminating CRLF from the
++ previous line of the email or the CRLF of the DATA command when there
++ is "no mail data". RFC-5321, sect. 4.1.1.4.
++@@ -1511,7 +1511,7 @@ static CURLcode smtp_perform(struct Curl
++ smtp->eob = 2;
++
++ /* Start the first command in the DO phase */
++- if((data->set.upload || data->set.mimepost.kind) && data->set.mail_rcpt)
+++ if((data->state.upload || data->set.mimepost.kind) && data->set.mail_rcpt)
++ /* MAIL transfer */
++ result = smtp_perform_mail(data);
++ else
++Index: curl/lib/tftp.c
++===================================================================
++--- curl.orig/lib/tftp.c
+++++ curl/lib/tftp.c
++@@ -370,7 +370,7 @@ static CURLcode tftp_parse_option_ack(st
++
++ /* tsize should be ignored on upload: Who cares about the size of the
++ remote file? */
++- if(!data->set.upload) {
+++ if(!data->state.upload) {
++ if(!tsize) {
++ failf(data, "invalid tsize -:%s:- value in OACK packet", value);
++ return CURLE_TFTP_ILLEGAL;
++@@ -451,7 +451,7 @@ static CURLcode tftp_send_first(struct t
++ return result;
++ }
++
++- if(data->set.upload) {
+++ if(data->state.upload) {
++ /* If we are uploading, send an WRQ */
++ setpacketevent(&state->spacket, TFTP_EVENT_WRQ);
++ state->data->req.upload_fromhere =
++@@ -486,7 +486,7 @@ static CURLcode tftp_send_first(struct t
++ if(!data->set.tftp_no_options) {
++ char buf[64];
++ /* add tsize option */
++- if(data->set.upload && (data->state.infilesize != -1))
+++ if(data->state.upload && (data->state.infilesize != -1))
++ msnprintf(buf, sizeof(buf), "%" CURL_FORMAT_CURL_OFF_T,
++ data->state.infilesize);
++ else
++@@ -540,7 +540,7 @@ static CURLcode tftp_send_first(struct t
++ break;
++
++ case TFTP_EVENT_OACK:
++- if(data->set.upload) {
+++ if(data->state.upload) {
++ result = tftp_connect_for_tx(state, event);
++ }
++ else {
++Index: curl/lib/transfer.c
++===================================================================
++--- curl.orig/lib/transfer.c
+++++ curl/lib/transfer.c
++@@ -1287,6 +1287,7 @@ void Curl_init_CONNECT(struct Curl_easy
++ {
++ data->state.fread_func = data->set.fread_func_set;
++ data->state.in = data->set.in_set;
+++ data->state.upload = (data->state.httpreq == HTTPREQ_PUT);
++ }
++
++ /*
++@@ -1715,7 +1716,6 @@ CURLcode Curl_follow(struct Curl_easy *d
++ data->state.httpreq != HTTPREQ_POST_MIME) ||
++ !(data->set.keep_post & CURL_REDIR_POST_303))) {
++ data->state.httpreq = HTTPREQ_GET;
++- data->set.upload = false;
++ infof(data, "Switch to %s",
++ data->req.no_body?"HEAD":"GET");
++ }
++@@ -1753,7 +1753,7 @@ CURLcode Curl_retry_request(struct Curl_
++
++ /* if we're talking upload, we can't do the checks below, unless the protocol
++ is HTTP as when uploading over HTTP we will still get a response */
++- if(data->set.upload &&
+++ if(data->state.upload &&
++ !(conn->handler->protocol&(PROTO_FAMILY_HTTP|CURLPROTO_RTSP)))
++ return CURLE_OK;
++
++Index: curl/lib/urldata.h
++===================================================================
++--- curl.orig/lib/urldata.h
+++++ curl/lib/urldata.h
++@@ -1442,6 +1442,7 @@ struct UrlState {
++ BIT(rewindbeforesend);/* TRUE when the sending couldn't be stopped even
++ though it will be discarded. We must call the data
++ rewind callback before trying to send again. */
+++ BIT(upload); /* upload request */
++ };
++
++ /*
++@@ -1817,7 +1818,6 @@ struct UserDefined {
++ BIT(http_auto_referer); /* set "correct" referer when following
++ location: */
++ BIT(opt_no_body); /* as set with CURLOPT_NOBODY */
++- BIT(upload); /* upload request */
++ BIT(verbose); /* output verbosity */
++ BIT(krb); /* Kerberos connection requested */
++ BIT(reuse_forbid); /* forbidden to be reused, close after use */
++Index: curl/lib/vssh/libssh.c
++===================================================================
++--- curl.orig/lib/vssh/libssh.c
+++++ curl/lib/vssh/libssh.c
++@@ -1210,7 +1210,7 @@ static CURLcode myssh_statemach_act(stru
++ }
++
++ case SSH_SFTP_TRANS_INIT:
++- if(data->set.upload)
+++ if(data->state.upload)
++ state(data, SSH_SFTP_UPLOAD_INIT);
++ else {
++ if(protop->path[strlen(protop->path)-1] == '/')
++@@ -1823,7 +1823,7 @@ static CURLcode myssh_statemach_act(stru
++ /* Functions from the SCP subsystem cannot handle/return SSH_AGAIN */
++ ssh_set_blocking(sshc->ssh_session, 1);
++
++- if(data->set.upload) {
+++ if(data->state.upload) {
++ if(data->state.infilesize < 0) {
++ failf(data, "SCP requires a known file size for upload");
++ sshc->actualcode = CURLE_UPLOAD_FAILED;
++@@ -1928,7 +1928,7 @@ static CURLcode myssh_statemach_act(stru
++ break;
++ }
++ case SSH_SCP_DONE:
++- if(data->set.upload)
+++ if(data->state.upload)
++ state(data, SSH_SCP_SEND_EOF);
++ else
++ state(data, SSH_SCP_CHANNEL_FREE);
++Index: curl/lib/vssh/libssh2.c
++===================================================================
++--- curl.orig/lib/vssh/libssh2.c
+++++ curl/lib/vssh/libssh2.c
++@@ -2013,7 +2013,7 @@ static CURLcode ssh_statemach_act(struct
++ }
++
++ case SSH_SFTP_TRANS_INIT:
++- if(data->set.upload)
+++ if(data->state.upload)
++ state(data, SSH_SFTP_UPLOAD_INIT);
++ else {
++ if(sshp->path[strlen(sshp->path)-1] == '/')
++@@ -2686,7 +2686,7 @@ static CURLcode ssh_statemach_act(struct
++ break;
++ }
++
++- if(data->set.upload) {
+++ if(data->state.upload) {
