Change log for curl package in Debian

76120 of 120 results
Superseded in sid-release on 2013-02-12
curl (7.28.0-3) unstable; urgency=low


  * Add 07_do-not-disable-debug-symbols.patch, do not pass --enable-debug
    anymore (Closes: #683103)
  * Update 05_fix-git-over-https.patch to reflect new upstream patch
  * Add 08_fix-git-auth.patch to fix HTTPS authentication (Closes: #690764)

 -- Alessandro Ghedini <email address hidden>  Sat, 17 Nov 2012 14:07:21 +0100
Superseded in sid-release on 2012-11-17
curl (7.28.0-2) unstable; urgency=low


  * Add 05_fix-git-over-https.patch (Closes: #690551)
  * Add 06_always-disable-valgrind.patch (Closes: #690968)

 -- Alessandro Ghedini <email address hidden>  Mon, 22 Oct 2012 14:35:02 +0200
Superseded in sid-release on 2012-10-22
curl (7.28.0-1) unstable; urgency=low


  * New upstream release
    - gnutls: do not fail on non-fatal handshake errors (Closes: #685402)
  * Remove versioned build depends on libssh2 (already in stable)
  * Bump Standards-Version to 3.9.4 (no changes needed)
  * Refresh 01_runtests_gdb.patch
  * Update *.symbols files
  * Build depend on ca-certifcates to avoid test failure

 -- Alessandro Ghedini <email address hidden>  Thu, 11 Oct 2012 19:11:09 +0200
Superseded in sid-release on 2012-10-13
curl (7.27.0-1) unstable; urgency=low


  * New upstream release
  * Update upstream copyright
  * Refresh 01_runtests_gdb.patch, 90_gnutls.patch and 99_nss.patch

 -- Alessandro Ghedini <email address hidden>  Wed, 08 Aug 2012 17:22:00 +0200
Superseded in wheezy-release on 2013-02-13
Superseded in sid-release on 2012-08-09
curl (7.26.0-1) unstable; urgency=low


  * New upstream release
    - Reject numerical IPv6 addresses outside brackets (Closes: #670126)
  * Email change: Alessandro Ghedini -> <email address hidden>
  * Stricter Depends on libcurl3 (Closes: #666089)
  * Remove Ramakrishnan (as per his request), move myself to Maintainer
    Thank you for all your work so far
  * Disable memory tracking, but keep debug enabled
    - Remove memdebug symbols (used by curl only)
  * Refresh 01_runtests_gdb.patch, 90_gnutls.patch and 99_nss.patch
  * Disable not-quite-working symbols hiding

 -- Alessandro Ghedini <email address hidden>  Fri, 25 May 2012 15:19:51 +0200
Superseded in squeeze-release on 2013-10-19
curl (7.21.0-2.1+squeeze2) stable-security; urgency=low


  * Non-maintainer upload
  * Add --ssl-allow-beast and CURLOPT_SSL_OPTIONS (Closes: #658276)

 -- Alessandro Ghedini <email address hidden>  Sat, 24 Mar 2012 15:01:45 +0100
Superseded in wheezy-release on 2012-06-05
Superseded in sid-release on 2012-05-26
curl (7.25.0-1) unstable; urgency=low


  * New upstream release
    - Add --ssl-allow-beast and CURLOPT_SSL_OPTIONS (Closes: #658276)
    - Allow negative numbers as option value (Closes: #659591)
  * Add libssh2-1-dev to libcurl4-gnutls-dev and libcurl4-nss-dev Depends
  * Bump debhelper compat level to 9
    - Make *.links files executable to simplify rules file
  * Pass --as-needed ld flag to avoid unneeded dependencies
    - Add workaround_as_needed_bug to workaround a libtool bug
    - Drop dont_link_to_krb5 (not needed because of --as-needed)
  * Do some clean-up in debian/rules
  * Update debian/copyright format as in Debian Policy 3.9.3
  * Bump Standards-Version to 3.9.3
  * Explicit Conflicts in -dev packages (fixes binaries-have-file-conflict)
  * Add openssh-server to build depends to enable some more tests
  * Update upstream copyright years
  * Refresh patches

 -- Alessandro Ghedini <email address hidden>  Fri, 23 Mar 2012 16:24:51 +0100
Published in lenny-release on 2012-03-10
curl (7.18.2-8lenny6) oldstable-security; urgency=high


  * Non-maintainer upload.
  * Fix SSL CBC IV vulnerability as per CVE-2011-3389
    http://curl.haxx.se/docs/adv_20120124B.html
  * Set urgency=high accordingly

