-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Tue, 02 Apr 2024 20:02:10 -0300
Source: curl
Binary: curl curl-dbgsym libcurl3-gnutls libcurl3-gnutls-dbgsym libcurl3-nss libcurl3-nss-dbgsym libcurl4 libcurl4-dbgsym libcurl4-gnutls-dev libcurl4-nss-dev libcurl4-openssl-dev
Architecture: amd64
Version: 7.88.1-10+deb12u6
Distribution: bookworm
Urgency: medium
Maintainer: amd64 / i386 Build Daemon (x86-csail-01) <buildd_amd64-x86-csail-01@buildd.debian.org>
Changed-By: Guilherme Puida Moreira <guilherme@puida.xyz>
Description:
 curl       - command line tool for transferring data with URL syntax
 libcurl3-gnutls - easy-to-use client-side URL transfer library (GnuTLS flavour)
 libcurl3-nss - easy-to-use client-side URL transfer library (NSS flavour)
 libcurl4   - easy-to-use client-side URL transfer library (OpenSSL flavour)
 libcurl4-gnutls-dev - development files and documentation for libcurl (GnuTLS flavour)
 libcurl4-nss-dev - development files and documentation for libcurl (NSS flavour)
 libcurl4-openssl-dev - development files and documentation for libcurl (OpenSSL flavour)
Closes: 1053643
Changes:
 curl (7.88.1-10+deb12u6) bookworm; urgency=medium
 .
   * Team upload.
 .
   [ Sergio Durigan Junior ]
   * d/p/openldap-create-ldap-URLs-correctly-for-IPv6-addresses.patch:
     (Closes: #1053643)
 .
   [ Guilherme Puida Moreira ]
   * Add patches to fix CVE-2024-2004 and CVE-2024-2398.
     - CVE-2024-2004: When a protocol selection parameter disables all
       protocols without adding any then the default set of protocols would
       remain in the allowed set due to an error in the logic for removing
       protocols.
     - CVE-2024-2398: When an application tells libcurl it wants to allow
       HTTP/2 server push and the amount of received headers for the push
       surpasses the maximum allowed limit (1000), libcurl aborts the server
       push and leaks the memory allocated for the previously allocated
       headers.
   * d/p/openldap-create-ldap-URLs-correctly-for-IPv6-addresses.patch:
     Refresh patch.
Checksums-Sha1:
 c269d58c4ddc5a6898ddba40eba141f495776dbe 160552 curl-dbgsym_7.88.1-10+deb12u6_amd64.deb
 1450d0c733f3f8ec50002c6fc799a6296fbad232 12968 curl_7.88.1-10+deb12u6_amd64-buildd.buildinfo
 622aa267a58c99dd13841b2b53eba9322141e759 314484 curl_7.88.1-10+deb12u6_amd64.deb
 40218e5fa58a140ab40c6d1158703ac697402374 1024428 libcurl3-gnutls-dbgsym_7.88.1-10+deb12u6_amd64.deb
 e9a5ec73bd32c7684465c213a3ad93804cb9e405 384704 libcurl3-gnutls_7.88.1-10+deb12u6_amd64.deb
 a0dfab8da799bbaaabe538f230795588e114560f 1068384 libcurl3-nss-dbgsym_7.88.1-10+deb12u6_amd64.deb
 7267bb1afa1167a5b9ed2e40bef803d534de6515 393704 libcurl3-nss_7.88.1-10+deb12u6_amd64.deb
 d208ef7124524ab2941601f4174888c2a2f3d574 1053008 libcurl4-dbgsym_7.88.1-10+deb12u6_amd64.deb
 c33f3e40db4383b3482b42d5e252d6d60f2d8910 485188 libcurl4-gnutls-dev_7.88.1-10+deb12u6_amd64.deb
 cdb33b4bec58989b1d25a1dfe3e1d17f2e3f1772 494708 libcurl4-nss-dev_7.88.1-10+deb12u6_amd64.deb
 69b7bb2db5c031542164a52281a31f919818a5c7 491012 libcurl4-openssl-dev_7.88.1-10+deb12u6_amd64.deb
 6c357cbe48724917cbeb103ba16696332bec54d0 390336 libcurl4_7.88.1-10+deb12u6_amd64.deb
Checksums-Sha256:
 89c1ce4201de06863fd6373366a55bb265697cf8862dd2c7997002760bb004a8 160552 curl-dbgsym_7.88.1-10+deb12u6_amd64.deb