++ if(data->state.infilesize < 0) {
++ failf(data, "SCP requires a known file size for upload");
++ sshc->actualcode = CURLE_UPLOAD_FAILED;
++@@ -2826,7 +2826,7 @@ static CURLcode ssh_statemach_act(struct
++ break;
++
++ case SSH_SCP_DONE:
++- if(data->set.upload)
+++ if(data->state.upload)
++ state(data, SSH_SCP_SEND_EOF);
++ else
++ state(data, SSH_SCP_CHANNEL_FREE);
++Index: curl/lib/vssh/wolfssh.c
++===================================================================
++--- curl.orig/lib/vssh/wolfssh.c
+++++ curl/lib/vssh/wolfssh.c
++@@ -557,7 +557,7 @@ static CURLcode wssh_statemach_act(struc
++ }
++ break;
++ case SSH_SFTP_TRANS_INIT:
++- if(data->set.upload)
+++ if(data->state.upload)
++ state(data, SSH_SFTP_UPLOAD_INIT);
++ else {
++ if(sftp_scp->path[strlen(sftp_scp->path)-1] == '/')
--- /dev/null
--- /dev/null
++From 0c667188e0c6cda615a036b8a2b4125f2c404dde Mon Sep 17 00:00:00 2001
++From: SaltyMilk <soufiane.elmelcaoui@gmail.com>
++Date: Mon, 10 Jul 2023 21:43:28 +0200
++Subject: [PATCH] fopen: optimize
++
++Closes #11419
++---
++ lib/fopen.c | 12 ++++++------
++ 1 file changed, 6 insertions(+), 6 deletions(-)
++
++diff --git a/lib/fopen.c b/lib/fopen.c
++index c9c9e3d6e73a2..b6e3cadddef65 100644
++--- a/lib/fopen.c
+++++ b/lib/fopen.c
++@@ -56,13 +56,13 @@ CURLcode Curl_fopen(struct Curl_easy *data, const char *filename,
++ int fd = -1;
++ *tempname = NULL;
++
++- if(stat(filename, &sb) == -1 || !S_ISREG(sb.st_mode)) {
++- /* a non-regular file, fallback to direct fopen() */
++- *fh = fopen(filename, FOPEN_WRITETEXT);
++- if(*fh)
++- return CURLE_OK;
+++ *fh = fopen(filename, FOPEN_WRITETEXT);
+++ if(!*fh)
++ goto fail;
++- }
+++ if(fstat(fileno(*fh), &sb) == -1 || !S_ISREG(sb.st_mode))
+++ return CURLE_OK;
+++ fclose(*fh);
+++ *fh = NULL;
++
++ result = Curl_rand_hex(data, randsuffix, sizeof(randsuffix));
++ if(result)
--- /dev/null
--- /dev/null
++From: Simon McVittie <smcv@collabora.com>
++Date: Tue, 22 Nov 2022 21:20:51 +0000
++Subject: Remove curl's LDFLAGS from curl-config --static-libs
++
++On current Debian bookworm, the LDFLAGS consist of
++-L/usr/lib/${triplet}/mit-krb5 originating from
++`pkg-config --libs-only-L mit-krb5-gssapi` from krb5-multidev, plus
++some linker options that are intended for curl itself rather than for
++dependent packages. None of these are really desirable, and they create
++divergence between architectures that would prevent libcurl-*-dev from
++being Multi-Arch: same.
++
++The -L flag is not really needed, for the same reason that -L@libdir@
++isn't. curl Build-Depends on libkrb5-dev, which doesn't need a special
++-L flag to find libgssapi_krb5, and the various libcurl-*-dev packages
++have Suggests on libkrb5-dev rather than on krb5-multidev for static
++linking.
++
++The other options (currently `-Wl,-z-relro -Wl,-z,now`) are intended
++for libcurl itself, and if dependent packages want those options then
++they should set them from their own packaging.
++
++Bug-Debian: https://bugs.debian.org/1024668
++Forwarded: not-needed
++Signed-off-by: Simon McVittie <smcv@collabora.com>
++---
++ curl-config.in | 2 +-
++ 1 file changed, 1 insertion(+), 1 deletion(-)
++
++diff --git a/curl-config.in b/curl-config.in
++index 5bf4256..620bff6 100644
++--- a/curl-config.in
+++++ b/curl-config.in
++@@ -165,7 +165,7 @@ while test $# -gt 0; do
++
++ --static-libs)
++ if test "X@ENABLE_STATIC@" != "Xno" ; then
++- echo -Wl,-Bstatic -lcurl -Wl,-Bdynamic @LDFLAGS@ @LIBCURL_LIBS@
+++ echo -Wl,-Bstatic -lcurl -Wl,-Bdynamic @LIBCURL_LIBS@
++ else
++ echo "curl was built with static libraries disabled" >&2
++ exit 1
--- /dev/null
--- /dev/null
++From: Sergio Durigan Junior <sergiodj@debian.org>
++Date: Sun, 5 Mar 2023 12:00:03 -0500
++Subject: Use correct path when loading libnss{pem,ckbi}.so
++
++Bug-Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=726073
++---
++ lib/vtls/nss.c | 14 ++++++++++++--
++ 1 file changed, 12 insertions(+), 2 deletions(-)
++
++diff --git a/lib/vtls/nss.c b/lib/vtls/nss.c
++index 774cbdd..fbcd0ee 100644
++--- a/lib/vtls/nss.c
+++++ b/lib/vtls/nss.c
++@@ -255,8 +255,12 @@ static const char *trust_library = "nssckbi.dll";
++ static const char *pem_library = "libnsspem.dylib";
++ static const char *trust_library = "libnssckbi.dylib";
++ #else
++-static const char *pem_library = "libnsspem.so";
++-static const char *trust_library = "libnssckbi.so";
+++#ifndef _DEB_HOST_ARCH
+++#error "_DEB_HOST_ARCH must be defined"
+++#endif
+++
+++static const char *pem_library = "/usr/lib/" _DEB_HOST_ARCH "/nss/libnsspem.so";
+++static const char *trust_library = "/usr/lib/" _DEB_HOST_ARCH "/libnssckbi.so";
++ #endif
++
++ static SECMODModule *pem_module = NULL;
--- /dev/null
--- /dev/null
++From: Simon McVittie <smcv@collabora.com>
++Date: Tue, 22 Nov 2022 20:43:41 +0000
++Subject: build: Divide mit-krb5-gssapi link flags between LDFLAGS and LIBS
++
++From the comments nearby about not having --libs-only-L, it looks as
++though the intention was to apply a split like this to all dependency
++libraries where possible, and the only reason it was not done for
++Kerberos is that krb5-config doesn't have that feature and pkg-config
++was originally not supported here. For example, zlib, libssh and librtmp
++all have their flags from pkg-config split in this way.