 -- Alessandro Ghedini <email address hidden>  Wed, 25 Jan 2012 16:03:45 +0100
Superseded in wheezy-release on 2012-04-07
Superseded in sid-release on 2012-03-28
curl (7.24.0-1) unstable; urgency=high


  * New upstream release
    - Improve documentation for the --capath option (Closes: #628697)
    - Fix URL sanitization vulnerability as per CVE-2012-0036
      http://curl.haxx.se/docs/adv_20120124.html
    - Fix SSL CBC IV vulnerability as per CVE-2011-3389
      http://curl.haxx.se/docs/adv_20120124B.html
    - Set urgency=high accordingly
  * Remove curl_links_with_rt patch (curl links to librt anyway)
  * Improve descriptions of -dev and -dbg packages
  * Drop fix_manpage_spelling and versioned patches (merged upstream)
  * Refresh patches
  * Add keep_symbols_compat patch to not break backwards ABI compatibility
  * Enable libssh2 support for GnuTLS and NSS flavours too
    (libssh2 now uses libgcrypt instead of libssl)

 -- Alessandro Ghedini <email address hidden>  Tue, 24 Jan 2012 12:04:04 +0100
Superseded in wheezy-release on 2012-01-27
Superseded in sid-release on 2012-01-25
curl (7.23.1-3) unstable; urgency=low


  * Enable security hardening flags
  * Remove libdb-dev from B-D (not used)
  * Improve short and  long descriptions
  * Provide proper *.symbols files (Closes: #651619)
  * Do not version Curl_* symbols (for internal use only)
  * Do not override dh_makeshlibs version anymore

 -- Alessandro Ghedini <email address hidden>  Tue, 13 Dec 2011 19:55:31 +0100
Superseded in sid-release on 2011-12-14
curl (7.23.1-2) unstable; urgency=low


  * Bump shlibs version for libcurl3-nss (Closes: #650498)

 -- Alessandro Ghedini <email address hidden>  Thu, 01 Dec 2011 22:32:19 +0100
Superseded in sid-release on 2011-12-03
curl (7.23.1-1) unstable; urgency=low


  * New upstream release
    - Do not use gnutls_priority_set_direct and
      gnutls_certificate_type_set_priority anymore (Closes: #624024)
  * Refresh patches
  * Add --enable-debug flag to configure (Closes: #648902)
  * One Provides/Replaces per line
  * libcurl4-openssl-dev Provides libcurl4-dev too (Closes: #644126)
  * Specify only 3 components for Standards-Version 
    (the fourth is not really needed)
  * Move ca-certificates to Recommends in lib* packages (Closes: #546607)
  * Add NSS flavour to versioned symbols

 -- Alessandro Ghedini <email address hidden>  Sun, 27 Nov 2011 18:45:01 +0100
Superseded in wheezy-release on 2011-12-24
Superseded in sid-release on 2011-11-29
curl (7.22.0-3) unstable; urgency=low


  [ Ramakrishnan Muthukrishnan ]
  * Add new Uploaders, Ian and Alessandro. (Closes: #647255)

  [ Luk Claes ]
  * Install lintian overrides with dh_lintian.
  * Install all files with dh_install and get rid of dh_installdirs.

  [ Alessandro Ghedini ]
  * New upstream release.
  * Bump debhelper compat level to 8.
  * debian/control:
    - One (Build-)Depends per line.
    - Sort (Build-)Depends.
    - Remove Build-Depends on binutils
      (v2.18 is already in oldstable and it is Build-Essential: yes).
    - Build depends on stunnel4 instead of stunnel 
      (stunnel is just a dummy package).
    - Remove duplicate Section field in package curl.
    - Add Luk to Uploaders too, sort names.
  * debian/patches:
    - Update runtests_gdb patch, add DEP3 headers.
    - Update gnutls and nss patches, add DEP3 headers.
    - Refresh other patches.
    - Add DEP3 headers to all the patches.
    - Remove libtool patch (not applied anyway)
    - Set Forwarded: not-needed for Debian specific patches
  * Replace dh_clean -k call with dh_prep
    (dh_clean -k is deprecated since debhelper 7).
  * Add fix_manpage_spelling patch
  * debian/copyright:
    - Switch to DEP5 format
    - Update copyright information
  * Add librtmp-dev to libcurl4-nss-dev too

