View Bazaar branches
Get this repository:
git clone https://git.launchpad.net/ubuntu/+source/curl
Members of Ubuntu Server Dev import team can upload to this repository. Log in for directions.

Branches

Name Last Modified Last Commit
ubuntu/yakkety-proposed 2016-08-03 15:59:35 UTC 2016-08-03
Import patches-unapplied version 7.50.1-1ubuntu1 to ubuntu/yakkety-proposed

Author: Gianfranco Costamagna
Author Date: 2016-08-03 13:29:21 UTC

Import patches-unapplied version 7.50.1-1ubuntu1 to ubuntu/yakkety-proposed

Imported using git-ubuntu import.

Changelog parent: 66b33c5f29c1408e27467e38ecd7c7b31dd66572

New changelog entries:
  * Merge from Debian. Remaining changes:
    - Drop dependencies not in main:
      + Build-Depends: Drop libssh2-1-dev, and libnghttp2-dev.
      + Drop libssh2-1-dev from binary package Depends.
      + debian/control: drop --with-nghttp2
  * Drop libgnutls28-dev change, the rename didn't happen in Debian
  * Readd stunnel build dependency, we can build-depend from
    universe now.

applied/ubuntu/yakkety 2016-08-03 15:59:35 UTC 2016-08-03
Import patches-applied version 7.50.1-1ubuntu1 to applied/ubuntu/yakkety-prop...

Author: Gianfranco Costamagna
Author Date: 2016-08-03 13:29:21 UTC

Import patches-applied version 7.50.1-1ubuntu1 to applied/ubuntu/yakkety-proposed

Imported using git-ubuntu import.

Changelog parent: e6250073c1ab4544a30431ac3315400fa664ec44
Unapplied parent: afba32c215c0d4c43297dbed8959b4adaa5ffd6d

New changelog entries:
  * Merge from Debian. Remaining changes:
    - Drop dependencies not in main:
      + Build-Depends: Drop libssh2-1-dev, and libnghttp2-dev.
      + Drop libssh2-1-dev from binary package Depends.
      + debian/control: drop --with-nghttp2
  * Drop libgnutls28-dev change, the rename didn't happen in Debian
  * Readd stunnel build dependency, we can build-depend from
    universe now.

applied/ubuntu/xenial 2016-02-18 07:59:15 UTC 2016-02-18
Import patches-applied version 7.47.0-1ubuntu2 to applied/ubuntu/xenial-proposed

Author: Matthias Klose
Author Date: 2016-02-17 22:40:53 UTC

Import patches-applied version 7.47.0-1ubuntu2 to applied/ubuntu/xenial-proposed

Imported using git-ubuntu import.

Changelog parent: 953a14452cfc2aa3c8a1cbee488527c18e0994ff
Unapplied parent: ec0c316ef41b5ffafeb837447d5520d66d7cc223

New changelog entries:
  * No-change rebuild for gnutls transition.

ubuntu/xenial 2016-02-18 07:59:15 UTC 2016-02-18
Import patches-unapplied version 7.47.0-1ubuntu2 to ubuntu/xenial-proposed

Author: Matthias Klose
Author Date: 2016-02-17 22:40:53 UTC

Import patches-unapplied version 7.47.0-1ubuntu2 to ubuntu/xenial-proposed

Imported using git-ubuntu import.

Changelog parent: f1bee65f395107446f35f5d2d8199e6b4b2dd167

New changelog entries:
  * No-change rebuild for gnutls transition.

ubuntu/xenial-proposed 2016-02-18 07:59:15 UTC 2016-02-18
Import patches-unapplied version 7.47.0-1ubuntu2 to ubuntu/xenial-proposed

Author: Matthias Klose
Author Date: 2016-02-17 22:40:53 UTC

Import patches-unapplied version 7.47.0-1ubuntu2 to ubuntu/xenial-proposed

Imported using git-ubuntu import.

Changelog parent: f1bee65f395107446f35f5d2d8199e6b4b2dd167

New changelog entries:
  * No-change rebuild for gnutls transition.

applied/ubuntu/xenial-proposed 2016-02-18 07:59:15 UTC 2016-02-18
Import patches-applied version 7.47.0-1ubuntu2 to applied/ubuntu/xenial-proposed

Author: Matthias Klose
Author Date: 2016-02-17 22:40:53 UTC

Import patches-applied version 7.47.0-1ubuntu2 to applied/ubuntu/xenial-proposed

Imported using git-ubuntu import.

Changelog parent: 953a14452cfc2aa3c8a1cbee488527c18e0994ff
Unapplied parent: ec0c316ef41b5ffafeb837447d5520d66d7cc223

New changelog entries:
  * No-change rebuild for gnutls transition.

ubuntu/wily-security 2016-01-27 19:04:13 UTC 2016-01-27
Import patches-unapplied version 7.43.0-1ubuntu2.1 to ubuntu/wily-security

Author: Marc Deslauriers
Author Date: 2016-01-26 14:50:28 UTC

Import patches-unapplied version 7.43.0-1ubuntu2.1 to ubuntu/wily-security

Imported using git-ubuntu import.

Changelog parent: 4f3222dabb16e01f90d1a39c6f7dc694a95bb803

New changelog entries:
  * SECURITY UPDATE: NTLM credentials not-checked for proxy connection
    re-use
    - debian/patches/CVE-2016-0755.patch: fix ConnectionExists to compare
      Proxy credentials in lib/url.c.
    - CVE-2016-0755

ubuntu/wily-updates 2016-01-27 19:04:13 UTC 2016-01-27
Import patches-unapplied version 7.43.0-1ubuntu2.1 to ubuntu/wily-security

Author: Marc Deslauriers
Author Date: 2016-01-26 14:50:28 UTC

Import patches-unapplied version 7.43.0-1ubuntu2.1 to ubuntu/wily-security

Imported using git-ubuntu import.

Changelog parent: 4f3222dabb16e01f90d1a39c6f7dc694a95bb803

New changelog entries:
  * SECURITY UPDATE: NTLM credentials not-checked for proxy connection
    re-use
    - debian/patches/CVE-2016-0755.patch: fix ConnectionExists to compare
      Proxy credentials in lib/url.c.
    - CVE-2016-0755

applied/ubuntu/vivid-security 2016-01-27 19:04:13 UTC 2016-01-27
Import patches-applied version 7.38.0-3ubuntu2.3 to applied/ubuntu/vivid-secu...

Author: Marc Deslauriers
Author Date: 2016-01-26 15:02:06 UTC

Import patches-applied version 7.38.0-3ubuntu2.3 to applied/ubuntu/vivid-security

Imported using git-ubuntu import.

Changelog parent: b4169612340541eb1467ab5e6fb4d0033209b767
Unapplied parent: 05701315036ca7e6d41b5d1df00c3f1aca74d997

New changelog entries:
  * SECURITY UPDATE: NTLM credentials not-checked for proxy connection
    re-use
    - debian/patches/CVE-2016-0755.patch: fix ConnectionExists to compare
      Proxy credentials in lib/url.c.
    - CVE-2016-0755

applied/ubuntu/vivid-updates 2016-01-27 19:04:13 UTC 2016-01-27
Import patches-applied version 7.38.0-3ubuntu2.3 to applied/ubuntu/vivid-secu...

Author: Marc Deslauriers
Author Date: 2016-01-26 15:02:06 UTC

Import patches-applied version 7.38.0-3ubuntu2.3 to applied/ubuntu/vivid-security

Imported using git-ubuntu import.