++
++Now that pkg-config is supported here, we can do the intended split.
++
++Signed-off-by: Simon McVittie <smcv@collabora.com>
++---
++ configure.ac | 3 ++-
++ 1 file changed, 2 insertions(+), 1 deletion(-)
++
++Index: curl/configure.ac
++===================================================================
++--- curl.orig/configure.ac
+++++ curl/configure.ac
++@@ -1942,7 +1942,8 @@ if test x"$want_gss" = xyes; then
++ gss_libs=`$GSSAPI_ROOT/bin/$host_alias-krb5-config --libs gssapi`
++ LIBS="$gss_libs $LIBS"
++ elif test "$PKGCONFIG" != "no" ; then
++- gss_libs=`$PKGCONFIG --libs mit-krb5-gssapi`
+++ LDFLAGS="$LDFLAGS `$PKGCONFIG --libs-only-L mit-krb5-gssapi`"
+++ gss_libs=`$PKGCONFIG --libs-only-l mit-krb5-gssapi`
++ LIBS="$gss_libs $LIBS"
++ elif test -f "$KRB5CONFIG"; then
++ dnl krb5-config doesn't have --libs-only-L or similar, put everything
--- /dev/null
--- /dev/null
++From 873f9fccca3645ffa41ad1f26355860fd925eb18 Mon Sep 17 00:00:00 2001
++From: Stefan Eissing <stefan@eissing.org>
++Date: Tue, 28 Feb 2023 10:07:21 +0100
++Subject: [PATCH] Fixing unix domain socket use in https connects.
++
++- refs #10633, when h2/h3 eyeballing was involved, unix domain socket
++ configurations were not honoured
++- configuring --unix-socket will disable HTTP/3 as candidate for eyeballing
++- combinatino of --unix-socket and --http3-only will fail during initialisation
++- adding pytest test_11 to reproduce
++---
++ lib/cf-http.c | 6 +-
++ lib/http.c | 6 +-
++ lib/vquic/vquic.c | 4 +
++ tests/tests-httpd/test_11_unix.py | 129 ++++++++++++++++++++++++++++++
++ 4 files changed, 138 insertions(+), 7 deletions(-)
++ create mode 100644 tests/tests-httpd/test_11_unix.py
++
++Index: curl/lib/cf-http.c
++===================================================================
++--- curl.orig/lib/cf-http.c
+++++ curl/lib/cf-http.c
++@@ -266,7 +266,8 @@ static CURLcode cf_hc_connect(struct Cur
++ Curl_expire(data, ctx->soft_eyeballs_timeout_ms, EXPIRE_ALPN_EYEBALLS);
++ }
++ else if(ctx->h21_baller.enabled)
++- cf_hc_baller_init(&ctx->h21_baller, cf, data, "h21", TRNSPRT_TCP);
+++ cf_hc_baller_init(&ctx->h21_baller, cf, data, "h21",
+++ cf->conn->transport);
++ ctx->state = CF_HC_CONNECT;
++ /* FALLTHROUGH */
++
++@@ -280,7 +281,8 @@ static CURLcode cf_hc_connect(struct Cur
++ }
++
++ if(time_to_start_h21(cf, data, now)) {
++- cf_hc_baller_init(&ctx->h21_baller, cf, data, "h21", TRNSPRT_TCP);
+++ cf_hc_baller_init(&ctx->h21_baller, cf, data, "h21",
+++ cf->conn->transport);
++ }
++
++ if(cf_hc_baller_is_active(&ctx->h21_baller)) {
++Index: curl/lib/http.c
++===================================================================
++--- curl.orig/lib/http.c
+++++ curl/lib/http.c
++@@ -234,14 +234,10 @@ static CURLcode http_setup_conn(struct C
++ Curl_mime_initpart(&http->form);
++ data->req.p.http = http;
++
++- if((data->state.httpwant == CURL_HTTP_VERSION_3)
++- || (data->state.httpwant == CURL_HTTP_VERSION_3ONLY)) {
+++ if(data->state.httpwant == CURL_HTTP_VERSION_3ONLY) {
++ CURLcode result = Curl_conn_may_http3(data, conn);
++ if(result)
++ return result;
++-
++- /* TODO: HTTP lower version eyeballing */
++- conn->transport = TRNSPRT_QUIC;
++ }
++
++ return CURLE_OK;
++Index: curl/lib/vquic/vquic.c
++===================================================================
++--- curl.orig/lib/vquic/vquic.c
+++++ curl/lib/vquic/vquic.c
++@@ -363,6 +363,10 @@ bool Curl_conn_is_http3(const struct Cur
++ CURLcode Curl_conn_may_http3(struct Curl_easy *data,
++ const struct connectdata *conn)
++ {
+++ if(conn->transport == TRNSPRT_UNIX) {
+++ /* cannot do QUIC over a unix domain socket */
+++ return CURLE_QUIC_CONNECT_ERROR;
+++ }
++ if(!(conn->handler->flags & PROTOPT_SSL)) {
++ failf(data, "HTTP/3 requested for non-HTTPS URL");
++ return CURLE_URL_MALFORMAT;
++Index: curl/tests/tests-httpd/test_11_unix.py
++===================================================================
++--- /dev/null
+++++ curl/tests/tests-httpd/test_11_unix.py
++@@ -0,0 +1,129 @@
+++#!/usr/bin/env python3
+++# -*- coding: utf-8 -*-
+++#***************************************************************************
+++# _ _ ____ _
+++# Project ___| | | | _ \| |
+++# / __| | | | |_) | |
+++# | (__| |_| | _ <| |___
+++# \___|\___/|_| \_\_____|
+++#
+++# Copyright (C) 2008 - 2022, Daniel Stenberg, <daniel@haxx.se>, et al.
+++#
+++# This software is licensed as described in the file COPYING, which
+++# you should have received as part of this distribution. The terms
+++# are also available at https://curl.se/docs/copyright.html.
+++#
+++# You may opt to use, copy, modify, merge, publish, distribute and/or sell
+++# copies of the Software, and permit persons to whom the Software is
+++# furnished to do so, under the terms of the COPYING file.
+++#
+++# This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
+++# KIND, either express or implied.
