-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Thu, 02 Jan 2025 21:11:56 -0300 Source: curl Binary: curl curl-dbgsym libcurl3-gnutls libcurl3-gnutls-dbgsym libcurl3-nss libcurl3-nss-dbgsym libcurl4 libcurl4-dbgsym libcurl4-gnutls-dev libcurl4-nss-dev libcurl4-openssl-dev Architecture: s390x Version: 7.88.1-10+deb12u9 Distribution: bookworm Urgency: medium Maintainer: s390x Build Daemon (zandonai) Changed-By: Aquila Macedo Costa Description: curl - command line tool for transferring data with URL syntax libcurl3-gnutls - easy-to-use client-side URL transfer library (GnuTLS flavour) libcurl3-nss - easy-to-use client-side URL transfer library (NSS flavour) libcurl4 - easy-to-use client-side URL transfer library (OpenSSL flavour) libcurl4-gnutls-dev - development files and documentation for libcurl (GnuTLS flavour) libcurl4-nss-dev - development files and documentation for libcurl (NSS flavour) libcurl4-openssl-dev - development files and documentation for libcurl (OpenSSL flavour) Changes: curl (7.88.1-10+deb12u9) bookworm; urgency=medium . * Team upload. * Import patches for CVE-2024-9681 - A vulnerability in curl's HSTS handling allows a subdomain’s expiry time to overwrite its parent domain’s cache entry. This can lead to unintended HTTPS upgrades or premature reversion to HTTP when both subdomains and parent domains are used. Affects applications with HSTS enabled, potentially disrupting access when a domain stops supporting HTTPS. * d/patches: - CVE-2024-9681-*.patch: Backport patches. - CVE-2024-9681-1: fix backport inconsistencies - large-time-testable-feature.patch: Import 'large-time' feature for tests - dont-stop-stunnel-before-retry.patch: Import patch to avoid stopping stunnel before retrying Checksums-Sha1: fcbe719649697c392b6189e3d3e86629766ddfb6 158416 curl-dbgsym_7.88.1-10+deb12u9_s390x.deb 9084b36d8c75c557c30955e6030d71f03e2eb712 12949 curl_7.88.1-10+deb12u9_s390x-buildd.buildinfo 278717fa0dd43e8492c3d65b75306311b7ecf358 309828 curl_7.88.1-10+deb12u9_s390x.deb 89a1fbfa79d5aa990bb70c27952c6991bef52845 1026096 libcurl3-gnutls-dbgsym_7.88.1-10+deb12u9_s390x.deb 2c169c870ddafba09a0444f80969641b523d7aac 360400 libcurl3-gnutls_7.88.1-10+deb12u9_s390x.deb 5808c8d0f5181eff57e80d9cb67fc2b548c7e793 1069588 libcurl3-nss-dbgsym_7.88.1-10+deb12u9_s390x.deb a0830d6f8fb7de490e9d9929b06c034f2d39c26f 368972 libcurl3-nss_7.88.1-10+deb12u9_s390x.deb 963e98fb072e953c873e3fa0ba55c30584b3cf12 1057220 libcurl4-dbgsym_7.88.1-10+deb12u9_s390x.deb a37c0b6b153b1e27c6be4fe51f181e2d7eda4655 461928 libcurl4-gnutls-dev_7.88.1-10+deb12u9_s390x.deb b3e75a6a7b92d7e9dee8d0bd64fa625e305d80b9 470888 libcurl4-nss-dev_7.88.1-10+deb12u9_s390x.deb 6fdf1a92cb068c79a60349aa623cf1dfaf5737fa 466536 libcurl4-openssl-dev_7.88.1-10+deb12u9_s390x.deb 05912a7490c7677d54504ce7cabbf6113223aebe 365772 libcurl4_7.88.1-10+deb12u9_s390x.deb Checksums-Sha256: ce5b6ea7bec1390d15224d637e1aeabfe477f1bd2ad71683cef84a56b91705cb 158416 curl-dbgsym_7.88.1-10+deb12u9_s390x.deb a7322876751bc34cac0063eba701c15561847e518fa8720b92bb1364d26cfe44 12949 curl_7.88.1-10+deb12u9_s390x-buildd.buildinfo d009c7d6daea8e9c57fa8b233990a065f3f2688eb54a0516bfb8ee77d5c03211 