-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Tue, 24 Jan 2012 15:14:25 +0100 Source: curl Binary: curl libcurl3 libcurl3-gnutls libcurl4-openssl-dev libcurl4-gnutls-dev libcurl3-dbg Architecture: sparc Version: 7.21.0-2.1+squeeze1 Distribution: squeeze-security Urgency: high Maintainer: sparc Build Daemon (lebrun) Changed-By: Alessandro Ghedini Description: curl - Get a file from an HTTP, HTTPS or FTP server libcurl3 - Multi-protocol file transfer library (OpenSSL) libcurl3-dbg - libcurl compiled with debug symbols libcurl3-gnutls - Multi-protocol file transfer library (GnuTLS) libcurl4-gnutls-dev - Development files and documentation for libcurl (GnuTLS) libcurl4-openssl-dev - Development files and documentation for libcurl (OpenSSL) Changes: curl (7.21.0-2.1+squeeze1) stable-security; urgency=high . * Non-maintainer upload * Fix URL sanitization vulnerability as per CVE-2012-0036 http://curl.haxx.se/docs/adv_20120124.html * Fix SSL CBC IV vulnerability as per CVE-2011-3389 http://curl.haxx.se/docs/adv_20120124B.html * Set urgency=high accordingly Checksums-Sha1: 6e8adc8af49de430aa145a7055db2a6ea784df36 227338 curl_7.21.0-2.1+squeeze1_sparc.deb d2f3e927dbdf242f0471a64c37205e4f65db278d 279862 libcurl3_7.21.0-2.1+squeeze1_sparc.deb a5459c798e3d0a89ef138db692b62e171e672bb6 260086 libcurl3-gnutls_7.21.0-2.1+squeeze1_sparc.deb f7f10ddfcbd0f12a893ef79c96e1910d595af082 1075722 libcurl4-openssl-dev_7.21.0-2.1+squeeze1_sparc.deb 839411a001bf3c22b4c82f5e93c2e004f65796b8 1053056 libcurl4-gnutls-dev_7.21.0-2.1+squeeze1_sparc.deb d296f547934f51b2f4729ab944fe44e9080872c8 106038 libcurl3-dbg_7.21.0-2.1+squeeze1_sparc.deb Checksums-Sha256: 649d1a11cf1d049d51a4c0bcc83a108a4d4d7dd059011d7ef5967194a99c582f 227338 curl_7.21.0-2.1+squeeze1_sparc.deb e0b57956c28acc2596e206a631864366f2087da5b756c7b219b828220f7f6994 279862 libcurl3_7.21.0-2.1+squeeze1_sparc.deb 318f400371b6a851885e508ba1c03dd1e74b136c4bf6f7b7edf00041c9a2dd1e 260086 libcurl3-gnutls_7.21.0-2.1+squeeze1_sparc.deb 5e16d6b8b970daac99a9cb3f84b5325072810fd39b3c030f712826b6e86a1b20 1075722 libcurl4-openssl-dev_7.21.0-2.1+squeeze1_sparc.deb 6f626264b76d8c763df4702e2b43c81aa030ba43ce04ba56b0d6fde192f21316 1053056 libcurl4-gnutls-dev_7.21.0-2.1+squeeze1_sparc.deb 323163419e4953a235cd3ce318c1792a6c3bfd1d575545dad7f8f1b12da806e0 106038 libcurl3-dbg_7.21.0-2.1+squeeze1_sparc.deb Files: ef6ef5d4b6466f3cf9329b4091ef538c 227338 web optional curl_7.21.0-2.1+squeeze1_sparc.deb c91c9cc8e3ca296b2891a23e7d35c1c2 279862 libs optional libcurl3_7.21.0-2.1+squeeze1_sparc.deb 670ad50874baef9fc438d6bc8b7b8293 260086 libs optional libcurl3-gnutls_7.21.0-2.1+squeeze1_sparc.deb e4daa2d94837440ee7576690b9fbe5a3 1075722 libdevel optional libcurl4-openssl-dev_7.21.0-2.1+squeeze1_sparc.deb a8f1d823dfc810c34915df9c0edd3984 1053056 libdevel optional libcurl4-gnutls-dev_7.21.0-2.1+squeeze1_sparc.deb 59b7aee692d51212c801930cbaaad517 106038 debug extra libcurl3-dbg_7.21.0-2.1+squeeze1_sparc.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iQIcBAEBCAAGBQJPJU7xAAoJEIU0BpdN+GD1PaAQAJsq2pxlWEdRO2OYiqDXB6MO sYudFNM0sEJSISDTPWE0UasA0Zt4N5nrXnZignFLFWcotymS2gkukZqiz5YxYqOh mblgSwU7pbSW9dToJPA9q3BSeyQCODr7Q4PHAoD944oWoZihFVIUFmun+rPOuLo4 SlrPOuINOgR9AoePpv7NhA0H+BwJQenwhvBl27TOkRoHRK7xiCpggu7qYrnjq9Mw hGGPJxIVis01UfC8j4K7hBbx7T8pPRBtx6kAYnFtmY3BdF9kCm9U3oNghVLle5kn LPQTtW1gi0oyubDhlM3YU03wMcnOG+OZvKrwnxbKkqS51lkkA9vCSiAHuHitVxGf 6pAbLavZKEfDGmhCy5xAM49P4lyhrvjMFf09fn97ktNkc+LPKkq4odOGKoPrSKmU BpiR12HFzu4z7fSemA56BO8HOfIfyT6eCl51qhyUKwLfEWHUBwSPJVGAzL+WC9+c y8ihwJozOdmH9VrkMNSaSmqybtg/a7EDlaTrjYy/ae6++96AUW0hDV1z2PgniBPa utE62q/KtTJpVQeOX6Oly/Ck3HVpviERI0rlMnjNX2RGqgBzCOoox4wB+3EO9dhd ucCGdAI3gA5/+usllXYV4uS7msKToVozHuA6dRWjRxDS+aPYEbwnwPk7/9jEWknH zhnMaBkEyOgJFgZgpuq6 =FoXt -----END PGP SIGNATURE-----