+++#
+++# SPDX-License-Identifier: curl
+++#
+++###########################################################################
+++#
+++import logging
+++import os
+++import socket
+++from threading import Thread
+++import pytest
+++
+++from testenv import Env, CurlClient
+++
+++
+++log = logging.getLogger(__name__)
+++
+++class UDSFaker:
+++
+++ def __init__(self, path):
+++ self._uds_path = path
+++ self._done = False
+++
+++ @property
+++ def path(self):
+++ return self._uds_path
+++
+++ def start(self):
+++ def process(self):
+++ self._socket.listen(1)
+++ self._process()
+++
+++ try:
+++ os.unlink(self._uds_path)
+++ except OSError:
+++ if os.path.exists(self._uds_path):
+++ raise
+++ self._socket = socket.socket(socket.AF_UNIX, socket.SOCK_STREAM)
+++ self._socket.bind(self._uds_path)
+++ self._thread = Thread(target=process, daemon=True, args=[self])
+++ self._thread.start()
+++
+++ def stop(self):
+++ self._done = True
+++ self._socket.close()
+++
+++ def _process(self):
+++ while self._done is False:
+++ try:
+++ c, client_address = self._socket.accept()
+++ try:
+++ data = c.recv(16)
+++ c.sendall("""HTTP/1.1 200 Ok
+++Server: UdsFaker
+++Content-Type: application/json
+++Content-Length: 19
+++
+++{ "host": "faked" }""".encode())
+++ finally:
+++ c.close()
+++
+++ except ConnectionAbortedError:
+++ self._done = True
+++
+++
+++
+++@pytest.mark.skipif(condition=Env.setup_incomplete(),
+++ reason=f"missing: {Env.incomplete_reason()}")
+++class TestUnix:
+++
+++ @pytest.fixture(scope="class")
+++ def uds_faker(self, env: Env) -> UDSFaker:
+++ uds_path = os.path.join(env.gen_dir, 'uds_11.sock')
+++ faker = UDSFaker(path=uds_path)
+++ faker.start()
+++ yield faker
+++ faker.stop()
+++
+++ # download http: via unix socket
+++ def test_11_01_unix_connect_http(self, env: Env, httpd, uds_faker, repeat):
+++ curl = CurlClient(env=env)
+++ url = f'http://{env.domain1}:{env.http_port}/data.json'
+++ r = curl.http_download(urls=[url], with_stats=True,
+++ extra_args=[
+++ '--unix-socket', uds_faker.path,
+++ ])
+++ assert r.exit_code == 0
+++ r.check_stats(count=1, exp_status=200)
+++
+++ # download https: via unix socket
+++ def test_11_02_unix_connect_http(self, env: Env, httpd, uds_faker, repeat):
+++ curl = CurlClient(env=env)
+++ url = f'https://{env.domain1}:{env.https_port}/data.json'
+++ r = curl.http_download(urls=[url], with_stats=True,
+++ extra_args=[
+++ '--unix-socket', uds_faker.path,
+++ ])
+++ assert r.exit_code == 35 # CONNECT_ERROR (as faker is not TLS)
+++
+++ # download HTTP/3 via unix socket
+++ def test_11_03_unix_connect_quic(self, env: Env, httpd, uds_faker, repeat):
+++ curl = CurlClient(env=env)
+++ url = f'https://{env.domain1}:{env.https_port}/data.json'
+++ r = curl.http_download(urls=[url], with_stats=True,
+++ alpn_proto='h3',
+++ extra_args=[
+++ '--unix-socket', uds_faker.path,
+++ ])
+++ assert r.exit_code == 96 # QUIC CONNECT ERROR
--- /dev/null
--- /dev/null
++# Packaging patches.
++04_workaround_as_needed_bug.patch
++08_enable-zsh.patch
++build-Divide-mit-krb5-gssapi-link-flags-between-LDFLAGS-a.patch
++11_omit-directories-from-config.patch
++Remove-curl-s-LDFLAGS-from-curl-config-static-libs.patch
++Use-correct-path-when-loading-libnss-pem-ckbi-.so.patch
++
++fix-unix-domain-socket.patch
++
++# CVE fixes.
++# Patches from 8.0.1.
++CVE-2023-27533.patch
++CVE-2023-27534.patch
++CVE-2023-27538.patch
++CVE-2023-27535.patch
++CVE-2023-27536.patch
++CVE-2023-27537.patch
++
++# Patches from 8.1.0.
++CVE-2023-28319.patch
++CVE-2023-28320.patch
++CVE-2023-28320-1.patch
++CVE-2023-28321.patch
++CVE-2023-28322.patch
++
++# Patches from 8.2.0.
++CVE-2023-32001.patch
++
++# Do not add patches below.
++# Used to generate packages for the other crypto libraries.