Changelog parent: b4169612340541eb1467ab5e6fb4d0033209b767
Unapplied parent: 05701315036ca7e6d41b5d1df00c3f1aca74d997

New changelog entries:
  * SECURITY UPDATE: NTLM credentials not-checked for proxy connection
    re-use
    - debian/patches/CVE-2016-0755.patch: fix ConnectionExists to compare
      Proxy credentials in lib/url.c.
    - CVE-2016-0755

applied/ubuntu/wily-devel 2016-01-27 19:04:13 UTC 2016-01-27
Import patches-applied version 7.43.0-1ubuntu2.1 to applied/ubuntu/wily-security

Author: Marc Deslauriers
Author Date: 2016-01-26 14:50:28 UTC

Import patches-applied version 7.43.0-1ubuntu2.1 to applied/ubuntu/wily-security

Imported using git-ubuntu import.

Changelog parent: e3cfecec5c50110f60071096f5bca96c386a9610
Unapplied parent: 647a5a158c8a69e5e740eb48b31257f089f57e38

New changelog entries:
  * SECURITY UPDATE: NTLM credentials not-checked for proxy connection
    re-use
    - debian/patches/CVE-2016-0755.patch: fix ConnectionExists to compare
      Proxy credentials in lib/url.c.
    - CVE-2016-0755

ubuntu/vivid-devel 2016-01-27 19:04:13 UTC 2016-01-27
Import patches-unapplied version 7.38.0-3ubuntu2.3 to ubuntu/vivid-security

Author: Marc Deslauriers
Author Date: 2016-01-26 15:02:06 UTC

Import patches-unapplied version 7.38.0-3ubuntu2.3 to ubuntu/vivid-security

Imported using git-ubuntu import.

Changelog parent: 70821a99e5d7343e80949c268720415b9ac6abf5

New changelog entries:
  * SECURITY UPDATE: NTLM credentials not-checked for proxy connection
    re-use
    - debian/patches/CVE-2016-0755.patch: fix ConnectionExists to compare
      Proxy credentials in lib/url.c.
    - CVE-2016-0755

ubuntu/vivid-security 2016-01-27 19:04:13 UTC 2016-01-27
Import patches-unapplied version 7.38.0-3ubuntu2.3 to ubuntu/vivid-security

Author: Marc Deslauriers
Author Date: 2016-01-26 15:02:06 UTC

Import patches-unapplied version 7.38.0-3ubuntu2.3 to ubuntu/vivid-security

Imported using git-ubuntu import.

Changelog parent: 70821a99e5d7343e80949c268720415b9ac6abf5

New changelog entries:
  * SECURITY UPDATE: NTLM credentials not-checked for proxy connection
    re-use
    - debian/patches/CVE-2016-0755.patch: fix ConnectionExists to compare
      Proxy credentials in lib/url.c.
    - CVE-2016-0755

ubuntu/vivid-updates 2016-01-27 19:04:13 UTC 2016-01-27
Import patches-unapplied version 7.38.0-3ubuntu2.3 to ubuntu/vivid-security

Author: Marc Deslauriers
Author Date: 2016-01-26 15:02:06 UTC

Import patches-unapplied version 7.38.0-3ubuntu2.3 to ubuntu/vivid-security

Imported using git-ubuntu import.

Changelog parent: 70821a99e5d7343e80949c268720415b9ac6abf5

New changelog entries:
  * SECURITY UPDATE: NTLM credentials not-checked for proxy connection
    re-use
    - debian/patches/CVE-2016-0755.patch: fix ConnectionExists to compare
      Proxy credentials in lib/url.c.
    - CVE-2016-0755

ubuntu/wily-devel 2016-01-27 19:04:13 UTC 2016-01-27
Import patches-unapplied version 7.43.0-1ubuntu2.1 to ubuntu/wily-security

Author: Marc Deslauriers
Author Date: 2016-01-26 14:50:28 UTC

Import patches-unapplied version 7.43.0-1ubuntu2.1 to ubuntu/wily-security

Imported using git-ubuntu import.

Changelog parent: 4f3222dabb16e01f90d1a39c6f7dc694a95bb803

New changelog entries:
  * SECURITY UPDATE: NTLM credentials not-checked for proxy connection
    re-use
    - debian/patches/CVE-2016-0755.patch: fix ConnectionExists to compare
      Proxy credentials in lib/url.c.
    - CVE-2016-0755

applied/ubuntu/wily-security 2016-01-27 19:04:13 UTC 2016-01-27
Import patches-applied version 7.43.0-1ubuntu2.1 to applied/ubuntu/wily-security

Author: Marc Deslauriers
Author Date: 2016-01-26 14:50:28 UTC

Import patches-applied version 7.43.0-1ubuntu2.1 to applied/ubuntu/wily-security

Imported using git-ubuntu import.

Changelog parent: e3cfecec5c50110f60071096f5bca96c386a9610
Unapplied parent: 647a5a158c8a69e5e740eb48b31257f089f57e38

New changelog entries:
  * SECURITY UPDATE: NTLM credentials not-checked for proxy connection
    re-use
    - debian/patches/CVE-2016-0755.patch: fix ConnectionExists to compare
      Proxy credentials in lib/url.c.
    - CVE-2016-0755

applied/ubuntu/vivid-devel 2016-01-27 19:04:13 UTC 2016-01-27
Import patches-applied version 7.38.0-3ubuntu2.3 to applied/ubuntu/vivid-secu...

Author: Marc Deslauriers
Author Date: 2016-01-26 15:02:06 UTC

Import patches-applied version 7.38.0-3ubuntu2.3 to applied/ubuntu/vivid-security

Imported using git-ubuntu import.

Changelog parent: b4169612340541eb1467ab5e6fb4d0033209b767
Unapplied parent: 05701315036ca7e6d41b5d1df00c3f1aca74d997

New changelog entries:
  * SECURITY UPDATE: NTLM credentials not-checked for proxy connection
    re-use
    - debian/patches/CVE-2016-0755.patch: fix ConnectionExists to compare
      Proxy credentials in lib/url.c.
    - CVE-2016-0755

applied/ubuntu/wily-updates 2016-01-27 19:04:13 UTC 2016-01-27
Import patches-applied version 7.43.0-1ubuntu2.1 to applied/ubuntu/wily-security

Author: Marc Deslauriers
Author Date: 2016-01-26 14:50:28 UTC

Import patches-applied version 7.43.0-1ubuntu2.1 to applied/ubuntu/wily-security

Imported using git-ubuntu import.

Changelog parent: e3cfecec5c50110f60071096f5bca96c386a9610
Unapplied parent: 647a5a158c8a69e5e740eb48b31257f089f57e38

New changelog entries:
  * SECURITY UPDATE: NTLM credentials not-checked for proxy connection
    re-use
    - debian/patches/CVE-2016-0755.patch: fix ConnectionExists to compare
      Proxy credentials in lib/url.c.
    - CVE-2016-0755

applied/debian/wheezy 2015-09-05 16:53:01 UTC 2015-09-05
Import patches-applied version 7.26.0-1+wheezy13 to applied/debian/wheezy

Author: Alessandro Ghedini
Author Date: 2015-04-21 11:51:57 UTC

Import patches-applied version 7.26.0-1+wheezy13 to applied/debian/wheezy

Imported using git-ubuntu import.

Changelog parent: eab8cedda10680d1fb912783bf87628a48f4c611
Unapplied parent: 9b5a67f2d255bb3c11078334f2cfb56fdaae0985

New changelog entries:
  * Fix re-using authenticated connection when unauthenticated
    as per CVE-2015-3143
    http://curl.haxx.se/docs/adv_20150422A.html
  * Fix Negotiate not treated as connection-oriented as per CVE-2015-3148
    http://curl.haxx.se/docs/adv_20150422B.html
  * Fix URL request injection vulnerability as per CVE-2014-8150
    http://curl.haxx.se/docs/adv_20150108B.html
  * Set urgency=high accordingly

debian/wheezy 2015-09-05 16:53:01 UTC 2015-09-05
Import patches-unapplied version 7.26.0-1+wheezy13 to debian/wheezy

Author: Alessandro Ghedini
Author Date: 2015-04-21 11:51:57 UTC

Import patches-unapplied version 7.26.0-1+wheezy13 to debian/wheezy

Imported using git-ubuntu import.