309828 curl_7.88.1-10+deb12u9_s390x.deb 260cb753363e31b0734c26ba31b787f212df4e8d1358428382c5f43d705876df 1026096 libcurl3-gnutls-dbgsym_7.88.1-10+deb12u9_s390x.deb 523d2f394b6e428e82fa730f0d2110f199f00a79471afe6ce13cb8248929ec51 360400 libcurl3-gnutls_7.88.1-10+deb12u9_s390x.deb 7e31fa6164c874e0bafe7a5bbf3ef99c1c9842747e363c975177722fba04f571 1069588 libcurl3-nss-dbgsym_7.88.1-10+deb12u9_s390x.deb 96f3c6b71530a96dd451b763a475cba7589a96517667e3ede14c06f9f8f1b709 368972 libcurl3-nss_7.88.1-10+deb12u9_s390x.deb eb949cf7f66a984ccba6889db0890436d23ba291f8fd50a0bc3b58eef9fcbbb2 1057220 libcurl4-dbgsym_7.88.1-10+deb12u9_s390x.deb adb796700841013330a4fb0c6b9157c08e2200c4ca0d61ba8d5741652c562a2b 461928 libcurl4-gnutls-dev_7.88.1-10+deb12u9_s390x.deb 50b27c96845c4d68e7fa4b4659c3fb7be47444de9953700d8dbe28916468bbf9 470888 libcurl4-nss-dev_7.88.1-10+deb12u9_s390x.deb 97b3c5ee4e8ddb99597552d05612f2ea8271be901b90b5ea98249b4876972a37 466536 libcurl4-openssl-dev_7.88.1-10+deb12u9_s390x.deb 49a9b82bcf0e801adf57ff469a23f259cc1fa7aaacafa57bc71ba468fe381415 365772 libcurl4_7.88.1-10+deb12u9_s390x.deb Files: 2a9282511594956a98b680df68adbad2 158416 debug optional curl-dbgsym_7.88.1-10+deb12u9_s390x.deb 511e0113631fecc7ab345a2fc2c3bf4b 12949 web optional curl_7.88.1-10+deb12u9_s390x-buildd.buildinfo b81f16f6fa32105aae8249127bdfab90 309828 web optional curl_7.88.1-10+deb12u9_s390x.deb 3a52f2a0dca2460523a4962a200f6b48 1026096 debug optional libcurl3-gnutls-dbgsym_7.88.1-10+deb12u9_s390x.deb 10818d89fd2fd5870ba742cf4f78e591 360400 libs optional libcurl3-gnutls_7.88.1-10+deb12u9_s390x.deb beafc264a32414cc8358b6b98b3897f4 1069588 debug optional libcurl3-nss-dbgsym_7.88.1-10+deb12u9_s390x.deb d50cebea78a97b0d85d3a1e8e3364576 368972 libs optional libcurl3-nss_7.88.1-10+deb12u9_s390x.deb c475e69eb0b710ea78c015f83c2bd1f1 1057220 debug optional libcurl4-dbgsym_7.88.1-10+deb12u9_s390x.deb 86ee0b5bdf50d30556c3d25cd1cd37fd 461928 libdevel optional libcurl4-gnutls-dev_7.88.1-10+deb12u9_s390x.deb 3ccc28f5130bfcc2d376a310fa733b6b 470888 libdevel optional libcurl4-nss-dev_7.88.1-10+deb12u9_s390x.deb 5e4a26697e0ce80ee385eb920bb5e139 466536 libdevel optional libcurl4-openssl-dev_7.88.1-10+deb12u9_s390x.deb 5b4d333c1d5c5b0bc0b00095ea0c6f96 365772 libs optional libcurl4_7.88.1-10+deb12u9_s390x.deb -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEu0D/YpnnSxv8epH9AKOyQzsWVasFAmeVJ8oACgkQAKOyQzsW VataIg//QflfJW+CqO4ahbBSOiBsqXEsPStOu8cwNm17zxXbYyfWwg5wuL5CxA4S fjrWg/dkwOh8QzrRqTx+wGpVcQH5JUOzxkEMVvFZbsOHZxxGnT8HEWBEmOJeWlXM 9Pu2qmHL+4dkLXGtV17XpTYxrmKFIZ8K4D8mjdxIWzEBX7t2Uc+A38qxuLrSw5sn 0tyx2eoC7kwETuUBRyUUERwQ/l01kG7FpdllbI8YYJcRzAFKr+YETsBwNYvUrpYH hOlwbsNFulOI8MYlgbZxITwxJZzMIesuxcI3IwVsnu8qUjZgWebwZV1tQCbWnxkj OmySaIDz/iJ6GxrB9HulPsRDbtrF4BKSqoJ6m3QvrWSekq0drpvkHODIU6g2rHvN zP7GrDWLfAi4zjIV1Fj8wrytY5sjRR8oUYuWwB/5YyStoIN7eaUC0Dm7tYcfFv3e pUDHPUi24CnDo9CCBlxjFYiG2+LzxIDTFMw6w+MbXAgpbmVhocC1kE5zF7zRGRo1 eRqPSGj00CDUrbWh9nJEL02v0f67WDcLq24vXxFBTlY+eiG15zry27vb84u+wt6e sUTjNe1WvY/q/o2Mf5aAsfim5wwpajMwaYQ3NxTG9D807WIkUyk6100Q5oHcrGTh iU1Z/FRYl6/Unq6SmQL6m9snmWS36wiUmdEEH4az/wwtOVp8IhY= =wrTD -----END PGP SIGNATURE-----