-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Tue, 24 Jan 2012 15:14:25 +0100 Source: curl Binary: curl libcurl3 libcurl3-gnutls libcurl4-openssl-dev libcurl4-gnutls-dev libcurl3-dbg Architecture: ia64 Version: 7.21.0-2.1+squeeze1 Distribution: squeeze-security Urgency: high Maintainer: ia64 Build Daemon (alkman) Changed-By: Alessandro Ghedini Description: curl - Get a file from an HTTP, HTTPS or FTP server libcurl3 - Multi-protocol file transfer library (OpenSSL) libcurl3-dbg - libcurl compiled with debug symbols libcurl3-gnutls - Multi-protocol file transfer library (GnuTLS) libcurl4-gnutls-dev - Development files and documentation for libcurl (GnuTLS) libcurl4-openssl-dev - Development files and documentation for libcurl (OpenSSL) Changes: curl (7.21.0-2.1+squeeze1) stable-security; urgency=high . * Non-maintainer upload * Fix URL sanitization vulnerability as per CVE-2012-0036 http://curl.haxx.se/docs/adv_20120124.html * Fix SSL CBC IV vulnerability as per CVE-2011-3389 http://curl.haxx.se/docs/adv_20120124B.html * Set urgency=high accordingly Checksums-Sha1: cf34dec309abc051c3a14ef45ae52cffedebf410 243246 curl_7.21.0-2.1+squeeze1_ia64.deb 13c4eea28a090886ceab2e10adc08459a49c22a9 369390 libcurl3_7.21.0-2.1+squeeze1_ia64.deb 9788727c9480bcbf4e53639d4f16b2afeb08cd8e 342428 libcurl3-gnutls_7.21.0-2.1+squeeze1_ia64.deb c26ddb0c9688a2bb05782cda13d7fb35457f8f17 1186758 libcurl4-openssl-dev_7.21.0-2.1+squeeze1_ia64.deb ecc63e06a3f34753096364f88ad1d846124f3778 1154118 libcurl4-gnutls-dev_7.21.0-2.1+squeeze1_ia64.deb 12bd71b258492ac152506c596dff833118d257ed 105198 libcurl3-dbg_7.21.0-2.1+squeeze1_ia64.deb Checksums-Sha256: 9b36bd167127043419ac497e6290c06d8cc5b17a961ac59aa9079355f496e95e 243246 curl_7.21.0-2.1+squeeze1_ia64.deb e2bcbf56bbf7b16d1b1273e1a36081307b1d9863bdb3af0b9460585b803289dc 369390 libcurl3_7.21.0-2.1+squeeze1_ia64.deb d4801806f855c3e9da21203034781725bdaf45569c9acbae668823bfec71fa66 342428 libcurl3-gnutls_7.21.0-2.1+squeeze1_ia64.deb 923342827163f1e685b364a6b6967b4510300824fb3198d05e408a9b7ca08836 1186758 libcurl4-openssl-dev_7.21.0-2.1+squeeze1_ia64.deb e2a9c701782fc1fe3ffa2722534c34629c15a7740135cbe36cfd59d2531524b9 1154118 libcurl4-gnutls-dev_7.21.0-2.1+squeeze1_ia64.deb 9b6e70cebc9208b94ae815511e4691fc947dd68b13a09a22677f47adfbee31fe 105198 libcurl3-dbg_7.21.0-2.1+squeeze1_ia64.deb Files: aaa1fc45803264ce8fcf93d15356a11f 243246 web optional curl_7.21.0-2.1+squeeze1_ia64.deb eabfd7fd0ae4707785aa8d6495ac67b6 369390 libs optional libcurl3_7.21.0-2.1+squeeze1_ia64.deb e96527aacd836528aa1716038cc3cc38 342428 libs optional libcurl3-gnutls_7.21.0-2.1+squeeze1_ia64.deb 8ede083e2b1b434b1c42b7a7b2622b0f 1186758 libdevel optional libcurl4-openssl-dev_7.21.0-2.1+squeeze1_ia64.deb e5becca20fda885021bf416d011e997c 1154118 libdevel optional libcurl4-gnutls-dev_7.21.0-2.1+squeeze1_ia64.deb 5fb11736c0abd2e4bd8042e73dc9fbcb 105198 debug extra libcurl3-dbg_7.21.0-2.1+squeeze1_ia64.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iQIcBAEBCAAGBQJPJU1+AAoJEEvpbjz8HoZookkP/1DqFQPAE5SHR0IOHidslZ8g UMv8oxxsC6ophKC9uw79yxhGp8iKv128Ycoq9KuD1h655zkaC2yvSczl0SlHd6BS AOSdorGNOd+go2ZVC9UuoZ+cojrTYSX9IAMFFVCT85mnS0Rcn01pLblfjZIPrnIk 4xLhwDyfd71u8QOyXjs9NEY4kP9bMzXq8kSn/NkPAjf9s14qblA28TZfccoE/o8M QRGTqxLsDKkSVzyV6vGSBjQiaCh/llAt32Zt2dPSyxSD1xMhN8enFqVZQxfIg4yL UbwOYSS8zqI2H3P9anMXDUkVajjTZ9RZnmqVzeQam83pCAreWaaSFOqNduiLowXe A2kaUPYhgCAAKvjlr0ahIvRz5VrnCzh6WOm+wVgwWeENPiFU6/FI1BV/jiSNHfkE avPnzoY/aJKSCmenKbklOMdvC5UltjU4gGkbnzdHvWb4Ggg2nFdNwHkoovZQB9/E SxQT0I6gRyGX7Ur08QCvkFRRUTaBc242pku8YRutwAzk1VOu89TAuBW7nsFEdQ1O PigICBye+crU7/hs1rmhjM/kWK22TdmAolYGvtnDPvUqAj/PoS69doBCAm/DKcAB CHIk88TRYnLIv8H4DqVRUai0Ujaj/IqIJLZrQYpuaFrPkFn1Obu6amceijODYx8D IwGrqrgJb+5mQkyE7Jey =l2ef -----END PGP SIGNATURE-----