Merge version 7.88.1-9+rpi1 and 7.88.1-10 to produce 7.88.1-10+rpi1

author Raspbian automatic forward porter <root@raspbian.org>

Mon, 5 Jun 2023 04:33:19 +0000 (05:33 +0100)

committer Raspbian automatic forward porter <root@raspbian.org>

Mon, 5 Jun 2023 04:33:19 +0000 (05:33 +0100)
author Raspbian automatic forward porter <root@raspbian.org>
Mon, 5 Jun 2023 04:33:19 +0000 (05:33 +0100)
committer Raspbian automatic forward porter <root@raspbian.org>
Mon, 5 Jun 2023 04:33:19 +0000 (05:33 +0100)
diff --cc debian/changelog

index 14d3036f10409ba2cae6a1c8a4e3beeb9d1aec85,f420a8af38fee000e210f4c5b0e4fbcc2d8fa1ad..4b6a61c4408b1fd5df00bdc9cbf3a662e846bd5e
--- 1/debian/changelog
--- 2/debian/changelog
+++ b/debian/changelog
@@@ -1,8 -1,14 +1,21 @@@
- curl (7.88.1-9+rpi1) bookworm-staging; urgency=medium
++curl (7.88.1-10+rpi1) bookworm-staging; urgency=medium
+ +
++  [changes brought forward from 7.88.1-9+rpi1 by Peter Michael Green <plugwash@raspbian.org> at Sat, 20 May 2023 09:55:44 +0000]
+ +  * Disable testsuite.
+ +
-  -- Peter Michael Green <plugwash@raspbian.org>  Sat, 20 May 2023 09:55:44 +0000
++ -- Raspbian forward porter <root@raspbian.org>  Mon, 05 Jun 2023 04:33:19 +0000
++
+ curl (7.88.1-10) unstable; urgency=medium
+ 
+   * Add new patches to fix CVEs (closes: #1036239):
+     - CVE-2023-28319: UAF in SSH sha256 fingerprint check
+     - CVE-2023-28320: siglongjmp race condition
+     - CVE-2023-28321: IDN wildcard match
+     - CVE-2023-28322: more POST-after-PUT confusion
+   * d/libcurl*.symbols: Drop curl_jmpenv, not built anymore due to
+     CVE-2023-28320
+ 
+  -- Samuel Henrique <samueloph@debian.org>  Thu, 18 May 2023 23:43:40 +0100
   
   curl (7.88.1-9) unstable; urgency=medium
author	Raspbian automatic forward porter <root@raspbian.org>
	Mon, 5 Jun 2023 04:33:19 +0000 (05:33 +0100)
committer	Raspbian automatic forward porter <root@raspbian.org>
	Mon, 5 Jun 2023 04:33:19 +0000 (05:33 +0100)