Changelog parent: 6be8109a79fa740739b1073ff408593ea570d19e

New changelog entries:
  * Fix re-using authenticated connection when unauthenticated
    as per CVE-2015-3143
    http://curl.haxx.se/docs/adv_20150422A.html
  * Fix Negotiate not treated as connection-oriented as per CVE-2015-3148
    http://curl.haxx.se/docs/adv_20150422B.html
  * Fix URL request injection vulnerability as per CVE-2014-8150
    http://curl.haxx.se/docs/adv_20150108B.html
  * Set urgency=high accordingly

ubuntu/wily-proposed 2015-08-10 23:48:52 UTC 2015-08-10
Import patches-unapplied version 7.43.0-1ubuntu2 to ubuntu/wily-proposed

Author: Robert Ancell
Author Date: 2015-08-10 23:41:50 UTC

Import patches-unapplied version 7.43.0-1ubuntu2 to ubuntu/wily-proposed

Imported using git-ubuntu import.

Changelog parent: cc1c05cb9024843f0a85bc335f2da8197b038279

New changelog entries:
  * debian/control:
    - Switch build depends from transitional libgnutsl28-dev to libgnutls-dev

ubuntu/wily 2015-08-10 23:48:52 UTC 2015-08-10
Import patches-unapplied version 7.43.0-1ubuntu2 to ubuntu/wily-proposed

Author: Robert Ancell
Author Date: 2015-08-10 23:41:50 UTC

Import patches-unapplied version 7.43.0-1ubuntu2 to ubuntu/wily-proposed

Imported using git-ubuntu import.

Changelog parent: cc1c05cb9024843f0a85bc335f2da8197b038279

New changelog entries:
  * debian/control:
    - Switch build depends from transitional libgnutsl28-dev to libgnutls-dev

applied/ubuntu/wily 2015-08-10 23:48:52 UTC 2015-08-10
Import patches-applied version 7.43.0-1ubuntu2 to applied/ubuntu/wily-proposed

Author: Robert Ancell
Author Date: 2015-08-10 23:41:50 UTC

Import patches-applied version 7.43.0-1ubuntu2 to applied/ubuntu/wily-proposed

Imported using git-ubuntu import.

Changelog parent: 5b1f02e802445977445a563f03e6f213391394d8
Unapplied parent: 19b3749c5585be2aa8b85af08e5ff5cf9602e0aa

New changelog entries:
  * debian/control:
    - Switch build depends from transitional libgnutsl28-dev to libgnutls-dev

applied/ubuntu/wily-proposed 2015-08-10 23:48:52 UTC 2015-08-10
Import patches-applied version 7.43.0-1ubuntu2 to applied/ubuntu/wily-proposed

Author: Robert Ancell
Author Date: 2015-08-10 23:41:50 UTC

Import patches-applied version 7.43.0-1ubuntu2 to applied/ubuntu/wily-proposed

Imported using git-ubuntu import.

Changelog parent: 5b1f02e802445977445a563f03e6f213391394d8
Unapplied parent: 19b3749c5585be2aa8b85af08e5ff5cf9602e0aa

New changelog entries:
  * debian/control:
    - Switch build depends from transitional libgnutsl28-dev to libgnutls-dev

ubuntu/utopic-updates 2015-04-30 13:08:30 UTC 2015-04-30
Import patches-unapplied version 7.37.1-1ubuntu3.4 to ubuntu/utopic-security

Author: Marc Deslauriers
Author Date: 2015-04-29 14:23:26 UTC

Import patches-unapplied version 7.37.1-1ubuntu3.4 to ubuntu/utopic-security

Imported using git-ubuntu import.

Changelog parent: 34a016551b8fa2cce8efbebe3738f699afa4f87b

New changelog entries:
  * SECURITY UPDATE: NTLM connection reuse when unauthenticated
    - debian/patches/CVE-2015-3143.patch: require credentials to match in
      lib/url.c.
    - CVE-2015-3143
  * SECURITY UPDATE: host name out of boundary memory access
    - debian/patches/CVE-2015-3144.patch: check for valid length in
      lib/url.c.
    - CVE-2015-3144
  * SECURITY UPDATE: cookie parser out of boundary memory access
    - debian/patches/CVE-2015-3145.patch: properly handle a single double
      quote in lib/cookie.c.
    - CVE-2015-3145
  * SECURITY UPDATE: negotiate not treated as connection-oriented
    - debian/patches/CVE-2015-3148.patch: don't clear GSSAPI state between
      each exchange and close Negotiate connections when done in
      lib/http.c, lib/http_negotiate.c, lib/http_negotiate_sspi.c.
    - CVE-2015-3148
  * SECURITY UPDATE: sensitive HTTP server headers disclosure to proxies
    - debian/patches/CVE-2015-3153.patch: make HTTP headers separated in
      docs/libcurl/opts/CURLOPT_HEADEROPT.3, lib/url.c,
      tests/data/test1527, tests/data/test287, tests/libtest/lib1527.c.
    - CVE-2015-3153

ubuntu/utopic-devel 2015-04-30 13:08:30 UTC 2015-04-30
Import patches-unapplied version 7.37.1-1ubuntu3.4 to ubuntu/utopic-security

Author: Marc Deslauriers
Author Date: 2015-04-29 14:23:26 UTC

Import patches-unapplied version 7.37.1-1ubuntu3.4 to ubuntu/utopic-security

Imported using git-ubuntu import.

Changelog parent: 34a016551b8fa2cce8efbebe3738f699afa4f87b

New changelog entries:
  * SECURITY UPDATE: NTLM connection reuse when unauthenticated
    - debian/patches/CVE-2015-3143.patch: require credentials to match in
      lib/url.c.
    - CVE-2015-3143
  * SECURITY UPDATE: host name out of boundary memory access
    - debian/patches/CVE-2015-3144.patch: check for valid length in
      lib/url.c.
    - CVE-2015-3144
  * SECURITY UPDATE: cookie parser out of boundary memory access
    - debian/patches/CVE-2015-3145.patch: properly handle a single double
      quote in lib/cookie.c.
    - CVE-2015-3145
  * SECURITY UPDATE: negotiate not treated as connection-oriented
    - debian/patches/CVE-2015-3148.patch: don't clear GSSAPI state between
      each exchange and close Negotiate connections when done in
      lib/http.c, lib/http_negotiate.c, lib/http_negotiate_sspi.c.
    - CVE-2015-3148
  * SECURITY UPDATE: sensitive HTTP server headers disclosure to proxies
    - debian/patches/CVE-2015-3153.patch: make HTTP headers separated in
      docs/libcurl/opts/CURLOPT_HEADEROPT.3, lib/url.c,
      tests/data/test1527, tests/data/test287, tests/libtest/lib1527.c.
    - CVE-2015-3153

applied/ubuntu/utopic-updates 2015-04-30 13:08:30 UTC 2015-04-30
Import patches-applied version 7.37.1-1ubuntu3.4 to applied/ubuntu/utopic-sec...

Author: Marc Deslauriers
Author Date: 2015-04-29 14:23:26 UTC

Import patches-applied version 7.37.1-1ubuntu3.4 to applied/ubuntu/utopic-security

Imported using git-ubuntu import.