 -- Alessandro Ghedini <email address hidden>  Sun, 13 Nov 2011 21:07:32 +0100
Superseded in squeeze-release on 2012-05-12
curl (7.21.0-2) stable-security; urgency=high


  * debian/patches/curl-gssapi-delegation: Fix for GSSAPI delegation
    vulnerability as detailed in CVE-2011-2192. More information and
    the patch at <http://curl.haxx.se/docs/adv_20110623.html>.
    (closes: #631615)

 -- Ramakrishnan Muthukrishnan <email address hidden>  Sun, 26 Jun 2011 20:53:39 +0530
Superseded in wheezy-release on 2011-11-26
Superseded in sid-release on 2011-11-16
curl (7.21.7-3) unstable; urgency=low


  * debian/rules: Build only curl and libcurl3 with rtmp support. Rest of the
    packages do not need to be built with rtmp support. (closes: #641173)

 -- Ramakrishnan Muthukrishnan <email address hidden>  Sun, 11 Sep 2011 22:08:08 +0200
Superseded in wheezy-release on 2011-09-28
Superseded in sid-release on 2011-09-20
curl (7.21.7-2) unstable; urgency=low


  * debian/control: libcurl*-dev packages should depend on librtmp-dev.
    (closes: #640260)
  * debian/rules: add build-arch and build-indep targets.

 -- Ramakrishnan Muthukrishnan <email address hidden>  Mon, 05 Sep 2011 16:12:42 +0200

Available diffs

Superseded in wheezy-release on 2011-09-21
Superseded in sid-release on 2011-09-20
curl (7.21.7-1) unstable; urgency=low
  * New Upstream release which fixes the following bugs.    - libcurl3-gnutls: HTTPS over HTTP still broken in      Git (closes: #627335)    - git-core: gnutls_handshake() fail when using      https:// over a proxy (closes: #559371)  * debian/control: capitalize 'ftp'. (closes: #587338)  * debian/rules: add build-arch and build-indep targets. -- Ramakrishnan Muthukrishnan <email address hidden>  Sat, 30 Jul 2011 17:57:08 +0530
Superseded in wheezy-release on 2011-09-21
Superseded in sid-release on 2011-09-20
curl (7.21.6-3) unstable; urgency=low
  * Apply the Multiarch patch from Steve Langasek.    (closes: #631946) -- Ramakrishnan Muthukrishnan <email address hidden>  Wed, 29 Jun 2011 08:26:56 +0530
Superseded in wheezy-release on 2011-09-21
Superseded in sid-release on 2011-09-20
curl (7.21.6-2) unstable; urgency=high
  * Fix for the inappropriate GSSAPI delegation vulnerability (CVE-2011-2192).    (closes: #631615) -- Ramakrishnan Muthukrishnan <email address hidden>  Sat, 25 Jun 2011 23:37:04 +0530
Superseded in wheezy-release on 2011-09-21
Superseded in sid-release on 2011-09-20
curl (7.21.6-1) unstable; urgency=low
  * New upstream release to fix a HTTPS over a HTTP proxy bug on 7.21.5. -- Ramakrishnan Muthukrishnan <email address hidden>  Sat, 23 Apr 2011 07:12:57 +0530
Superseded in sid-release on 2011-09-20
curl (7.21.5-1) unstable; urgency=low
  * New Upstream version. (closes: #623459)  * debian/patches/{sslv2_disable, error_code}: removed as these    patches were backported earlier from new upstream and this    release incorporates them. -- Ramakrishnan Muthukrishnan <email address hidden>  Fri, 22 Apr 2011 13:14:41 +0530
Superseded in sid-release on 2011-09-20
curl (7.21.4-2) unstable; urgency=low
  * debian/patches/{sslv2-disable, series}: Apply the    upstream commit c66b0b32fba175d5f096c944d8ec8f9f06299f4a.    (closes: #622016)  * debian/{rules, control}: enable rtmp. (closes: #622328)  * debian/control: removing hurd from dependencies. Hurd is    an 'essential' package. -- Ramakrishnan Muthukrishnan <email address hidden>  Wed, 13 Apr 2011 16:15:27 -0700
Superseded in wheezy-release on 2011-09-21
Superseded in sid-release on 2011-09-20
curl (7.21.4-1) unstable; urgency=low
  * New upstream release.  * debian/control: downgraded the version number of libdb-dev required    to 4.6 from 4.7, based on the inputs from Erik Schanze <email address hidden>.  -- Ramakrishnan Muthukrishnan <email address hidden>  Mon, 28 Feb 2011 19:35:36 +0530
Superseded in wheezy-release on 2011-09-21
Superseded in sid-release on 2011-09-20
curl (7.21.3-1) unstable; urgency=low
  * New upstream release.  * debian/*.manpages: adding all manpages for the curl library.    (closes: #605651)  * gnutls->handshake: improved timeout handling. See #594150 for details. -- Ramakrishnan Muthukrishnan <email address hidden>  Wed, 15 Dec 2010 23:39:26 +0530
Superseded in sid-release on 2011-09-20
curl (7.21.2-4) unstable; urgency=low
  * support for curl library built against nss.    (closes: #606244)  * honour DEB_BUILD_OPTIONS=nocheck option.    (closes: #606059) -- Ramakrishnan Muthukrishnan <email address hidden>  Thu, 09 Dec 2010 20:11:37 +0530
Superseded in sid-release on 2011-09-20
curl (7.21.2-3) unstable; urgency=low
  * debian/rules: reverting changes related to c-ares inclusion.  * debian/control: removing libc-ares-dev for now.    (closes: #605558) -- Ramakrishnan Muthukrishnan <email address hidden>  Thu, 02 Dec 2010 10:56:36 +0530
Superseded in sid-release on 2011-09-20
curl (7.21.2-2) unstable; urgency=low
  * debian/control: add libc-ares-dev as build dependency.  * debian/rules: invoke configure with --enable-ares.    (closes: #570436)  * debian/copyright: add copyright notice of lib/security    to the copyright file. (closes: #603712) -- Ramakrishnan Muthukrishnan <email address hidden>  Tue, 30 Nov 2010 17:35:29 +0530
Superseded in sid-release on 2011-09-20
curl (7.21.2-1) unstable; urgency=low


