News for package curl

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 3.0 (quilt)
Source: curl
Binary: curl, libcurl3, libcurl3-gnutls, libcurl3-nss, libcurl4-openssl-dev, libcurl4-gnutls-dev, libcurl4-nss-dev, libcurl3-dbg
Architecture: any
Version: 7.26.0-1+wheezy13
Maintainer: Alessandro Ghedini <[email protected]>
Uploaders: Ian Jackson <[email protected]>, Luk Claes <[email protected]>
Homepage: http://curl.haxx.se
Standards-Version: 3.9.3
Vcs-Browser: http://git.debian.org/?p=collab-maint/curl.git
Vcs-Git: git://git.debian.org/collab-maint/curl.git
Build-Depends: debhelper (>= 9), autoconf, automake1.9, groff-base, libgcrypt11-dev, libgnutls-dev, libidn11-dev, libkrb5-dev, libldap2-dev, libnss3-dev, librtmp-dev, libssh2-1-dev (>= 1.2), libssl-dev, libtool, openssh-server, quilt, stunnel4, zlib1g-dev
Build-Conflicts: autoconf2.13, automake1.4
Package-List: 
 curl deb web optional
 libcurl3 deb libs optional
 libcurl3-dbg deb debug extra
 libcurl3-gnutls deb libs optional
 libcurl3-nss deb libs optional
 libcurl4-gnutls-dev deb libdevel optional
 libcurl4-nss-dev deb libdevel optional
 libcurl4-openssl-dev deb libdevel optional
Checksums-Sha1: 
 66e1fd0312f62374b96fe02e644f66202fd6324b 3073624 curl_7.26.0.orig.tar.gz
 23cacf968e009923447fa645af134b6ae85e81da 42245 curl_7.26.0-1+wheezy13.debian.tar.gz
Checksums-Sha256: 
 79ccce9edb8aee17d20ad4d75e1f83a789f8c2e71e68f468e1bf8abf8933193f 3073624 curl_7.26.0.orig.tar.gz
 72492ae7016aca39f0b3a45273ac634c6373e617c1ac9e8725983104ff1947c0 42245 curl_7.26.0-1+wheezy13.debian.tar.gz
Files: 
 3fa4d5236f2a36ca5c3af6715e837691 3073624 curl_7.26.0.orig.tar.gz
 5a8446d3842d40f22c8ee07346c2469d 42245 curl_7.26.0-1+wheezy13.debian.tar.gz

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCgAGBQJVNkC1AAoJEK+lG9bN5XPL1H4P/14d52gKd9jI0ARZB8nQbE8+
6LtUvTgydr7FL5yDi+VYIc0CDtlClUIKEa17FbjuVLKGO4PGfW94Yjuly9Tgi/xS
LGvMt/DtHEmSObkBjtj0l+bMxOQ8wE3EeSRCTKKzGgAbA9NBAYhFDI+tZM7R/D87
6S7kncQJB8c0DHCjG04FE2sf1brK11BgfCgPBTmvI/8YFJGrj0C0VByuPcJupKwh
+kO55tUH1Q0gixnCkiEg821BJfpulhE8m+wkCtfrH9rKnAsoXLC31AdUodAhNJlY
HCZw2fnUi+WrXRGS9BQ2HISv9h17mbAdfq6pSku1CiMpJsKeKdWS3IDoxZ9lcwMg
0T1AUH4e2dSmVLrYPZv9g+8LoIEv6ZDPLqGaIvaC8NxohFEfmlPIXcxCjXh1LVD5
fCWcn8LHlFHaA3mV623ePvRxl/40R3XhjIczPapE6LDOOvbg+xhmaAUTBFu9s9PJ
8hAKEWZVx/DhmCaqswP40u9pNH7xB1nToFy5H5muxZ4ZG0VVGH5Akc4YBh9Svqo8
fi2/thrAQdErxMOVlS6gmK1nf+OnyfcfVO9DSz9dtOa+3J23gcQuZIkVsg2njLzu
PG9gFWeKnneRwdVhFA5dSFOpEblqL9lpsvBGYAR40qu8RcGSd96LMgatckKYQiBU
66RGKFXEPA9TQjm6j7aB
=JumR
-----END PGP SIGNATURE-----

Changes:
curl (7.26.0-1+wheezy13) wheezy-security; urgency=high

  * Fix re-using authenticated connection when unauthenticated
    as per CVE-2015-3143
    http://curl.haxx.se/docs/adv_20150422A.html
  * Fix Negotiate not treated as connection-oriented as per CVE-2015-3148
    http://curl.haxx.se/docs/adv_20150422B.html

 -- Alessandro Ghedini <[email protected]>  Tue, 21 Apr 2015 13:51:57 +0200