++90_gnutls.patch
++99_nss.patch
--- /dev/null
--- /dev/null
++#! /usr/bin/make -f
++
++# enable all hardening options (see #763372)
++export DEB_BUILD_MAINT_OPTIONS = hardening=+all
++
++DEB_BUILD_GNU_TYPE ?= $(shell dpkg-architecture -qDEB_BUILD_GNU_TYPE)
++DEB_HOST_MULTIARCH ?= $(shell dpkg-architecture -qDEB_HOST_MULTIARCH)
++
++CONFIGURE_ARGS = -- --disable-dependency-tracking \
++ --disable-symbol-hiding --enable-versioned-symbols \
++ --enable-threaded-resolver --with-lber-lib=lber \
++ --with-gssapi=/usr --with-nghttp2 \
++ --includedir=/usr/include/$(DEB_HOST_MULTIARCH) \
++ --with-zsh-functions-dir=/usr/share/zsh/vendor-completions
++
++# disable libssh2 on Ubuntu (see #888449)
++ifeq ($(shell dpkg-vendor --derives-from Ubuntu && echo yes),yes)
++ CONFIGURE_ARGS += --with-libssh --without-libssh2
++else
++ CONFIGURE_ARGS += --without-libssh --with-libssh2
++endif
++
++
++ifneq (,$(filter parallel=%,$(DEB_BUILD_OPTIONS)))
++ NUMJOBS = $(patsubst parallel=%,%,$(filter parallel=%,$(DEB_BUILD_OPTIONS)))
++ MAKEFLAGS += -j$(NUMJOBS)
++endif
++
++export DEB_CFLAGS_MAINT_APPEND = -D_DEB_HOST_ARCH=\"$(DEB_HOST_MULTIARCH)\"
++export DEB_CXXFLAGS_MAINT_APPEND = -D_DEB_HOST_ARCH=\"$(DEB_HOST_MULTIARCH)\"
++
++ifneq ($(filter pkg.curl.openssl-only,$(DEB_BUILD_PROFILES)),)
++ DEB_BUILD_PROFILES += pkg.curl.no-gnutls pkg.curl.no-nss
++endif
++ifneq ($(filter pkg.curl.gnutls-only,$(DEB_BUILD_PROFILES)),)
++ DEB_BUILD_PROFILES += pkg.curl.no-openssl pkg.curl.no-nss
++endif
++ifneq ($(filter pkg.curl.nss-only,$(DEB_BUILD_PROFILES)),)
++ DEB_BUILD_PROFILES += pkg.curl.no-openssl pkg.curl.no-gnutls
++endif
++
++%:
++ dh $@
++
++override_dh_auto_configure:
++ifeq ($(filter pkg.curl.no-openssl,$(DEB_BUILD_PROFILES)),)
++ mkdir -p debian/build
++endif
++ifeq ($(filter pkg.curl.no-gnutls,$(DEB_BUILD_PROFILES)),)
++ mkdir -p debian/build-gnutls
++endif
++ifeq ($(filter pkg.curl.no-nss,$(DEB_BUILD_PROFILES)),)
++ mkdir -p debian/build-nss
++endif
++# pop the last patch (nss)
++ quilt pop
++# pop the second last patch (gnutls)
++ quilt pop
++ifeq ($(filter pkg.curl.no-openssl,$(DEB_BUILD_PROFILES)),)
++# get the source without nss and gnutls patches
++ tar -cf - --exclude=debian/build* --exclude=.pc . \
++ | tar -xf - -C debian/build
++endif
++# push the second last patch which must be gnutls
++ quilt push
++ifeq ($(filter pkg.curl.no-gnutls,$(DEB_BUILD_PROFILES)),)
++# get the source with gnutls patch applied
++ tar -cf - --exclude=debian/build* --exclude=.pc . \
++ | tar -xf - -C debian/build-gnutls
++endif
++# push the last patch which must be nss
++ quilt push
++ifeq ($(filter pkg.curl.no-nss,$(DEB_BUILD_PROFILES)),)
++# get the source with nss patch applied
++ tar -cf - --exclude=debian/build* --exclude=.pc . \
++ | tar -xf - -C debian/build-nss
++endif
++ifeq ($(filter pkg.curl.no-openssl,$(DEB_BUILD_PROFILES)),)
++ cd debian/build && \
++ ./buildconf && \
++ cp ../../ltmain.sh . && \
++ dh_auto_configure ${CONFIGURE_ARGS} --with-openssl \
++ --with-ca-path=/etc/ssl/certs \
++ --with-ca-bundle=/etc/ssl/certs/ca-certificates.crt
++endif
++ifeq ($(filter pkg.curl.no-gnutls,$(DEB_BUILD_PROFILES)),)
++ cd debian/build-gnutls && \
++ ./buildconf && \
++ cp ../../ltmain.sh . && \
++ dh_auto_configure ${CONFIGURE_ARGS} --with-gnutls \
++ --with-ca-path=/etc/ssl/certs
++endif
++ifeq ($(filter pkg.curl.no-nss,$(DEB_BUILD_PROFILES)),)
++ cd debian/build-nss && \
++ ./buildconf && \
++ cp ../../ltmain.sh . && \
++ dh_auto_configure ${CONFIGURE_ARGS} --with-nss --with-nss-deprecated
++endif
++
++override_dh_auto_build:
++ifeq ($(filter pkg.curl.no-openssl,$(DEB_BUILD_PROFILES)),)
++ cd debian/build && dh_auto_build
++endif
++ifeq ($(filter pkg.curl.no-gnutls,$(DEB_BUILD_PROFILES)),)
++ cd debian/build-gnutls && dh_auto_build
++endif
++ifeq ($(filter pkg.curl.no-nss,$(DEB_BUILD_PROFILES)),)
++ cd debian/build-nss && dh_auto_build
++endif
++
++# Test parameters that are passed to runtests.pl.
++# -n disables valgrind usage
++TESTS_GENERAL_PARAMETERS += -n
++
++# These tests fail if a IPv6-only builder is used:
++# https://bugs.debian.org/1032343
++# https://github.com/curl/curl/issues/10682
++TESTS_FAILS_ON_IPV6_ONLY_MACHINES ?= $(addprefix ~, 300 301 303 304 306 309 310 325 364 400 401 403 406 407 408 409 410 414 417 560 678 987 988 989 1112 1272 1470 1561 1562 1630 1631 1632 2034 2037 2041 3000 3001)
++
++TESTS_GENERAL_PARAMETERS += $(TESTS_FAILS_ON_IPV6_ONLY_MACHINES)
++
++override_dh_auto_test:
++ifeq ($(filter nocheck,$(DEB_BUILD_PROFILES)),)
++ifeq ($(filter pkg.curl.no-openssl,$(DEB_BUILD_PROFILES)),)
++# OpenSSL tests.
++ cd debian/build && VERBOSE=1 \
++ TFLAGS="$(TESTS_GENERAL_PARAMETERS)" \
++ $(MAKE) test-nonflaky
++endif
++ifeq ($(filter pkg.curl.no-gnutls,$(DEB_BUILD_PROFILES)),)
++# GnuTLS tests.
++ cd debian/build-gnutls && VERBOSE=1 \
++ TFLAGS="$(TESTS_GENERAL_PARAMETERS)" \
++ $(MAKE) test-nonflaky
++endif
++ifeq ($(filter pkg.curl.no-nss,$(DEB_BUILD_PROFILES)),)
++# NSS tests.
