From: Raspbian automatic forward porter <root@raspbian.org>
Date: Thu, 12 Oct 2023 01:36:11 +0000 (+0100)
Subject: Merge version 7.88.1-10+rpi1 and 7.88.1-10+deb12u4 to produce 7.88.1-10+rpi1+deb12u4
X-Git-Tag: archive/raspbian/7.88.1-10+rpi1+deb12u4^0
X-Git-Url: https://dgit.raspbian.org/?a=commitdiff_plain;h=cefa9d4247721449ec41f1bad8bf19e3c0eafbd6;p=curl.git

Merge version 7.88.1-10+rpi1 and 7.88.1-10+deb12u4 to produce 7.88.1-10+rpi1+deb12u4
---

cefa9d4247721449ec41f1bad8bf19e3c0eafbd6
diff --cc debian/changelog
index 4b6a61c4,68aff509..0d188d65
--- a/debian/changelog
+++ b/debian/changelog
@@@ -1,9 -1,39 +1,46 @@@
- curl (7.88.1-10+rpi1) bookworm-staging; urgency=medium
++curl (7.88.1-10+rpi1+deb12u4) bookworm-staging; urgency=medium
 +
 +  [changes brought forward from 7.88.1-9+rpi1 by Peter Michael Green <plugwash@raspbian.org> at Sat, 20 May 2023 09:55:44 +0000]
 +  * Disable testsuite.
 +
-  -- Raspbian forward porter <root@raspbian.org>  Mon, 05 Jun 2023 04:33:19 +0000
++ -- Raspbian forward porter <root@raspbian.org>  Thu, 12 Oct 2023 01:36:10 +0000
++
+ curl (7.88.1-10+deb12u4) bookworm-security; urgency=high
+ 
+   * Add patches to fix CVE-2023-38545 and CVE-2023-38546
+ 
+  -- Samuel Henrique <samueloph@debian.org>  Thu, 05 Oct 2023 22:31:47 +0100
+ 
+ curl (7.88.1-10+deb12u3) bookworm; urgency=medium
+ 
+   * Team upload.
+ 
+   [ Andreas Hasenack ]
+   * Move ldap-test to a script and add retry logic.
+ 
+   [ Carlos Henrique Lima Melara ]
+   * Fix CVE-2023-38039: HTTP headers eat all memory.
+       - Done by debian/patches/CVE-2023-38039.patch.
+ 
+  -- Carlos Henrique Lima Melara <charlesmelara@riseup.net>  Fri, 15 Sep 2023 22:31:23 +0530
+ 
+ curl (7.88.1-10+deb12u2) bookworm; urgency=medium
+ 
+   * Team upload.
+   * LDAP backend: correct the usage of OpenLDAP-specific functionality being
+     disabled with an upstream patch (Closes: #1041964)
+     This corrects the improper fetching of binary attributes.
+   * debian/tests: add a DEP-8 test that getting binary LDAP attributes works now
+ 
+  -- John Scott <jscott@posteo.net>  Tue, 25 Jul 2023 08:11:34 -0400
+ 
+ curl (7.88.1-10+deb12u1) bookworm-security; urgency=medium
+ 
+   * Team upload.
+   * Fix CVE-2023-32001: TOCTOU race condition in Curl_fopen():
+     - Done by d/p/CVE-2023-32001.patch (Closes: #1041812).
+ 
+  -- Carlos Henrique Lima Melara <charlesmelara@riseup.net>  Sun, 23 Jul 2023 18:43:52 -0300
  
  curl (7.88.1-10) unstable; urgency=medium