-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 3.0 (quilt) Source: curl Binary: curl, libcurl3, libcurl3-gnutls, libcurl3-nss, libcurl4-openssl-dev, libcurl4-gnutls-dev, libcurl4-nss-dev, libcurl3-dbg, libcurl4-doc Architecture: any all Version: 7.38.0-4 Maintainer: Alessandro Ghedini <[email protected]> Uploaders: Ian Jackson <[email protected]> Homepage: http://curl.haxx.se Standards-Version: 3.9.5 Vcs-Browser: http://anonscm.debian.org/gitweb/?p=collab-maint/curl.git Vcs-Git: git://anonscm.debian.org/collab-maint/curl.git Build-Depends: debhelper (>= 9), autoconf, automake, ca-certificates, groff-base, libgnutls28-dev, libidn11-dev, libkrb5-dev, libldap2-dev, libnss3-dev, librtmp-dev (>= 2.4+20131018.git79459a2-3~), libssh2-1-dev, libssl-dev, libtool, openssh-server, python, quilt, stunnel4, zlib1g-dev Build-Conflicts: autoconf2.13, automake1.4 Package-List: curl deb web optional arch=any libcurl3 deb libs optional arch=any libcurl3-dbg deb debug extra arch=any libcurl3-gnutls deb libs optional arch=any libcurl3-nss deb libs optional arch=any libcurl4-doc deb doc optional arch=all libcurl4-gnutls-dev deb libdevel optional arch=any libcurl4-nss-dev deb libdevel optional arch=any libcurl4-openssl-dev deb libdevel optional arch=any Checksums-Sha1: 40d8ec9063f076005535139c9229ac77c57f0300 4094034 curl_7.38.0.orig.tar.gz bc8b9fdbe1c4b84c3d31382066dd507c4e2fda33 29988 curl_7.38.0-4.debian.tar.xz Checksums-Sha256: 5661028aa6532882fa228cd23c99ddbb8b87643dbb1a7ea55c068d34a943dff1 4094034 curl_7.38.0.orig.tar.gz 63aba5be2e872a57e2db47cbf53e61a7fe9c64710b8f498843b1aca123f6c6be 29988 curl_7.38.0-4.debian.tar.xz Files: b6e3ea55bb718f2270489581efa50a8a 4094034 curl_7.38.0.orig.tar.gz f197f0e97a0633fa06a95a13d2d738c0 29988 curl_7.38.0-4.debian.tar.xz -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBAgAGBQJUrlnmAAoJEK+lG9bN5XPL2mYP/iYYmVU9hWCj/mhvF48SRmBQ f7lqa6SKcZSpbXglKC+5xD6v24mjqdNDSXdoH+LheaZFQuNJtRgzRbXbK58LK2L9 x8Nrv+ZX8yGFFRLn/6IQDqfMqS4/zEF81yKtKgrI7O+MdDka1Qj5LFdTmSFhgk+t 9S58OOt2+vnyMutt6ImgJ43fk1f8LjT20ylZZv6yb3XLrn5+0fpMOmOoRQqAlBkd tmtyI+84d/x87VUw1kvYy6JzIxC35NV6XZBceIeVjBgQBkuHWciyUNTrvegCfWxS hlJcMRKFqJy3TidHUO3IkkZCZYjabQKPDzY91wdaO7k3SjK1m9MDyVLQRS274+PJ 0XocIbj4af1/exhU+Hoq5Ttt6JpTktkKpG/LkMVRf2KxNzJ3DgY4pknsFvq/7zDQ woY5BhlauD4xo9ckIsOO83C76GWFScJAX5WTMZtTA+e37VZ4NpND6fMV2SygksVI vaSRNisWDWru4vgQMxceNLGfhle5LdvcCSLnS03bNRmB8SwQyc7w8+o2+ifo0fot WPKCk2PUmcLm19q8mcHf+H2mQ0qZHJuF5oxMAs0qNGO9WexZGUQO3Kx3yA/1AZDC jNQnDOZMNE6Vlph5oLFEB3PYgVxCAcPH3o+/e0l2X7rGB3o2ZSXoueY7XzxTC3VE fOr4BLiquM3rpw0KDsXe =ed4a -----END PGP SIGNATURE----- Changes: curl (7.38.0-4) unstable; urgency=high * Fix URL request injection vulnerability as per CVE-2014-8150 http://curl.haxx.se/docs/adv_20150108B.html * Set urgency=high accordingly -- Alessandro Ghedini <[email protected]> Thu, 08 Jan 2015 10:47:24 +0100