++ cd debian/build-nss && VERBOSE=1 \
++ TFLAGS="$(TESTS_GENERAL_PARAMETERS)" \
++ $(MAKE) test-nonflaky
++endif
++endif
++
++override_dh_install:
++ifeq ($(filter pkg.curl.no-openssl,$(DEB_BUILD_PROFILES)),)
++ ${MAKE} -C debian/build \
++ DESTDIR=$(shell pwd)/debian/tmp install
++endif
++ifeq ($(filter pkg.curl.no-gnutls,$(DEB_BUILD_PROFILES)),)
++ ${MAKE} -C debian/build-gnutls \
++ DESTDIR=$(shell pwd)/debian/tmp-gnutls install
++endif
++ifeq ($(filter pkg.curl.no-nss,$(DEB_BUILD_PROFILES)),)
++ ${MAKE} -C debian/build-nss \
++ DESTDIR=$(shell pwd)/debian/tmp-nss install
++endif
++ find debian/tmp* -name '*.la' -delete
++ifeq ($(filter pkg.curl.no-openssl,$(DEB_BUILD_PROFILES)),)
++ dh_install -pcurl -plibcurl4 -plibcurl4-openssl-dev -plibcurl4-doc \
++ --sourcedir=debian/tmp
++endif
++ifeq ($(filter pkg.curl.no-gnutls,$(DEB_BUILD_PROFILES)),)
++ dh_install -plibcurl3-gnutls -plibcurl4-gnutls-dev \
++ --sourcedir=debian/tmp-gnutls
++endif
++ifeq ($(filter pkg.curl.no-nss,$(DEB_BUILD_PROFILES)),)
++ dh_install -plibcurl3-nss -plibcurl4-nss-dev \
++ --sourcedir=debian/tmp-nss
++endif
++# Modify curl-config to make it architecture-independent:
++# 1. In --static-libs output, replace the output of krb5-config (which
++# currently includes architecture-specific paths) with a call at
++# runtime to krb5-config. Of course, this will only work correctly
++# if the installed libkrb5-dev matches the architecture of the
++# program you're linking, or if libkrb5-dev is made
++# multiarch-compatible at some point in the future. For dynamic
++# linking this has no impact.
++# 2. In --configure output, replace the architecture-specific paths
++# used for --libdir and --libexecdir with a literal backquoted call
++# to dpkg-architecture. This is functionally equivalent to the way
++# debhelper actually invokes configure, and indicates to the user
++# (who runs curl-config --configure in order to learn about how the
++# library was compiled) that they are in fact using a multi-arch
++# package.
++# 3. Likewise, replace the architecture name used for --build (and
++# build_alias) with a literal backquoted call to dpkg-architecture.
++# 4. In --configure output, remove
++# -fdebug-prefix-map=/buildd/specific/random/path=. and
++# -ffile-prefix-map=/buildd/specific/random/path=.
++# 5. Remove -D_DEB_HOST_ARCH from CFLAGS. This is a (hopefully
++# temporary) hack needed to properly build curl with NSS PEM
++# support in Debian.
++ sed -e "/-lcurl /s|`krb5-config --libs gssapi`|\`krb5-config --libs gssapi\`|" \
++ -e "/--prefix/s|/$(DEB_HOST_MULTIARCH)'|/'\\\\\`dpkg-architecture -qDEB_HOST_MULTIARCH\\\\\`|g" \
++ -e "/--prefix/s|=$(DEB_BUILD_GNU_TYPE)'|='\\\\\`dpkg-architecture -qDEB_BUILD_GNU_TYPE\\\\\`|g" \
++ -e "/-fdebug-prefix-map=/s|\(-fdebug-prefix-map=\)/[^ ]*=.||" \
++ -e "/-ffile-prefix-map=/s|\(-ffile-prefix-map=\)/[^ ]*=.||" \
++ -e "/-D_DEB_HOST_ARCH=/s|-D_DEB_HOST_ARCH=\\\\\"[^ ']*\\\\\"||" \
++ -i `find . -name curl-config`
++# When we get here, everything has been properly installed. Because
++# of debhelper-compat 13, we have to remove some files that are
++# otherwise flagged as not installed and will cause the build to fail.
++ rm -rfv debian/tmp/usr/share/man/* \
++ debian/tmp/usr/share/fish/* \
++ debian/tmp/usr/share/aclocal/*
++
++override_dh_installchangelogs:
++ dh_installchangelogs CHANGES
++
++override_dh_compress:
++ dh_compress -X.pdf
++
++override_dh_auto_clean:
++ $(RM) -r debian/build* debian/tmp*
++ dh_auto_clean
--- /dev/null
--- /dev/null
++---
++include:
++ - https://salsa.debian.org/salsa-ci-team/pipeline/raw/master/recipes/debian.yml
++
++variables:
++ DEB_BUILD_OPTIONS: nocheck
--- /dev/null
--- /dev/null
++3.0 (quilt)
--- /dev/null
--- /dev/null
++Tests: upstream-tests-openssl
++Depends: curl, @builddeps@
++Restrictions: allow-stderr
++
++Tests: upstream-tests-gnutls
++Depends: @builddeps@
++Restrictions: allow-stderr
++
++Tests: upstream-tests-nss
++Depends: @builddeps@
++Restrictions: allow-stderr
--- /dev/null
--- /dev/null
++#!/bin/sh
++set -e
++
++# Building curl is required because libauthretry (from "make test") requires
++# libcurl.
++#
++# It might be possible to patch the makefile to have libauthretry link against
++# the system's installed libcurl, patches welcome.
++#
++# gnutls tests run against the built curl and libcurl rather than the installed
++# one as we don't ship a curl linked against gnutls (only gnutls libraries).
++
++export DEB_BUILD_PROFILES="pkg.curl.gnutls-only"
++export VERBOSE=1
++
++# Don't skip tests which fail on ipv6-only environments for autopkgtests.
++# I'm not aware of runners with this configuration for debci, and a retry
++# should be easy enough it it happens.
++# References:
++# https://bugs.debian.org/1032343
++# https://github.com/curl/curl/issues/10682
++export TESTS_FAILS_ON_IPV6_ONLY_MACHINES=""
++
++echo "dh_update_autotools_config"
++dh_update_autotools_config
++
++echo "dh_autoreconf"
++dh_autoreconf
++
++echo "debian/rules override_dh_auto_configure "
++debian/rules override_dh_auto_configure
++
++echo "debian/rules override_dh_auto_build"
++debian/rules override_dh_auto_build
++
++echo "debian/rules override_dh_auto_test"
++debian/rules override_dh_auto_test
--- /dev/null
--- /dev/null
++#!/bin/sh
++set -e
++
++# Building curl is required because libauthretry (from "make test") requires
++# libcurl.
++#
++# It might be possible to patch the makefile to have libauthretry link against
++# the system's installed libcurl, patches welcome.
++#
++# nss tests run against the built curl and libcurl rather than the installed
++# one as we don't ship a curl linked against nss (only nss libraries).
++
++export DEB_BUILD_PROFILES="pkg.curl.nss-only"
++export VERBOSE=1
++
++# Don't skip tests which fail on ipv6-only environments for autopkgtests.
++# I'm not aware of runners with this configuration for debci, and a retry
++# should be easy enough it it happens.