Changelog parent: b067c12b814a4aea9668c8b55c5626b59b4128ac
Unapplied parent: eaec5a4412efaae613cb6ca24949cab580eb2259

New changelog entries:
  * SECURITY UPDATE: NTLM connection reuse when unauthenticated
    - debian/patches/CVE-2015-3143.patch: require credentials to match in
      lib/url.c.
    - CVE-2015-3143
  * SECURITY UPDATE: host name out of boundary memory access
    - debian/patches/CVE-2015-3144.patch: check for valid length in
      lib/url.c.
    - CVE-2015-3144
  * SECURITY UPDATE: cookie parser out of boundary memory access
    - debian/patches/CVE-2015-3145.patch: properly handle a single double
      quote in lib/cookie.c.
    - CVE-2015-3145
  * SECURITY UPDATE: negotiate not treated as connection-oriented
    - debian/patches/CVE-2015-3148.patch: don't clear GSSAPI state between
      each exchange and close Negotiate connections when done in
      lib/http.c, lib/http_negotiate.c, lib/http_negotiate_sspi.c.
    - CVE-2015-3148
  * SECURITY UPDATE: sensitive HTTP server headers disclosure to proxies
    - debian/patches/CVE-2015-3153.patch: make HTTP headers separated in
      docs/libcurl/opts/CURLOPT_HEADEROPT.3, lib/url.c,
      tests/data/test1527, tests/data/test287, tests/libtest/lib1527.c.
    - CVE-2015-3153

applied/ubuntu/utopic-security 2015-04-30 13:08:30 UTC 2015-04-30
Import patches-applied version 7.37.1-1ubuntu3.4 to applied/ubuntu/utopic-sec...

Author: Marc Deslauriers
Author Date: 2015-04-29 14:23:26 UTC

Import patches-applied version 7.37.1-1ubuntu3.4 to applied/ubuntu/utopic-security

Imported using git-ubuntu import.

Changelog parent: b067c12b814a4aea9668c8b55c5626b59b4128ac
Unapplied parent: eaec5a4412efaae613cb6ca24949cab580eb2259

New changelog entries:
  * SECURITY UPDATE: NTLM connection reuse when unauthenticated
    - debian/patches/CVE-2015-3143.patch: require credentials to match in
      lib/url.c.
    - CVE-2015-3143
  * SECURITY UPDATE: host name out of boundary memory access
    - debian/patches/CVE-2015-3144.patch: check for valid length in
      lib/url.c.
    - CVE-2015-3144
  * SECURITY UPDATE: cookie parser out of boundary memory access
    - debian/patches/CVE-2015-3145.patch: properly handle a single double
      quote in lib/cookie.c.
    - CVE-2015-3145
  * SECURITY UPDATE: negotiate not treated as connection-oriented
    - debian/patches/CVE-2015-3148.patch: don't clear GSSAPI state between
      each exchange and close Negotiate connections when done in
      lib/http.c, lib/http_negotiate.c, lib/http_negotiate_sspi.c.
    - CVE-2015-3148
  * SECURITY UPDATE: sensitive HTTP server headers disclosure to proxies
    - debian/patches/CVE-2015-3153.patch: make HTTP headers separated in
      docs/libcurl/opts/CURLOPT_HEADEROPT.3, lib/url.c,
      tests/data/test1527, tests/data/test287, tests/libtest/lib1527.c.
    - CVE-2015-3153

applied/ubuntu/utopic-devel 2015-04-30 13:08:30 UTC 2015-04-30
Import patches-applied version 7.37.1-1ubuntu3.4 to applied/ubuntu/utopic-sec...

Author: Marc Deslauriers
Author Date: 2015-04-29 14:23:26 UTC

Import patches-applied version 7.37.1-1ubuntu3.4 to applied/ubuntu/utopic-security

Imported using git-ubuntu import.

Changelog parent: b067c12b814a4aea9668c8b55c5626b59b4128ac
Unapplied parent: eaec5a4412efaae613cb6ca24949cab580eb2259

New changelog entries:
  * SECURITY UPDATE: NTLM connection reuse when unauthenticated
    - debian/patches/CVE-2015-3143.patch: require credentials to match in
      lib/url.c.
    - CVE-2015-3143
  * SECURITY UPDATE: host name out of boundary memory access
    - debian/patches/CVE-2015-3144.patch: check for valid length in
      lib/url.c.
    - CVE-2015-3144
  * SECURITY UPDATE: cookie parser out of boundary memory access
    - debian/patches/CVE-2015-3145.patch: properly handle a single double
      quote in lib/cookie.c.
    - CVE-2015-3145
  * SECURITY UPDATE: negotiate not treated as connection-oriented
    - debian/patches/CVE-2015-3148.patch: don't clear GSSAPI state between
      each exchange and close Negotiate connections when done in
      lib/http.c, lib/http_negotiate.c, lib/http_negotiate_sspi.c.
    - CVE-2015-3148
  * SECURITY UPDATE: sensitive HTTP server headers disclosure to proxies
    - debian/patches/CVE-2015-3153.patch: make HTTP headers separated in
      docs/libcurl/opts/CURLOPT_HEADEROPT.3, lib/url.c,
      tests/data/test1527, tests/data/test287, tests/libtest/lib1527.c.
    - CVE-2015-3153

ubuntu/utopic-security 2015-04-30 13:08:30 UTC 2015-04-30
Import patches-unapplied version 7.37.1-1ubuntu3.4 to ubuntu/utopic-security

Author: Marc Deslauriers
Author Date: 2015-04-29 14:23:26 UTC

Import patches-unapplied version 7.37.1-1ubuntu3.4 to ubuntu/utopic-security

Imported using git-ubuntu import.

Changelog parent: 34a016551b8fa2cce8efbebe3738f699afa4f87b

New changelog entries:
  * SECURITY UPDATE: NTLM connection reuse when unauthenticated
    - debian/patches/CVE-2015-3143.patch: require credentials to match in
      lib/url.c.
    - CVE-2015-3143
  * SECURITY UPDATE: host name out of boundary memory access
    - debian/patches/CVE-2015-3144.patch: check for valid length in
      lib/url.c.
    - CVE-2015-3144
  * SECURITY UPDATE: cookie parser out of boundary memory access
    - debian/patches/CVE-2015-3145.patch: properly handle a single double
      quote in lib/cookie.c.
    - CVE-2015-3145
  * SECURITY UPDATE: negotiate not treated as connection-oriented
    - debian/patches/CVE-2015-3148.patch: don't clear GSSAPI state between
      each exchange and close Negotiate connections when done in
      lib/http.c, lib/http_negotiate.c, lib/http_negotiate_sspi.c.
    - CVE-2015-3148
  * SECURITY UPDATE: sensitive HTTP server headers disclosure to proxies
    - debian/patches/CVE-2015-3153.patch: make HTTP headers separated in
      docs/libcurl/opts/CURLOPT_HEADEROPT.3, lib/url.c,
      tests/data/test1527, tests/data/test287, tests/libtest/lib1527.c.
    - CVE-2015-3153

ubuntu/vivid-proposed 2015-01-15 14:23:26 UTC 2015-01-15
Import patches-unapplied version 7.38.0-3ubuntu2 to ubuntu/vivid-proposed

Author: Marc Deslauriers
Author Date: 2015-01-14 12:57:00 UTC

Import patches-unapplied version 7.38.0-3ubuntu2 to ubuntu/vivid-proposed

Imported using git-ubuntu import.

Changelog parent: b9e6fb0f258b23eb0447a272190e1ae400a825c5

New changelog entries:
  * SECURITY UPDATE: URL request injection
    - debian/patches/CVE-2014-8150.patch: drop bad chars from URL in
      lib/url.c, added test to tests/data/Makefile.am, tests/data/test1529,
      tests/libtest/Makefile.inc, tests/libtest/lib1529.c.
    - CVE-2014-8150

ubuntu/vivid 2015-01-15 14:23:26 UTC 2015-01-15
Import patches-unapplied version 7.38.0-3ubuntu2 to ubuntu/vivid-proposed

Author: Marc Deslauriers
Author Date: 2015-01-14 12:57:00 UTC

Import patches-unapplied version 7.38.0-3ubuntu2 to ubuntu/vivid-proposed

Imported using git-ubuntu import.