 4a066d7979ab38c218050157b30b9f6fda613dbc0e3b76974057aa5e713ff385 12968 curl_7.88.1-10+deb12u6_amd64-buildd.buildinfo
 fd3345124b9d114da93ac1d547e36c29dac764d990c9fc9dff4341689419b9c1 314484 curl_7.88.1-10+deb12u6_amd64.deb
 5f3aba2874e714ecee43b16c6c39ce1406121c36aa32df053956a685409248cb 1024428 libcurl3-gnutls-dbgsym_7.88.1-10+deb12u6_amd64.deb
 191c3901ce79837c698fbd48a48687cc45e6af1db1d541ec31612c3323191496 384704 libcurl3-gnutls_7.88.1-10+deb12u6_amd64.deb
 728ab27753b2e4170eeb9f2e55c290977af63680de80362bd3d7fba574d4e0cd 1068384 libcurl3-nss-dbgsym_7.88.1-10+deb12u6_amd64.deb
 da5babe3cefbafea8f82b674e8c768aec262b3789da45abc58669c8f9f8a3689 393704 libcurl3-nss_7.88.1-10+deb12u6_amd64.deb
 56040ad58ad01c698ee811e64befbd3e57c49ab1f0965ea2a9ce8ef317c7f042 1053008 libcurl4-dbgsym_7.88.1-10+deb12u6_amd64.deb
 ffb807ffb7d63eb48754b4daed516ae58280b6a60a8bbaf0b16bcb0d0ec45324 485188 libcurl4-gnutls-dev_7.88.1-10+deb12u6_amd64.deb
 8a1376d79c60247660b64e401ac69cac2564b64eae150dc78db2775a507b4c5b 494708 libcurl4-nss-dev_7.88.1-10+deb12u6_amd64.deb
 e1a82c1ef5a89223aa97b129e439c0ca8adfdcfc94b7c0370a95fcddb6182e57 491012 libcurl4-openssl-dev_7.88.1-10+deb12u6_amd64.deb
 dede58dc35a53151c9c07dc2be6bc12f4c02ec1b1b13e2a0f3ae994a2dcfd2b5 390336 libcurl4_7.88.1-10+deb12u6_amd64.deb
Files:
 37a74ec8979ddd0b493215f5d7f249e2 160552 debug optional curl-dbgsym_7.88.1-10+deb12u6_amd64.deb
 921634e708a5cd64819a9c6c5515b40b 12968 web optional curl_7.88.1-10+deb12u6_amd64-buildd.buildinfo
 22496278be24efb6d62b05a0aceacb5a 314484 web optional curl_7.88.1-10+deb12u6_amd64.deb
 4e0d8b5b3fbe2e8b9e40e5ff20e08ff0 1024428 debug optional libcurl3-gnutls-dbgsym_7.88.1-10+deb12u6_amd64.deb
 af886083eb30f639c714aa56402ceb94 384704 libs optional libcurl3-gnutls_7.88.1-10+deb12u6_amd64.deb
 fca57108242300edb0385c70d79b76dc 1068384 debug optional libcurl3-nss-dbgsym_7.88.1-10+deb12u6_amd64.deb
 a088ddcbb27797ddb0a2ff373fd691c7 393704 libs optional libcurl3-nss_7.88.1-10+deb12u6_amd64.deb
 99683eab73ecfaf75e77549d669638a5 1053008 debug optional libcurl4-dbgsym_7.88.1-10+deb12u6_amd64.deb
 3fffcc7580bf192b1edf9e0addd206e4 485188 libdevel optional libcurl4-gnutls-dev_7.88.1-10+deb12u6_amd64.deb
 63610a78d67844e62d2a1f31f5645501 494708 libdevel optional libcurl4-nss-dev_7.88.1-10+deb12u6_amd64.deb
 b80f4c0b36eb2efa5ad909c80494483e 491012 libdevel optional libcurl4-openssl-dev_7.88.1-10+deb12u6_amd64.deb
 56f70ae4c715235eed77a13f19c9598e 390336 libs optional libcurl4_7.88.1-10+deb12u6_amd64.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEvy6d65NNYPbL6IQIEQ1nooK/IAQFAmYVfaoACgkQEQ1nooK/
IAS/dw/9HIDHCRCXR9VWl0DvmKMy5FVCSBdib/po0F8ZfjFopU9eG70DrJCG2Ghg
//VNiUxlZ67RgmtrVrJHP1LnUDIXA5APGQoRXrK/8LuWC2z67c5vxEfUkeIjJDgR
s2w6o0HXRk7xwQvacnMqFfZlkYMzfpNYbx7JpU0CUiAfJ27wzfexWcn2JbB5Z/6U
sHBeRMsqySXde8x2klLTGWy27eitcXrK/45DMrz1/0REOP8lzobx+QDAPt20ENQo
8gaZSBDQ/l6y1GlVDZTg2g0aaba3p/eTCYbK6RKZd/hnLfCHxtqXyszTOK6pUI+r
2Jeqm1Fbkp5j9yj3YY9wWONXYISL05yjqCCaHiv9Dc9PzYZpbCJytUGabVWNAiIl
SMvGW4t/QM2bSoAqlVC3BAQt6PE0kJAAsywYMg6KMo5PIox+YN/KtG5OAcphuGka
CjSSwoj4sLU2KF2oAfanRHweycH3kGzEYUIbowMYhvlj+VxsPmRjaNal/DfWgag4
HyHlpqdKNTK8RTFKL2fCcQsU/ZQMOKUTYqPiKa87GMFMVZkHHqLeu+kJtfHGoFRl
C4SXGhFfptoeM0zzJcXE1+IolOqexTblMVNS2sT0AbS+l2eB+42vC1mK/rCn8ygb
ih5n+cGtACFmbqmvrSYE6V+cgTYV+7uLNY0ZkK0M924XOz1Aisk=
=P8yT
-----END PGP SIGNATURE-----