-
curl (7.19.5-1ubuntu2) karmic; urgency=low
* SECURITY UPDATE: SSL cert hostname checking bypass with NULL byte.
- add debian/patches/cert-null-cn: backported upstream changes.
- CVE-2009-2417
-- Kees Cook <email address hidden> Thu, 13 Aug 2009 14:32:50 -0700
-
curl (7.19.5-1ubuntu1) karmic; urgency=low
* Merge from Debian unstable (LP: #380281), remaining changes:
- Drop build dependencies: stunnel, libdb4.6-dev, libssh2-1-dev
- Add build-dependency on openssh-server
- Drop libssh2-1-dev from libcurl4-openssl-dev's Depends.
- Call automake-1.9 with --add-missing --copy --force
* Fixes LP: #379477
curl (7.19.5-1) unstable; urgency=low
* New upstream release
* Fix "libcurl3-gnutls has memory corruption" by upgrading to new upstream
release, which fixes this bug (Closes: #530131)
* update standards version to 3.8.1
* adjust overrides from libdevel to debug for -dbg package
* adjust doc-base section
-- Bhavani Shankar <email address hidden> Tue, 26 May 2009 18:58:51 +0530
-
curl (7.19.4-1ubuntu1) karmic; urgency=low
* Merge from debian unstable, remaining changes:
- Drop build dependencies: stunnel, libdb4.6-dev, libssh2-1-dev
- Add build-dependency on openssh-server
- Drop libssh2-1-dev from libcurl4-openssl-dev's Depends.
- Call automake-1.9 with --add-missing --copy --force
* drop debian/patches/security_CVE-2009-0037.patch
- this patch is part of 7.19.4
curl (7.19.4-1) unstable; urgency=low
* New upstream release
* Fix "newer bdb version" <explain what you changed and why>
(Closes: #517277)
* resolve libtool version confusion, thanks to
Stefanos Harhalakis <email address hidden>
* add new dependency on libgcrypt11-dev due to newly arising binary symbols
-- Michael Vogt <email address hidden> Wed, 29 Apr 2009 11:10:29 +0200
-
curl (7.18.2-8ubuntu4) jaunty; urgency=low
* SECURITY UPDATE: add fix for CVE-2009-0037 back in
- debian/patches/security_CVE-2009-0037.patch: updated patch to add missing
section to lib/easy.c
- CVE-2009-0037
-- Marc Deslauriers <email address hidden> Tue, 03 Mar 2009 19:58:20 -0500