Changelog parent: b9e6fb0f258b23eb0447a272190e1ae400a825c5

New changelog entries:
  * SECURITY UPDATE: URL request injection
    - debian/patches/CVE-2014-8150.patch: drop bad chars from URL in
      lib/url.c, added test to tests/data/Makefile.am, tests/data/test1529,
      tests/libtest/Makefile.inc, tests/libtest/lib1529.c.
    - CVE-2014-8150

applied/ubuntu/vivid-proposed 2015-01-15 14:23:26 UTC 2015-01-15
Import patches-applied version 7.38.0-3ubuntu2 to applied/ubuntu/vivid-proposed

Author: Marc Deslauriers
Author Date: 2015-01-14 12:57:00 UTC

Import patches-applied version 7.38.0-3ubuntu2 to applied/ubuntu/vivid-proposed

Imported using git-ubuntu import.

Changelog parent: f578169f074c71356365ea62d51f9a92095be1a0
Unapplied parent: 4ff2590d0908a012dba63c5ebeed1bd414419897

New changelog entries:
  * SECURITY UPDATE: URL request injection
    - debian/patches/CVE-2014-8150.patch: drop bad chars from URL in
      lib/url.c, added test to tests/data/Makefile.am, tests/data/test1529,
      tests/libtest/Makefile.inc, tests/libtest/lib1529.c.
    - CVE-2014-8150

applied/ubuntu/vivid 2015-01-15 14:23:26 UTC 2015-01-15
Import patches-applied version 7.38.0-3ubuntu2 to applied/ubuntu/vivid-proposed

Author: Marc Deslauriers
Author Date: 2015-01-14 12:57:00 UTC

Import patches-applied version 7.38.0-3ubuntu2 to applied/ubuntu/vivid-proposed

Imported using git-ubuntu import.

Changelog parent: f578169f074c71356365ea62d51f9a92095be1a0
Unapplied parent: 4ff2590d0908a012dba63c5ebeed1bd414419897

New changelog entries:
  * SECURITY UPDATE: URL request injection
    - debian/patches/CVE-2014-8150.patch: drop bad chars from URL in
      lib/url.c, added test to tests/data/Makefile.am, tests/data/test1529,
      tests/libtest/Makefile.inc, tests/libtest/lib1529.c.
    - CVE-2014-8150

ubuntu/lucid-devel 2015-01-15 13:58:59 UTC 2015-01-15
Import patches-unapplied version 7.19.7-1ubuntu1.11 to ubuntu/lucid-security

Author: Marc Deslauriers
Author Date: 2015-01-14 21:46:45 UTC

Import patches-unapplied version 7.19.7-1ubuntu1.11 to ubuntu/lucid-security

Imported using git-ubuntu import.

Changelog parent: 57491e072e8180ce4b2032b3784eacfe7fd6b41d

New changelog entries:
  * SECURITY UPDATE: URL request injection
    - debian/patches/CVE-2014-8150.patch: drop bad chars from URL in
      lib/url.c.
    - CVE-2014-8150

applied/ubuntu/lucid-security 2015-01-15 13:58:59 UTC 2015-01-15
Import patches-applied version 7.19.7-1ubuntu1.11 to applied/ubuntu/lucid-sec...

Author: Marc Deslauriers
Author Date: 2015-01-14 21:46:45 UTC

Import patches-applied version 7.19.7-1ubuntu1.11 to applied/ubuntu/lucid-security

Imported using git-ubuntu import.

Changelog parent: 878857d468243783de3453e6f9585d7eefef1ee9
Unapplied parent: 8ce9e39b72d909eae25fab8ef409aa5272ce1e61

New changelog entries:
  * SECURITY UPDATE: URL request injection
    - debian/patches/CVE-2014-8150.patch: drop bad chars from URL in
      lib/url.c.
    - CVE-2014-8150

applied/ubuntu/lucid-updates 2015-01-15 13:58:59 UTC 2015-01-15
Import patches-applied version 7.19.7-1ubuntu1.11 to applied/ubuntu/lucid-sec...

Author: Marc Deslauriers
Author Date: 2015-01-14 21:46:45 UTC

Import patches-applied version 7.19.7-1ubuntu1.11 to applied/ubuntu/lucid-security

Imported using git-ubuntu import.

Changelog parent: 878857d468243783de3453e6f9585d7eefef1ee9
Unapplied parent: 8ce9e39b72d909eae25fab8ef409aa5272ce1e61

New changelog entries:
  * SECURITY UPDATE: URL request injection
    - debian/patches/CVE-2014-8150.patch: drop bad chars from URL in
      lib/url.c.
    - CVE-2014-8150

applied/ubuntu/lucid-devel 2015-01-15 13:58:59 UTC 2015-01-15
Import patches-applied version 7.19.7-1ubuntu1.11 to applied/ubuntu/lucid-sec...

Author: Marc Deslauriers
Author Date: 2015-01-14 21:46:45 UTC

Import patches-applied version 7.19.7-1ubuntu1.11 to applied/ubuntu/lucid-security

Imported using git-ubuntu import.

Changelog parent: 878857d468243783de3453e6f9585d7eefef1ee9
Unapplied parent: 8ce9e39b72d909eae25fab8ef409aa5272ce1e61

New changelog entries:
  * SECURITY UPDATE: URL request injection
    - debian/patches/CVE-2014-8150.patch: drop bad chars from URL in
      lib/url.c.
    - CVE-2014-8150

ubuntu/lucid-updates 2015-01-15 13:58:59 UTC 2015-01-15
Import patches-unapplied version 7.19.7-1ubuntu1.11 to ubuntu/lucid-security

Author: Marc Deslauriers
Author Date: 2015-01-14 21:46:45 UTC

Import patches-unapplied version 7.19.7-1ubuntu1.11 to ubuntu/lucid-security

Imported using git-ubuntu import.

Changelog parent: 57491e072e8180ce4b2032b3784eacfe7fd6b41d

New changelog entries:
  * SECURITY UPDATE: URL request injection
    - debian/patches/CVE-2014-8150.patch: drop bad chars from URL in
      lib/url.c.
    - CVE-2014-8150

ubuntu/lucid-security 2015-01-15 13:58:59 UTC 2015-01-15
Import patches-unapplied version 7.19.7-1ubuntu1.11 to ubuntu/lucid-security

Author: Marc Deslauriers
Author Date: 2015-01-14 21:46:45 UTC

Import patches-unapplied version 7.19.7-1ubuntu1.11 to ubuntu/lucid-security

Imported using git-ubuntu import.

Changelog parent: 57491e072e8180ce4b2032b3784eacfe7fd6b41d

New changelog entries:
  * SECURITY UPDATE: URL request injection
    - debian/patches/CVE-2014-8150.patch: drop bad chars from URL in
      lib/url.c.
    - CVE-2014-8150

ubuntu/utopic 2014-10-03 12:48:36 UTC 2014-10-03
Import patches-unapplied version 7.37.1-1ubuntu3 to ubuntu/utopic-proposed

Author: Brian Murray
Author Date: 2014-10-02 20:26:57 UTC

Import patches-unapplied version 7.37.1-1ubuntu3 to ubuntu/utopic-proposed

Imported using git-ubuntu import.

Changelog parent: c0d1703f541ec6b91dbb4e42960a6975e6dd7cfa

New changelog entries:
  * debian/patches/09_fix-timeout-in-poll-and-wait.patch: apply upstream
    commit fixing timeout return value for curl_poll and curl_wait_ms.
    Thanks to Grzegorz Gutowski for finding the patch. (LP: #1375663)

applied/ubuntu/utopic 2014-10-03 12:48:36 UTC 2014-10-03
Import patches-applied version 7.37.1-1ubuntu3 to applied/ubuntu/utopic-proposed

Author: Brian Murray
Author Date: 2014-10-02 20:26:57 UTC

Import patches-applied version 7.37.1-1ubuntu3 to applied/ubuntu/utopic-proposed

Imported using git-ubuntu import.

