From: Raspbian automatic forward porter <root@raspbian.org>
Date: Wed, 13 Nov 2024 02:21:56 +0000 (+0000)
Subject: Merge version 7.88.1-10+rpi1+deb12u7 and 7.88.1-10+deb12u8 to produce 7.88.1-10+rpi1... 
X-Git-Tag: archive/raspbian/7.88.1-10+rpi1+deb12u8^0
X-Git-Url: https://dgit.raspbian.org/?a=commitdiff_plain;h=5cbe71a8b82f01557b31004cdbb76e48e20ece9a;p=curl.git

Merge version 7.88.1-10+rpi1+deb12u7 and 7.88.1-10+deb12u8 to produce 7.88.1-10+rpi1+deb12u8
---

5cbe71a8b82f01557b31004cdbb76e48e20ece9a
diff --cc debian/changelog
index f3627f6e,41d18b39..cc613d4b
--- a/debian/changelog
+++ b/debian/changelog
@@@ -1,9 -1,13 +1,20 @@@
- curl (7.88.1-10+rpi1+deb12u7) bookworm-staging; urgency=medium
++curl (7.88.1-10+rpi1+deb12u8) bookworm-staging; urgency=medium
 +
 +  [changes brought forward from 7.88.1-9+rpi1 by Peter Michael Green <plugwash@raspbian.org> at Sat, 20 May 2023 09:55:44 +0000]
 +  * Disable testsuite.
 +
-  -- Raspbian forward porter <root@raspbian.org>  Fri, 06 Sep 2024 23:04:19 +0000
++ -- Raspbian forward porter <root@raspbian.org>  Wed, 13 Nov 2024 02:21:55 +0000
++
+ curl (7.88.1-10+deb12u8) bookworm; urgency=medium
+ 
+   * Team upload.
+   * Import patch for CVE-2024-8096
+     - CVE-2024-8096: When the TLS backend is GnuTLS, curl may incorrectly
+       handle OCSP stapling. If the OCSP status reports an error other than
+       "revoked" (e.g., "unauthorized"), it is not treated as a bad certificate,
+       potentially allowing invalid certificates to be considered valid.
+ 
+  -- Aquila Macedo Costa <aquilamacedo@riseup.net>  Tue, 17 Sep 2024 16:29:24 -0300
  
  curl (7.88.1-10+deb12u7) bookworm; urgency=medium