-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Tue, 24 Jan 2012 15:14:25 +0100 Source: curl Binary: curl libcurl3 libcurl3-gnutls libcurl4-openssl-dev libcurl4-gnutls-dev libcurl3-dbg Architecture: s390 Version: 7.21.0-2.1+squeeze1 Distribution: squeeze-security Urgency: high Maintainer: s390/s390x Build Daemon (zandonai) Changed-By: Alessandro Ghedini Description: curl - Get a file from an HTTP, HTTPS or FTP server libcurl3 - Multi-protocol file transfer library (OpenSSL) libcurl3-dbg - libcurl compiled with debug symbols libcurl3-gnutls - Multi-protocol file transfer library (GnuTLS) libcurl4-gnutls-dev - Development files and documentation for libcurl (GnuTLS) libcurl4-openssl-dev - Development files and documentation for libcurl (OpenSSL) Changes: curl (7.21.0-2.1+squeeze1) stable-security; urgency=high . * Non-maintainer upload * Fix URL sanitization vulnerability as per CVE-2012-0036 http://curl.haxx.se/docs/adv_20120124.html * Fix SSL CBC IV vulnerability as per CVE-2011-3389 http://curl.haxx.se/docs/adv_20120124B.html * Set urgency=high accordingly Checksums-Sha1: 30b41c25afdf5dbd889d523059cfdb90a9a34d57 228848 curl_7.21.0-2.1+squeeze1_s390.deb f4cbe4067377ce4bdec9381f120ea5d27cec09e8 298816 libcurl3_7.21.0-2.1+squeeze1_s390.deb 31571a3b703a863352f2a3d375ceacde42e9d1dc 277608 libcurl3-gnutls_7.21.0-2.1+squeeze1_s390.deb 129ffd598e6e3f6d1076b1f08b29ad5b3e585f63 1083976 libcurl4-openssl-dev_7.21.0-2.1+squeeze1_s390.deb 585deeb7d8c6140ac738bca7d81f94a2d2f5b9df 1060118 libcurl4-gnutls-dev_7.21.0-2.1+squeeze1_s390.deb 3674cc9b367bdda0a2391117aaf40aec03c91a5f 107242 libcurl3-dbg_7.21.0-2.1+squeeze1_s390.deb Checksums-Sha256: 169c806e7a9273101c82b8bf9f93f3104aac8e712a6e1f5daf14899c37f51059 228848 curl_7.21.0-2.1+squeeze1_s390.deb 3d72652c872803732d3d10be82b5a849d44a7f8edc1a14b8089373dc374db88b 298816 libcurl3_7.21.0-2.1+squeeze1_s390.deb ee599a0360d1c04b47df39b1b827aa49f433080555b41ef7156540c7053b46ef 277608 libcurl3-gnutls_7.21.0-2.1+squeeze1_s390.deb 8358a44733b5e282bdb26bc4bafb7f2b741cc843d4f0deef4ff84569f5c6e1fc 1083976 libcurl4-openssl-dev_7.21.0-2.1+squeeze1_s390.deb 3ff5c3184717c5a2af7e1a9050f0c9b3af16ccbb7b655b958de5d58b9a40684f 1060118 libcurl4-gnutls-dev_7.21.0-2.1+squeeze1_s390.deb a5e1a7c209be779020e1fbc2268c1f5eaad723c5e5267974468e5dc3c579297c 107242 libcurl3-dbg_7.21.0-2.1+squeeze1_s390.deb Files: 2c701ae426c4ba42ab156767b79b2ea0 228848 web optional curl_7.21.0-2.1+squeeze1_s390.deb dea1fab79389ed83da1ecfe13495e45c 298816 libs optional libcurl3_7.21.0-2.1+squeeze1_s390.deb 84ede621c1c7760b96db5f35f3bfc71c 277608 libs optional libcurl3-gnutls_7.21.0-2.1+squeeze1_s390.deb 049ff04c7b1ac4ff2414b4ffe32295ce 1083976 libdevel optional libcurl4-openssl-dev_7.21.0-2.1+squeeze1_s390.deb 1a2d529736538aa99498c24ce7253a47 1060118 libdevel optional libcurl4-gnutls-dev_7.21.0-2.1+squeeze1_s390.deb 7ce86cb1fc16c8895c5e26c0175afa07 107242 debug extra libcurl3-dbg_7.21.0-2.1+squeeze1_s390.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iQIcBAEBCAAGBQJPJUqIAAoJELWkVFx3JxH3pjkP/0Mps6vMy85ICuj5CWhRSlrI OI/aG7xEZJVpO5kg+ypSaoZOTRmWo3fRrDIGGh33UJtAiuLkvWCYmqb0cIkjiJyw k92eS3qTDDQxTGy6DzbxsAIcU07ynky/NYUQricF4DQUed9gvPsGbIodOJW3jaXH FU0nge0mn5+V1rQhgCAkfkZGStOcpS+3EV3F0Q22PmZXTOrhculUny/4hoxqne3z gokVMEVIyfam+uvTOvy6VZ6DrBrX2PwtoLtR0SITAyRvgBaDRehZPOaxK4jWqn5r LbJ0oKgPRZQHupaARNHeM1JC//FH+cVSl8KKtE1yuEr0YjzhXDlhMxOXzbQaBMBq aHsYXc7Z9EIRp6M6XHIjDBHhJJlNAQc7pVEp6N2u/H9NLYNcXi3DQ6LcJf0bMsp8 JIUWY4/i5A6++LcgOwX1d2ZNZOVqvDdYdOu4fBvRrLlbwQ3ug5E2sAY+xIxlA9tc EWN6Z0UGhDuFQq0A5UDDw4t67itkjrezvFYwI79ILA5z3E6BarbFv1hjmNxh/Ccu B/7Pw0OP4dfVt2+gFrdBb8g0YiTedl/sBjP2vNIc9Rkerl2nvOBC+GeKbii9MOzL riltE1mjKXm32W2+CIvZ4+E0PfwO3iKPx3i7f2wXaXerASHXocoiDbxe19wZxOdZ mLOpBlQdqjrTcL4Kr2eV =ZPX6 -----END PGP SIGNATURE-----