Changelog parent: f69d6388ae35c57245096f11375e59c1340c7331
Unapplied parent: 9a1785d99e800c1c9ded3317cab7a4505b109180

New changelog entries:
  * debian/patches/09_fix-timeout-in-poll-and-wait.patch: apply upstream
    commit fixing timeout return value for curl_poll and curl_wait_ms.
    Thanks to Grzegorz Gutowski for finding the patch. (LP: #1375663)

ubuntu/utopic-proposed 2014-10-03 12:48:36 UTC 2014-10-03
Import patches-unapplied version 7.37.1-1ubuntu3 to ubuntu/utopic-proposed

Author: Brian Murray
Author Date: 2014-10-02 20:26:57 UTC

Import patches-unapplied version 7.37.1-1ubuntu3 to ubuntu/utopic-proposed

Imported using git-ubuntu import.

Changelog parent: c0d1703f541ec6b91dbb4e42960a6975e6dd7cfa

New changelog entries:
  * debian/patches/09_fix-timeout-in-poll-and-wait.patch: apply upstream
    commit fixing timeout return value for curl_poll and curl_wait_ms.
    Thanks to Grzegorz Gutowski for finding the patch. (LP: #1375663)

applied/ubuntu/utopic-proposed 2014-10-03 12:48:36 UTC 2014-10-03
Import patches-applied version 7.37.1-1ubuntu3 to applied/ubuntu/utopic-proposed

Author: Brian Murray
Author Date: 2014-10-02 20:26:57 UTC

Import patches-applied version 7.37.1-1ubuntu3 to applied/ubuntu/utopic-proposed

Imported using git-ubuntu import.

Changelog parent: f69d6388ae35c57245096f11375e59c1340c7331
Unapplied parent: 9a1785d99e800c1c9ded3317cab7a4505b109180

New changelog entries:
  * debian/patches/09_fix-timeout-in-poll-and-wait.patch: apply upstream
    commit fixing timeout return value for curl_poll and curl_wait_ms.
    Thanks to Grzegorz Gutowski for finding the patch. (LP: #1375663)

applied/debian/squeeze 2014-07-19 16:57:04 UTC 2014-07-19
Import patches-applied version 7.21.0-2.1+squeeze8 to applied/debian/squeeze

Author: Alessandro Ghedini
Author Date: 2014-04-09 17:47:38 UTC

Import patches-applied version 7.21.0-2.1+squeeze8 to applied/debian/squeeze

Imported using git-ubuntu import.

Changelog parent: bf7276eef25159a7bf99e8a97f8b30d89384f414
Unapplied parent: e143149673ce236ad4c8c4f53e3aad2864c19b9f

New changelog entries:
  * Fix multiple security issues (Closes: #742728):
    - Fix connection re-use when using different log-in credentials
      as per CVE-2014-0138
      http://curl.haxx.se/docs/adv_20140326A.html
    - Reject IP address wildcard matches as per CVE-2014-0139
      http://curl.haxx.se/docs/adv_20140326B.html
  * Set urgency=high accordingly

debian/squeeze 2014-07-19 16:57:04 UTC 2014-07-19
Import patches-unapplied version 7.21.0-2.1+squeeze8 to debian/squeeze

Author: Alessandro Ghedini
Author Date: 2014-04-09 17:47:38 UTC

Import patches-unapplied version 7.21.0-2.1+squeeze8 to debian/squeeze

Imported using git-ubuntu import.

Changelog parent: ce49255ccaac46935dd4c3075bb8446b6d8fc6ff

New changelog entries:
  * Fix multiple security issues (Closes: #742728):
    - Fix connection re-use when using different log-in credentials
      as per CVE-2014-0138
      http://curl.haxx.se/docs/adv_20140326A.html
    - Reject IP address wildcard matches as per CVE-2014-0139
      http://curl.haxx.se/docs/adv_20140326B.html
  * Set urgency=high accordingly

ubuntu/saucy-security 2014-04-14 18:08:21 UTC 2014-04-14
Import patches-unapplied version 7.32.0-1ubuntu1.4 to ubuntu/saucy-security

Author: Marc Deslauriers
Author Date: 2014-04-01 14:16:55 UTC

Import patches-unapplied version 7.32.0-1ubuntu1.4 to ubuntu/saucy-security

Imported using git-ubuntu import.

Changelog parent: 202d2ba64179c6f81152607e7d9b20254319ab6e

New changelog entries:
  * SECURITY UPDATE: wrong re-use of connections
    - debian/patches/CVE-2014-0138.patch: fix possible issues with NTLM
      HTTP logic, and extend new connection logic to other protocols in
      lib/http.c, lib/url.c, lib/urldata.h, add new tests to
      tests/data/Makefile.am, tests/data/test1418, tests/data/test1419.
    - CVE-2014-0138
  * SECURITY UPDATE: incorrect wildcard SSL certificate validation with
    literal IP addresses
    - debian/patches/CVE-2014-0139.patch: fix wildcard logic in
      lib/hostcheck.c, added tests to tests/data/Makefile.am,
      tests/data/test1397, tests/unit/Makefile.inc, tests/unit/unit1397.c.
    - CVE-2014-0139
  * debian/patches/fix_test172.path: fix expired cookie causing test to
    fail.

ubuntu/saucy-devel 2014-04-14 18:08:21 UTC 2014-04-14
Import patches-unapplied version 7.32.0-1ubuntu1.4 to ubuntu/saucy-security

Author: Marc Deslauriers
Author Date: 2014-04-01 14:16:55 UTC

Import patches-unapplied version 7.32.0-1ubuntu1.4 to ubuntu/saucy-security

Imported using git-ubuntu import.

Changelog parent: 202d2ba64179c6f81152607e7d9b20254319ab6e

New changelog entries:
  * SECURITY UPDATE: wrong re-use of connections
    - debian/patches/CVE-2014-0138.patch: fix possible issues with NTLM
      HTTP logic, and extend new connection logic to other protocols in
      lib/http.c, lib/url.c, lib/urldata.h, add new tests to
      tests/data/Makefile.am, tests/data/test1418, tests/data/test1419.
    - CVE-2014-0138
  * SECURITY UPDATE: incorrect wildcard SSL certificate validation with
    literal IP addresses
    - debian/patches/CVE-2014-0139.patch: fix wildcard logic in
      lib/hostcheck.c, added tests to tests/data/Makefile.am,
      tests/data/test1397, tests/unit/Makefile.inc, tests/unit/unit1397.c.
    - CVE-2014-0139
  * debian/patches/fix_test172.path: fix expired cookie causing test to
    fail.

applied/ubuntu/saucy-updates 2014-04-14 18:08:21 UTC 2014-04-14
Import patches-applied version 7.32.0-1ubuntu1.4 to applied/ubuntu/saucy-secu...

Author: Marc Deslauriers
Author Date: 2014-04-01 14:16:55 UTC

Import patches-applied version 7.32.0-1ubuntu1.4 to applied/ubuntu/saucy-security

Imported using git-ubuntu import.

Changelog parent: 93e9a404055133620029de65617b49532ddd395e
Unapplied parent: 563c0f1105521a7abd33a80627fc01a1de5f5acb

New changelog entries:
  * SECURITY UPDATE: wrong re-use of connections
    - debian/patches/CVE-2014-0138.patch: fix possible issues with NTLM
      HTTP logic, and extend new connection logic to other protocols in
      lib/http.c, lib/url.c, lib/urldata.h, add new tests to
      tests/data/Makefile.am, tests/data/test1418, tests/data/test1419.
    - CVE-2014-0138
  * SECURITY UPDATE: incorrect wildcard SSL certificate validation with
    literal IP addresses
    - debian/patches/CVE-2014-0139.patch: fix wildcard logic in
      lib/hostcheck.c, added tests to tests/data/Makefile.am,
      tests/data/test1397, tests/unit/Makefile.inc, tests/unit/unit1397.c.
    - CVE-2014-0139
  * debian/patches/fix_test172.path: fix expired cookie causing test to
    fail.

applied/ubuntu/saucy-security 2014-04-14 18:08:21 UTC 2014-04-14
Import patches-applied version 7.32.0-1ubuntu1.4 to applied/ubuntu/saucy-secu...

