From: Raspbian automatic forward porter Date: Sun, 22 Oct 2023 10:28:20 +0000 (+0100) Subject: Merge version 7.88.1-10+rpi1 and 8.4.0-2 to produce 8.4.0-2+rpi1 X-Git-Tag: archive/raspbian/8.4.0-2+rpi1^0 X-Git-Url: https://dgit.raspbian.org/?a=commitdiff_plain;h=f612707f70457e71a8278c37737c0698fe9cb72e;p=curl.git Merge version 7.88.1-10+rpi1 and 8.4.0-2 to produce 8.4.0-2+rpi1 --- f612707f70457e71a8278c37737c0698fe9cb72e diff --cc debian/changelog index 4b6a61c4,b69d34a5..9ebd2dff --- a/debian/changelog +++ b/debian/changelog @@@ -1,9 -1,101 +1,108 @@@ - curl (7.88.1-10+rpi1) bookworm-staging; urgency=medium ++curl (8.4.0-2+rpi1) trixie-staging; urgency=medium + + [changes brought forward from 7.88.1-9+rpi1 by Peter Michael Green at Sat, 20 May 2023 09:55:44 +0000] + * Disable testsuite. + - -- Raspbian forward porter Mon, 05 Jun 2023 04:33:19 +0000 ++ -- Raspbian forward porter Sun, 22 Oct 2023 10:28:20 +0000 ++ + curl (8.4.0-2) unstable; urgency=medium + + * d/rules: set CURL_PATCHSTAMP to package's version, so it shows up in + "--version" output + + -- Samuel Henrique Sat, 14 Oct 2023 12:19:21 +0100 + + curl (8.4.0-1) unstable; urgency=medium + + * New upstream version 8.4.0 + * d/libcurl*.symbols: New symbol curl_multi_get_handles + * d/patches: + - Remove patches from 8.4.0 release + - 90_gnutls.patch: Update patch + + -- Samuel Henrique Fri, 13 Oct 2023 00:53:16 +0100 + + curl (8.3.0-3) unstable; urgency=high + + * Add patches to fix CVE-2023-38545 and CVE-2023-38546 + + -- Samuel Henrique Thu, 05 Oct 2023 22:26:40 +0100 + + curl (8.3.0-2) unstable; urgency=medium + + * d/rules: Add test 3102 to TESTS_FAILS_ON_IPV6_ONLY_MACHINES + * d/patches: Import two upstream patches to try to fix FTBFS on armel/armhf + - test650_fix_an_end_tag_typo.patch + - tests_increase_the_default_server_logs_lock_timeout.patch + * d/p/lib_use_wrapper_for_curl_mime_data_fseek_callback.patch: New patch to + fix armel/armhf FTBFS + + -- Samuel Henrique Sun, 01 Oct 2023 15:01:42 +0100 + + curl (8.3.0-1) unstable; urgency=medium + + * New upstream version 8.3.0 + - Fix CVE-2023-38039: HTTP headers eat all memory + * debian/: Remove files used for the nss packaging + * d/patches: + - Refresh patches + - gen_pl_escape_all_dashes.patch: Drop merged patch + - 90_gnutls.patch: Update patch + * d/libcurl*.symbols: New symbol curl_global_trace + + -- Samuel Henrique Thu, 14 Sep 2023 16:13:10 +0530 + + curl (8.2.1-2) unstable; urgency=medium + + [ Andreas Hasenack ] + * Move ldap-test to a script and add retry logic + + [ Samuel Henrique ] + * Build without nss, dropped by upstream in the next release + * d/p/gen_pl_escape_all_dashes.patch: New patch to fix manpage generation + (closes: #1043309, #1043339) + + -- Samuel Henrique Fri, 25 Aug 2023 20:05:02 +0100 + + curl (8.2.1-1) unstable; urgency=medium + + [ Samuel Henrique ] + * New upstream version 8.2.1 + + [ Sergio Durigan Junior ] + * d/p/{90_gnutls,99_nss}.patch: + Update GNUTls/NSS patches to unbreak tests/http/clients + * Drop unnecessary patches. + d/p/CVE-2023-27533.patch + d/p/CVE-2023-27534.patch + d/p/CVE-2023-27535.patch + d/p/CVE-2023-27536.patch + d/p/CVE-2023-27537.patch + d/p/CVE-2023-27538.patch + d/p/CVE-2023-28319.patch + d/p/CVE-2023-28320-1.patch + d/p/CVE-2023-28320.patch + d/p/CVE-2023-28321.patch + d/p/CVE-2023-28322.patch + d/p/CVE-2023-32001.patch + d/p/Use-OpenLDAP-specific-functionality.patch + d/p/fix-unix-domain-socket.patch + + -- Sergio Durigan Junior Thu, 03 Aug 2023 20:00:01 -0400 + + curl (7.88.1-11) unstable; urgency=medium + + [ Carlos Henrique Lima Melara ] + * Fix CVE-2023-32001: TOCTOU race condition in Curl_fopen(): + - Done by d/p/CVE-2023-32001.patch (Closes: #1041812). + + [ John Scott ] + * LDAP backend: correct the usage of OpenLDAP-specific functionality being + disabled with an upstream patch (Closes: #1041964) + This corrects the improper fetching of binary attributes. + * debian/tests: add a DEP-8 test that getting binary LDAP attributes works now + + -- Samuel Henrique Fri, 28 Jul 2023 21:11:25 +0100 curl (7.88.1-10) unstable; urgency=medium