  * New upstream release.

 -- Ramakrishnan Muthukrishnan <email address hidden>  Mon, 18 Oct 2010 11:13:17 +0530
Superseded in sid-release on 2011-09-20
curl (7.21.1-1) unstable; urgency=low


  * New upstream release.

 -- Ramakrishnan Muthukrishnan <email address hidden>  Thu, 12 Aug 2010 08:20:48 +0530
Superseded in lenny-release on 2012-03-10
curl (7.18.2-8lenny4) stable-security; urgency=high


  * Non-maintainer upload by the security team
  * Fix possible buffer overflow via callback function
    Fixes: CVE-2010-0734

 -- Steffen Joeris <email address hidden>  Sat, 27 Mar 2010 16:06:15 +1100
Superseded in squeeze-release on 2011-10-08
Superseded in sid-release on 2011-09-20
curl (7.21.0-1) unstable; urgency=low


  * New upstream.

 -- Ramakrishnan Muthukrishnan <email address hidden>  Wed, 16 Jun 2010 19:25:37 +0530
Superseded in sid-release on 2011-09-20
Superseded in squeeze-release on 2011-09-13
curl (7.20.1-2) unstable; urgency=low


  * debian/rules: Removed the custom LDFLAGS variable. This is not
    required as we are no longer using the libtool patch.
    (closes: #578774)

 -- Ramakrishnan Muthukrishnan <email address hidden>  Wed, 28 Apr 2010 18:40:27 +0530
Superseded in sid-release on 2011-09-20
curl (7.20.0-3) unstable; urgency=low


  * debian/control: Vcs* tags added.
  * docs/libcurl/libcurl.m4: added the missing double quote (closes: #576518).

 -- Ramakrishnan Muthukrishnan <email address hidden>  Mon, 05 Apr 2010 18:56:40 +0530
Superseded in squeeze-release on 2011-09-13
Superseded in sid-release on 2011-09-20
curl (7.20.0-2) unstable; urgency=low


  * New Maintainer (closes: #574137).
  * Bug #533669 (curl segmentation fault in addbyter()) is fixed
    from release 7.19.7 onwards (closes: #533669).
  * Bug #510559 (curl sends whitespace unencoded in the url) can't
    be reproduced in the 7.20.0 release (closes: #510559).

 -- Ramakrishnan Muthukrishnan <email address hidden>  Thu, 18 Mar 2010 08:55:19 +0530
Superseded in squeeze-release on 2011-09-13
Superseded in sid-release on 2011-09-20
curl (7.20.0-1) unstable; urgency=low


  * Package is orphaned.
  * New upstream release.
  * Switch to dpkg-source 3.0 (quilt) format (closes: #538547).
  * Fixed build error with binutils-gold (closes: #554296). 