Author: Marc Deslauriers
Author Date: 2014-04-01 14:16:55 UTC

Import patches-applied version 7.32.0-1ubuntu1.4 to applied/ubuntu/saucy-security

Imported using git-ubuntu import.

Changelog parent: 93e9a404055133620029de65617b49532ddd395e
Unapplied parent: 563c0f1105521a7abd33a80627fc01a1de5f5acb

New changelog entries:
  * SECURITY UPDATE: wrong re-use of connections
    - debian/patches/CVE-2014-0138.patch: fix possible issues with NTLM
      HTTP logic, and extend new connection logic to other protocols in
      lib/http.c, lib/url.c, lib/urldata.h, add new tests to
      tests/data/Makefile.am, tests/data/test1418, tests/data/test1419.
    - CVE-2014-0138
  * SECURITY UPDATE: incorrect wildcard SSL certificate validation with
    literal IP addresses
    - debian/patches/CVE-2014-0139.patch: fix wildcard logic in
      lib/hostcheck.c, added tests to tests/data/Makefile.am,
      tests/data/test1397, tests/unit/Makefile.inc, tests/unit/unit1397.c.
    - CVE-2014-0139
  * debian/patches/fix_test172.path: fix expired cookie causing test to
    fail.

applied/ubuntu/saucy-devel 2014-04-14 18:08:21 UTC 2014-04-14
Import patches-applied version 7.32.0-1ubuntu1.4 to applied/ubuntu/saucy-secu...

Author: Marc Deslauriers
Author Date: 2014-04-01 14:16:55 UTC

Import patches-applied version 7.32.0-1ubuntu1.4 to applied/ubuntu/saucy-security

Imported using git-ubuntu import.

Changelog parent: 93e9a404055133620029de65617b49532ddd395e
Unapplied parent: 563c0f1105521a7abd33a80627fc01a1de5f5acb

New changelog entries:
  * SECURITY UPDATE: wrong re-use of connections
    - debian/patches/CVE-2014-0138.patch: fix possible issues with NTLM
      HTTP logic, and extend new connection logic to other protocols in
      lib/http.c, lib/url.c, lib/urldata.h, add new tests to
      tests/data/Makefile.am, tests/data/test1418, tests/data/test1419.
    - CVE-2014-0138
  * SECURITY UPDATE: incorrect wildcard SSL certificate validation with
    literal IP addresses
    - debian/patches/CVE-2014-0139.patch: fix wildcard logic in
      lib/hostcheck.c, added tests to tests/data/Makefile.am,
      tests/data/test1397, tests/unit/Makefile.inc, tests/unit/unit1397.c.
    - CVE-2014-0139
  * debian/patches/fix_test172.path: fix expired cookie causing test to
    fail.

ubuntu/quantal-updates 2014-04-14 18:08:21 UTC 2014-04-14
Import patches-unapplied version 7.27.0-1ubuntu1.9 to ubuntu/quantal-security

Author: Marc Deslauriers
Author Date: 2014-04-01 13:59:44 UTC

Import patches-unapplied version 7.27.0-1ubuntu1.9 to ubuntu/quantal-security

Imported using git-ubuntu import.

Changelog parent: d1614e188c00ef5b4c9749fe59bf466ff5a717b3

New changelog entries:
  * SECURITY UPDATE: wrong re-use of connections
    - debian/patches/CVE-2014-0138.patch: fix possible issues with NTLM
      HTTP logic, and extend new connection logic to other protocols in
      lib/http.c, lib/url.c, lib/urldata.h, add new tests to
      tests/data/Makefile.am, tests/data/test1418, tests/data/test1419.
    - CVE-2014-0138
  * SECURITY UPDATE: incorrect wildcard SSL certificate validation with
    literal IP addresses
    - debian/patches/CVE-2014-0139.patch: fix wildcard logic in
      lib/ssluse.c.
    - CVE-2014-0139
  * debian/patches/fix_test172.path: fix expired cookie causing test to
    fail.
  * debian/patches/disable_test519.path: disable test 519 as security
    update causes it to hang. Fixing this would require backporting new
    logic into tests/server/sws.c.

ubuntu/quantal-security 2014-04-14 18:08:21 UTC 2014-04-14
Import patches-unapplied version 7.27.0-1ubuntu1.9 to ubuntu/quantal-security

Author: Marc Deslauriers
Author Date: 2014-04-01 13:59:44 UTC

Import patches-unapplied version 7.27.0-1ubuntu1.9 to ubuntu/quantal-security

Imported using git-ubuntu import.

Changelog parent: d1614e188c00ef5b4c9749fe59bf466ff5a717b3

New changelog entries:
  * SECURITY UPDATE: wrong re-use of connections
    - debian/patches/CVE-2014-0138.patch: fix possible issues with NTLM
      HTTP logic, and extend new connection logic to other protocols in
      lib/http.c, lib/url.c, lib/urldata.h, add new tests to
      tests/data/Makefile.am, tests/data/test1418, tests/data/test1419.
    - CVE-2014-0138
  * SECURITY UPDATE: incorrect wildcard SSL certificate validation with
    literal IP addresses
    - debian/patches/CVE-2014-0139.patch: fix wildcard logic in
      lib/ssluse.c.
    - CVE-2014-0139
  * debian/patches/fix_test172.path: fix expired cookie causing test to
    fail.
  * debian/patches/disable_test519.path: disable test 519 as security
    update causes it to hang. Fixing this would require backporting new
    logic into tests/server/sws.c.

applied/ubuntu/quantal-updates 2014-04-14 18:08:21 UTC 2014-04-14
Import patches-applied version 7.27.0-1ubuntu1.9 to applied/ubuntu/quantal-se...

Author: Marc Deslauriers
Author Date: 2014-04-01 13:59:44 UTC

Import patches-applied version 7.27.0-1ubuntu1.9 to applied/ubuntu/quantal-security

Imported using git-ubuntu import.

Changelog parent: b561c529923480a4c97c1a98661a21b1aad8effc
Unapplied parent: 35e5580c4023d231bf3a07088a7b6971f892b565

New changelog entries:
  * SECURITY UPDATE: wrong re-use of connections
    - debian/patches/CVE-2014-0138.patch: fix possible issues with NTLM
      HTTP logic, and extend new connection logic to other protocols in
      lib/http.c, lib/url.c, lib/urldata.h, add new tests to
      tests/data/Makefile.am, tests/data/test1418, tests/data/test1419.
    - CVE-2014-0138
  * SECURITY UPDATE: incorrect wildcard SSL certificate validation with
    literal IP addresses
    - debian/patches/CVE-2014-0139.patch: fix wildcard logic in
      lib/ssluse.c.
    - CVE-2014-0139
  * debian/patches/fix_test172.path: fix expired cookie causing test to
    fail.
  * debian/patches/disable_test519.path: disable test 519 as security
    update causes it to hang. Fixing this would require backporting new
    logic into tests/server/sws.c.

applied/ubuntu/quantal-security 2014-04-14 18:08:21 UTC 2014-04-14
Import patches-applied version 7.27.0-1ubuntu1.9 to applied/ubuntu/quantal-se...

Author: Marc Deslauriers
Author Date: 2014-04-01 13:59:44 UTC

Import patches-applied version 7.27.0-1ubuntu1.9 to applied/ubuntu/quantal-security

Imported using git-ubuntu import.