++# References:
++# https://bugs.debian.org/1032343
++# https://github.com/curl/curl/issues/10682
++export TESTS_FAILS_ON_IPV6_ONLY_MACHINES=""
++
++echo "dh_update_autotools_config"
++dh_update_autotools_config
++
++echo "dh_autoreconf"
++dh_autoreconf
++
++echo "debian/rules override_dh_auto_configure "
++debian/rules override_dh_auto_configure
++
++echo "debian/rules override_dh_auto_build"
++debian/rules override_dh_auto_build
++
++echo "debian/rules override_dh_auto_test"
++debian/rules override_dh_auto_test
--- /dev/null
--- /dev/null
++#!/bin/sh
++set -e
++
++# Building curl is required because libauthretry (from "make test") requires
++# libcurl.
++#
++# It might be possible to patch the makefile to have libauthretry link against
++# the system's installed libcurl, patches welcome.
++#
++# openssl tests run against the system's installed curl.
++
++export DEB_BUILD_PROFILES="pkg.curl.openssl-only"
++export VERBOSE=1
++TESTS_GENERAL_PARAMETERS="-c /usr/bin/curl"
++TESTS_GENERAL_PARAMETERS="-vc /usr/bin/curl"
++export TESTS_GENERAL_PARAMETERS
++
++# Don't skip tests which fail on ipv6-only environments for autopkgtests.
++# I'm not aware of runners with this configuration for debci, and a retry
++# should be easy enough it it happens.
++# References:
++# https://bugs.debian.org/1032343
++# https://github.com/curl/curl/issues/10682
++export TESTS_FAILS_ON_IPV6_ONLY_MACHINES=""
++
++echo "dh_update_autotools_config"
++dh_update_autotools_config
++
++echo "dh_autoreconf"
++dh_autoreconf
++
++echo "debian/rules override_dh_auto_configure "
++debian/rules override_dh_auto_configure
++
++echo "debian/rules override_dh_auto_build"
++debian/rules override_dh_auto_build
++
++echo "debian/rules override_dh_auto_test"
++debian/rules override_dh_auto_test
++
--- /dev/null
--- /dev/null
++---
++Bug-Database: https://github.com/bagder/curl/issues
++Bug-Submit: https://github.com/curl/curl/issues
++Repository: https://github.com/curl/curl.git
++Repository-Browse: https://github.com/curl/curl
--- /dev/null
--- /dev/null
++-----BEGIN PGP PUBLIC KEY BLOCK-----
++
++mQGiBD6tnnoRBACRPnFBVoapBrTpPrCNZ2rq3DcmW6n/soQJW47+zP+vcrcxQ1WJ
++QiWSzLGO+QOIUZSYfnliR22r8HkFX9EUSW3IAcRMJMsaO3wMJ0a+78a9QqWLp6RV
++0arcQkuuCvG79h+yJ6NnoAXe1geRt8vNGsaWtsS91CtYlTSs6JVtaRLnYwCg/Ly1
++EFgvNZ6SJRc/8I5rRv0lrz8D/0goih2kZ5z4SI+r2hgABNcN7g565YwGKaQDbIch
++soh3OBzgETWc3wuAZqmCzQXPXMpMx+ziqX6XDzDKNiGL1CdrBJQd0II8UutWVDje
++f9UxLfo02YQ8diGYeq0u9k1RezC13w4TVUmQfg0Uqn4xM6DNzO1O6yCK8rlNwsvL
++gHNJA/9m1pfzjpvdxtmJNKRU3C4cRCjXhxNdM7laSEj0/wOGaR2QWWEge51orWwo
++SLQUIe4BDPvtRStQHC+tI7qr7d12rMMEBXviJC5EkGBOzlgWr9virjM/u/pkGMc2
++m5r3pVuWH/JSsHsV952y2kWP64uP4zdLXOpVzX/xs0sYJ9nOPLQnRGFuaWVsIFN0
++ZW5iZXJnIChIYXh4KSA8ZGFuaWVsQGhheHguc2U+iF4EExECAB4CHgECF4AFAlQU
++ki4FCwkIBwMFFQoJCAsFFgIDAQAACgkQeOEcayedXJEOOwCggCsNHdAQPAlPte3w
++i2IZEekkM0YAoOXXPFAWjUwIHjZY41l7WgzACbANuQENBD6tnn0QBACZiwDyA+Mn
++vmA4g9tc2D1nfVDMjPrmpL1d02wU0B0rGdjhvvaeFzShpL3/sNx1/ZD7WYNranvY
++NaT72LPuSeYEv75ywE/bP14x7mHyhXnemuo04cMfIvdYs5rbmBr3fzWBmfNahAwT
++viJIEEzAPDy9ssSAhnfglpDs57703f7qfwADBwP8C/4yz7eAJzmkunifHfqqqLfp
+++h1ob353Ahwxuv1uK8S2OYMd64+wPpfUn35j+KRQEgOkw+/feUnEui5s62kuES43
++Zc3+iNOu55U8MoDV/4bJ8efJ+l//vwiBfWEZWq7/dEFYo+lcXBJkDiry8VH4Vo8L
++lZtTry0Usmli4L1k78uIRgQYEQIABgUCPq2efQAKCRB44RxrJ51cka09AKDGtt3n
++1p96Zn04hp1kPyRQYLb11QCgn3hoZSRYLCgSI/IRlEZe/1dGV/GZAQ0EVwaHIgEI
++ALv0AjHmEeLEqY22puvK5lMPCW31deQSf9BKtAPenOBuxsGJbKo5XiF+xy+2aioD