 -- Domenico Andreoli <email address hidden>  Tue, 09 Feb 2010 13:06:39 +0100
Superseded in squeeze-release on 2011-09-13
Superseded in sid-release on 2011-09-20
curl (7.19.7-1) unstable; urgency=low


  * New upstream release:
    - curl_getdate(3) now correctly manages single letter military
      timezones as specified in RFC 822 (closes: #551461).
  * build depends on generic libdb-dev (closes: #548476).
  * build depends on libssh2-1-dev (>= 1.2) to enable new curl options.

 -- Domenico Andreoli <email address hidden>  Thu, 05 Nov 2009 10:11:57 +0100
Superseded in lenny-release on 2011-09-13
curl (7.18.2-8lenny3) stable-security; urgency=high


  * Non-maintainer upload by the Security Team.
  * Fix possible midm attack via injected null bytes in the
    certificate (CVE-2009-2417; Closes: #541991).

 -- Nico Golde <email address hidden>  Tue, 18 Aug 2009 00:57:34 +0000
Superseded in sid-release on 2011-09-20
Superseded in squeeze-release on 2011-09-13
curl (7.19.5-1.1) unstable; urgency=high


  * Non-maintainer upload by the Security Team.
  * Fix possible mitm via injected null byte (CVE-2009-2417; Closes: #541991).

 -- Nico Golde <email address hidden>  Thu, 27 Aug 2009 20:10:51 +0200
Superseded in sid-release on 2011-09-20
Superseded in squeeze-release on 2011-09-13
curl (7.19.5-1) unstable; urgency=low


  * New upstream release
  * Fix "libcurl3-gnutls has memory corruption" by upgrading to new upstream
    release, which fixes this bug (Closes: #530131)
  * update standards version to 3.8.1
  * adjust overrides from libdevel to debug for -dbg package
  * adjust doc-base section

 -- Andreas Schuldei <email address hidden>  Sun, 24 May 2009 21:12:19 +0200
Superseded in sid-release on 2011-09-20
curl (7.19.4-1) unstable; urgency=low


  * New upstream release
  * Fix "newer bdb version" <explain what you changed and why> 
    (Closes: #517277)
  * resolve libtool version confusion, thanks to 
    Stefanos Harhalakis <email address hidden>
  * add new dependency on libgcrypt11-dev due to newly arising binary symbols

 -- Andreas Schuldei <email address hidden>  Thu, 02 Apr 2009 23:35:45 +0200
Superseded in lenny-release on 2011-09-13
curl (7.18.2-8lenny2) stable-security; urgency=high


  * Non-maintainer upload by the security team
  * Update patch for CVE-2009-0037 to include missing header sections

 -- Steffen Joeris <email address hidden>  Tue, 10 Mar 2009 06:18:42 +0000
Superseded in squeeze-release on 2011-09-13
Superseded in sid-release on 2011-09-20
curl (7.18.2-8.1) unstable; urgency=high


  * Non-maintainer upload by the security team.
  * Include upstream patch to prevent overwriting and reading arbitrary
    local files or command execution via malicious redirects depending on
    the setup curl is used in.
    NOTE: This update introduces a new option called CURLOPT_REDIR_PROTOCOLS
    which includes the protocols curl will follow on redirects, scp and file
    are not included by default (CVE-2009-0037; Closes: #518423).

 -- Nico Golde <email address hidden>  Wed, 11 Mar 2009 15:33:08 +0100
Superseded in squeeze-release on 2011-09-13
Superseded in lenny-release on 2011-09-13
Superseded in sid-release on 2011-09-20
curl (7.18.2-8) unstable; urgency=low


  * Fix "Please add support for ldap/ldaps protocols" 
    by changing the linker option for liblber (Closes: #506096)

 -- Andreas Schuldei <email address hidden>  Fri, 26 Dec 2008 23:48:19 +0100
Superseded in sid-release on 2011-09-20
curl (7.18.2-7) unstable; urgency=low


  * disable c-ares support again, no fix yet, just get stuff working again.

 -- Andreas Schuldei <email address hidden>  Tue, 15 Jul 2008 01:17:29 +0200
Superseded in lenny-release on 2011-09-13
curl (7.18.2-5) unstable; urgency=low


  * /usr/lib/pkgconfig/libcurl.pc: "pkg-config --libs libcurl" returns
    "-Wl, -z, defs" (Closes: #488701), closing same bug again for 
    curl-config --libs  command

 -- Andreas Schuldei <email address hidden>  Wed, 02 Jul 2008 11:24:40 +0200
76120 of 120 results