-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Tue, 24 Jan 2012 15:14:25 +0100 Source: curl Binary: curl libcurl3 libcurl3-gnutls libcurl4-openssl-dev libcurl4-gnutls-dev libcurl3-dbg Architecture: armel Version: 7.21.0-2.1+squeeze1 Distribution: squeeze-security Urgency: high Maintainer: armel Build Daemon (alain) Changed-By: Alessandro Ghedini Description: curl - Get a file from an HTTP, HTTPS or FTP server libcurl3 - Multi-protocol file transfer library (OpenSSL) libcurl3-dbg - libcurl compiled with debug symbols libcurl3-gnutls - Multi-protocol file transfer library (GnuTLS) libcurl4-gnutls-dev - Development files and documentation for libcurl (GnuTLS) libcurl4-openssl-dev - Development files and documentation for libcurl (OpenSSL) Changes: curl (7.21.0-2.1+squeeze1) stable-security; urgency=high . * Non-maintainer upload * Fix URL sanitization vulnerability as per CVE-2012-0036 http://curl.haxx.se/docs/adv_20120124.html * Fix SSL CBC IV vulnerability as per CVE-2011-3389 http://curl.haxx.se/docs/adv_20120124B.html * Set urgency=high accordingly Checksums-Sha1: d444bf6aae9acf2c43baf0d321f883e4a3f70c81 228614 curl_7.21.0-2.1+squeeze1_armel.deb d3617a1d8a443544e5376c361f9192d5f361576f 273090 libcurl3_7.21.0-2.1+squeeze1_armel.deb 722ff50cc1f3d2ea95010f586cbc9b51fd8fedb7 254692 libcurl3-gnutls_7.21.0-2.1+squeeze1_armel.deb 52f288cb4beb6814118d90ef080c9e8ad96d2739 1065116 libcurl4-openssl-dev_7.21.0-2.1+squeeze1_armel.deb f80d24dea4aaf10db27f4230f785e59f7af5e8ad 1045426 libcurl4-gnutls-dev_7.21.0-2.1+squeeze1_armel.deb e0a41c3720135a95161f7c08f680d9a5d230e152 112414 libcurl3-dbg_7.21.0-2.1+squeeze1_armel.deb Checksums-Sha256: 35ec6f3f0367c3035d9e27437d670da43ad773b7f9aa7dcbd728d01aa61dab33 228614 curl_7.21.0-2.1+squeeze1_armel.deb 8e1f5dc424f7b45f57de1f29815c8e3718553e081a19bff62029760e03643dfc 273090 libcurl3_7.21.0-2.1+squeeze1_armel.deb 9ec43b2075d6decf7bf965ed9474fc3c93a60a45ec27d126b67a375248efd0d1 254692 libcurl3-gnutls_7.21.0-2.1+squeeze1_armel.deb ed065a54c80bddc9497fca61dbd193873a227327b598c4d0ace16b351205d14a 1065116 libcurl4-openssl-dev_7.21.0-2.1+squeeze1_armel.deb 09ce9083931368ec63fd39eaceff30bd91d3eb7d408a806e879f674219649415 1045426 libcurl4-gnutls-dev_7.21.0-2.1+squeeze1_armel.deb c583ae603d1ef31546a48ee68628deecd798a3c69a5d8b6712e6a692debe0301 112414 libcurl3-dbg_7.21.0-2.1+squeeze1_armel.deb Files: 3b4b37d9e092b61828d968811732ccaf 228614 web optional curl_7.21.0-2.1+squeeze1_armel.deb 2a8af4d0c601fc9decb787e00bbe2a76 273090 libs optional libcurl3_7.21.0-2.1+squeeze1_armel.deb 95c10005ab54eaa878e488ff27601bc0 254692 libs optional libcurl3-gnutls_7.21.0-2.1+squeeze1_armel.deb 48448c02a2303194e1dbcf417f380c49 1065116 libdevel optional libcurl4-openssl-dev_7.21.0-2.1+squeeze1_armel.deb 98447a10f94e2b176c0482230eec6acc 1045426 libdevel optional libcurl4-gnutls-dev_7.21.0-2.1+squeeze1_armel.deb c2787ba8b3629b8739ba1b8f6957225d 112414 debug extra libcurl3-dbg_7.21.0-2.1+squeeze1_armel.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iQIcBAEBCAAGBQJPJaHzAAoJEINxgZ9CVg+2SXAP/1kA6Kxpoktr8NUKwUxIfml4 i2ZeX24qchPxo345zWbu5wGWHTDuSbCnsr/Y2uIdGXm6rsZ0kGFQPbkpTUE1gHpH dR/C/7VpcuBhunBc/sWeZFiFpMdph4TeGqYcYlZD7MTiJWwd3V2/IFzyEthtc7GW xJxvpNK6JVPaC38Yn+QfcjT0dmBm5GdIDZnL4Di7E9pQ35j9b4ORSjfhN91sjc2h vPpGcHO2P2x6xEHmtl15sVypJ85z9dW/nzzWSK+Wy3Uh4crySIkPYYu/Yxlg8tGu DqRbBOycae34fREyUD2QuZEyVN6jZde6VJfp+U58VCl2rZJnu/KtMQX35FPJ9paK 30/ztzWTwUKi7kLJ/aRcG9IzZrsZ01v3OhiOnJ4AGeMUBXBx4vEVZabMPBeMVpSr agY0edm7N4RacWzyVRd9sJRSPYm63n2X3ySqui+E8y9Q4L8qoDXsJyFtoeTwWefh 98czhS4C5puASUpVsum6h8OV+srbgfM946H8V+oQ0bMVdZT5puas7h/x/oI5R/m6 wXlLE2Zs2oaV3LaSC0VCGfUupQhZ1MiPPvDN866TWcV3mqLXBQetTtKT8Y+4r53E bUcr4ia8bMSP+nFRFpMwsbAZUtqrVv+geYgNVjwqSuQNJyyDBEzG1mGzhRMisN3t SxuK3vbv0Y3ncmnFxLLi =5EXF -----END PGP SIGNATURE-----