++uSg7DiHNn9vykk8Dfp43OowUhuRakiK38HADltMpGQpd4PaQEWSMg36IO5drDCG/
++t40of06mgBR7Qr96wr+S9sw7vbWrbgiCQ6MHVW2v9jheSDv5VZU/QsWHsL/Y3Crq
++fZuS2wATL24IMPWGXwF1yQ39fGm5SpJ/FsXzka9jPM43rvM7HGjqOpFddwnY90+r
++Sj0CTR3oV7uD1nE4B65gRsVMJkcEFxzHzgrQGGfm2mqirwyrd/eZl8YGh7gnrCvX
++tzEQMLy1MdSkOqTQKgsRFTEAEQEAAbQgRGFuaWVsIFN0ZW5iZXJnIDxkYW5pZWxA
++aGF4eC5zZT6JATcEEwEKACEFAlcGhyICGwMFCwkIBwMFFQoJCAsFFgIDAQACHgEC
++F4AACgkQ+f6v+dNKG9segAgAkPBvt1wBfhUY9rahK5CpWceyMMTuDwBOZxmrYgDM
++AbptmDWy+6E3I9CcvuQ2uzPoTD7ITi8fyY6MNRtzd95jgzOa0QxoHpVLReWdrpx2
++1aS/hj5SzhO5hJ1+09m5mAjec3+xcuXFYkJmAI8kloYzp1eDJMVq2TY/UsT3xCJ/
++v5kyp+/4EDkvpzLZwDAnmpu8u25PbmtPGig3ngkRN/B2FQPU0QipNDF4LgTmUW/B
++52MCMuEazBq7xYwJ0z8fMZu5D0anf9Fp9igC8xXqvqyyS9Sta5sIePS7642A6lQe
+++WvBwWCsGKvNB0SW6YJapslUIfRXk1w//NLPVTVbzBJGpLkBDQRXBociAQgAvIKq
++mdrHRwvLsQrdSJTYqSvJvss+xmSJr2FNwhmM2DQHxcB2oNikeKq5i1fRzPkjWxJk
++wEn/Ek8EXZx79uY5Mm3JbcZoX1r4zbNuhlLPH2eW/3HHSjdtcGsGUva9obZNb7HY
++bncYDT/RyFuPfk9H5+8nHyhv98fAKR/MZvWoLPCi+HAZVQ0eojlvEr/FXBd+LJxu
++WUTceZ/T0EZ5cpHuBC1pqXxvIoqWoK1rK14Ro81C3pzNjFmRUA69jhkNApJklQ3A
++YWiDdsbqsevUn/S6fqcC9f7Ay69GRQOJDFlkJ6Xt7RByDeA+tiH5p2WvROfvDII/
++v8FQvPzrt9B/NzYQ2QARAQABiQEfBBgBCgAJBQJXBociAhsMAAoJEPn+r/nTShvb
++spoH/0dr6IOKnqbEV2irLtMB58HLsqBsxDHFP3bohwWp/vRokPN5VAjeUYKo30Zb
++Td37A+sujJ5AFAo3HF9D18Q6+nUBcZYUhhi0Rki9AGkippJoDtbkjOp8O473Ebz0
++M2fzMoqeH+Ztgmi/9/LCEFTokftup0VIduqgb1NjrizQGRXqyEhU65tctIbkbsvF
++eHD7GtvTOXiJ7bAJ4IE4t1sYdz6jawqjWsETPpQErYN6w9+TPEE7uV9r0dNw3TdQ
++k8debNvaYJt4VXzI+xMChoa/ipkfX4Vf70u/fvjFNJdrgKNDNLF3R2RkYb5hCOhy
++g9+2CwI5WyKpbRaFFUgQn6EEAxSZAQ0EVwaI8QEIALuwKdpmpbF9c2AELs/bwFIN
++Sz3DjL88QWw6/1umBuBlqBfUWeEbR5XvWebSny/1PwF+3V5doF33vsOr2mCTmoo7
++TFmjx8LymsWoHl1vt8xS89kK4lNNvqUYzPg519PpoepS8n4sUXWYqfwSq3VDiycc
++ZIvU8jf/7jfmoNFCxTXkZ1iuPXBo0kqTv1p6z2iC5ojb85NCrMhw4Urm0mOVI4PW
++vI4gfV7y8P7kwyka+xHG/exAd5NmR9luTNIsWD8sqmiJCTKqXX4Es2EFiryhoT+O
++W9CtMSRsDIqkxJx3IfCaRZYqPJm1dOsC2UKiaeSLjILaUBX0xcg0ce80kFwhe9UA
++EQEAAbQgRGFuaWVsIFN0ZW5iZXJnIDxkYW5pZWxAaGF4eC5zZT6JATcEEwEKACEF
++AlcGiPECGwMFCwkIBwMFFQoJCAsFFgIDAQACHgECF4AACgkQXMkI/bceEsI4qQf/
++ULKgqI3Y8KBOVahhCym/8ACayP5wXBmhsjXrsqjAD6jfPFCrGDQxXd2zwb6KKD04
++i5i6uVAvkmvcJsOW1qJd1a1W15GH9UqnrUTDJervu+MlvHzWG865pdZYtKVTQoHf
++DsePpoP+a3XoOk5xj0DD3SYrK9p9FOowXtNxPsnkd4afY0vjl0+QCGIwMSASfD3I
++FPEr/HpShAY+CI5bFJI3sWiPeaFQ5+WnxbSueQtsniJynKbpa4spEwoB58O+TwZW
++UBa5cBv2CWgvU/q7e40eWWr8g4NHZtlQEjRA0qG+3SJKPtYqxz+RqqxyX4AT2N3/
++qRd3q+FM0VZ3N5yj/aYaVrkBDQRXBojxAQgA7FAAS8XeJ3FyfzS1tSEmDUn3x8BL
++sfHdaGUUbvi4CKRlCXUpmumsG7vRFZNvs2bW29l5dbrkiVjuSTjZuF9gOzUmsg9Y
++5Yq9XApYPGgRtiBb/K/LVM65cfbvrNvEuXk4QTyxC459dmwVJfYg8X2GyA0Zo3Oi
++vwp7tjkG4JAtwZlZbl0sVtspEqNcbwJpaawlWghzafJcICyzar2gInXdf/nP4SLf
++3avCLV3c3EBiRKINBqf5+RaQK9kf50eYWNDUA0MqJ6XFxbVV+KUrWG73OIEEN/xM
++IS53+rTCggAfuu8h+3iLcKqPKaicHITj86N8fyPgS15DyqiScwKOPA1WqQARAQAB
++iQEfBBgBCgAJBQJXBojxAhsMAAoJEFzJCP23HhLC6mMH/1NXhqdtkrnxs3tAnmoa
++dTcY2OW9YVlczDW7XFVztpsMnKqYV4lwniotSS8EDQ6y+VWcxaZ4KbOxeGVBUzgG
++/ohbKvskFaCQrmrYJZUHn1Xu/vOd/mRacwYWEMU+UuwZvENYsyhkYf4jLzjCEwkW
++B96vAInLV00P9sdc/O1+G8VeLw02UlQUlrxe2a6CbvwL6fA0dwWlULvQc+vehrxT
++U4Ncynsvxb90vd4theZEI13S6seBivMO3pX/N/nKa8+TnDgcGhyfahEImP8VcqEU
++BSm2alMTeDXK9hQua4Vw0YCc8ATGYCZ3o2qwKZuP+rHjK2O3m7G3ombohdX1yvLy
++LrE=
++=IGmU
++-----END PGP PUBLIC KEY BLOCK-----
--- /dev/null
--- /dev/null
++version=4
++opts=pgpmode=auto \
++ https://curl.se/download/ download/curl-([\d\.]+).tar.gz
projects / curl.git / commitdiff