Changelog parent: b561c529923480a4c97c1a98661a21b1aad8effc
Unapplied parent: 35e5580c4023d231bf3a07088a7b6971f892b565

New changelog entries:
  * SECURITY UPDATE: wrong re-use of connections
    - debian/patches/CVE-2014-0138.patch: fix possible issues with NTLM
      HTTP logic, and extend new connection logic to other protocols in
      lib/http.c, lib/url.c, lib/urldata.h, add new tests to
      tests/data/Makefile.am, tests/data/test1418, tests/data/test1419.
    - CVE-2014-0138
  * SECURITY UPDATE: incorrect wildcard SSL certificate validation with
    literal IP addresses
    - debian/patches/CVE-2014-0139.patch: fix wildcard logic in
      lib/ssluse.c.
    - CVE-2014-0139
  * debian/patches/fix_test172.path: fix expired cookie causing test to
    fail.
  * debian/patches/disable_test519.path: disable test 519 as security
    update causes it to hang. Fixing this would require backporting new
    logic into tests/server/sws.c.

applied/ubuntu/quantal-devel 2014-04-14 18:08:21 UTC 2014-04-14
Import patches-applied version 7.27.0-1ubuntu1.9 to applied/ubuntu/quantal-se...

Author: Marc Deslauriers
Author Date: 2014-04-01 13:59:44 UTC

Import patches-applied version 7.27.0-1ubuntu1.9 to applied/ubuntu/quantal-security

Imported using git-ubuntu import.

Changelog parent: b561c529923480a4c97c1a98661a21b1aad8effc
Unapplied parent: 35e5580c4023d231bf3a07088a7b6971f892b565

New changelog entries:
  * SECURITY UPDATE: wrong re-use of connections
    - debian/patches/CVE-2014-0138.patch: fix possible issues with NTLM
      HTTP logic, and extend new connection logic to other protocols in
      lib/http.c, lib/url.c, lib/urldata.h, add new tests to
      tests/data/Makefile.am, tests/data/test1418, tests/data/test1419.
    - CVE-2014-0138
  * SECURITY UPDATE: incorrect wildcard SSL certificate validation with
    literal IP addresses
    - debian/patches/CVE-2014-0139.patch: fix wildcard logic in
      lib/ssluse.c.
    - CVE-2014-0139
  * debian/patches/fix_test172.path: fix expired cookie causing test to
    fail.
  * debian/patches/disable_test519.path: disable test 519 as security
    update causes it to hang. Fixing this would require backporting new
    logic into tests/server/sws.c.

ubuntu/quantal-devel 2014-04-14 18:08:21 UTC 2014-04-14
Import patches-unapplied version 7.27.0-1ubuntu1.9 to ubuntu/quantal-security

Author: Marc Deslauriers
Author Date: 2014-04-01 13:59:44 UTC

Import patches-unapplied version 7.27.0-1ubuntu1.9 to ubuntu/quantal-security

Imported using git-ubuntu import.

Changelog parent: d1614e188c00ef5b4c9749fe59bf466ff5a717b3

New changelog entries:
  * SECURITY UPDATE: wrong re-use of connections
    - debian/patches/CVE-2014-0138.patch: fix possible issues with NTLM
      HTTP logic, and extend new connection logic to other protocols in
      lib/http.c, lib/url.c, lib/urldata.h, add new tests to
      tests/data/Makefile.am, tests/data/test1418, tests/data/test1419.
    - CVE-2014-0138
  * SECURITY UPDATE: incorrect wildcard SSL certificate validation with
    literal IP addresses
    - debian/patches/CVE-2014-0139.patch: fix wildcard logic in
      lib/ssluse.c.
    - CVE-2014-0139
  * debian/patches/fix_test172.path: fix expired cookie causing test to
    fail.
  * debian/patches/disable_test519.path: disable test 519 as security
    update causes it to hang. Fixing this would require backporting new
    logic into tests/server/sws.c.

ubuntu/saucy-updates 2014-04-14 18:08:21 UTC 2014-04-14
Import patches-unapplied version 7.32.0-1ubuntu1.4 to ubuntu/saucy-security

Author: Marc Deslauriers
Author Date: 2014-04-01 14:16:55 UTC

Import patches-unapplied version 7.32.0-1ubuntu1.4 to ubuntu/saucy-security

Imported using git-ubuntu import.

Changelog parent: 202d2ba64179c6f81152607e7d9b20254319ab6e

New changelog entries:
  * SECURITY UPDATE: wrong re-use of connections
    - debian/patches/CVE-2014-0138.patch: fix possible issues with NTLM
      HTTP logic, and extend new connection logic to other protocols in
      lib/http.c, lib/url.c, lib/urldata.h, add new tests to
      tests/data/Makefile.am, tests/data/test1418, tests/data/test1419.
    - CVE-2014-0138
  * SECURITY UPDATE: incorrect wildcard SSL certificate validation with
    literal IP addresses
    - debian/patches/CVE-2014-0139.patch: fix wildcard logic in
      lib/hostcheck.c, added tests to tests/data/Makefile.am,
      tests/data/test1397, tests/unit/Makefile.inc, tests/unit/unit1397.c.
    - CVE-2014-0139
  * debian/patches/fix_test172.path: fix expired cookie causing test to
    fail.

ubuntu/trusty 2014-04-01 17:28:20 UTC 2014-04-01
Import patches-unapplied version 7.35.0-1ubuntu2 to ubuntu/trusty-proposed

Author: Marc Deslauriers
Author Date: 2014-04-01 13:25:23 UTC

Import patches-unapplied version 7.35.0-1ubuntu2 to ubuntu/trusty-proposed

Imported using git-ubuntu import.

Changelog parent: c9e7660b439c738702ddffab0c07d8630c3411d9

New changelog entries:
  * SECURITY UPDATE: wrong re-use of connections
    - debian/patches/CVE-2014-0138.patch: fix possible issues with NTLM
      HTTP logic, and extend new connection logic to other protocols in
      lib/http.c, lib/url.c, lib/urldata.h, add new tests to
      tests/data/Makefile.am, tests/data/test1418, tests/data/test1419.
    - CVE-2014-0138
  * SECURITY UPDATE: incorrect wildcard SSL certificate validation with
    literal IP addresses
    - debian/patches/CVE-2014-0139.patch: fix wildcard logic in
      lib/hostcheck.c, added tests to tests/data/Makefile.am,
      tests/data/test1397, tests/unit/Makefile.inc, tests/unit/unit1397.c.
    - CVE-2014-0139
  * debian/patches/fix_test172.path: fix expired cookie causing test to
    fail.

applied/ubuntu/trusty 2014-04-01 17:28:20 UTC 2014-04-01
Import patches-applied version 7.35.0-1ubuntu2 to applied/ubuntu/trusty-proposed

Author: Marc Deslauriers
Author Date: 2014-04-01 13:25:23 UTC

Import patches-applied version 7.35.0-1ubuntu2 to applied/ubuntu/trusty-proposed

Imported using git-ubuntu import.

Changelog parent: 3c12a6e7b8b5a74e6a9d738972d7bb518f2c50b6
Unapplied parent: 175073b602f71adfa7859ff46bc6e3302f6c7083

New changelog entries:
  * SECURITY UPDATE: wrong re-use of connections
    - debian/patches/CVE-2014-0138.patch: fix possible issues with NTLM
      HTTP logic, and extend new connection logic to other protocols in
      lib/http.c, lib/url.c, lib/urldata.h, add new tests to
      tests/data/Makefile.am, tests/data/test1418, tests/data/test1419.
    - CVE-2014-0138
  * SECURITY UPDATE: incorrect wildcard SSL certificate validation with
    literal IP addresses
    - debian/patches/CVE-2014-0139.patch: fix wildcard logic in
      lib/hostcheck.c, added tests to tests/data/Makefile.am,
      tests/data/test1397, tests/unit/Makefile.inc, tests/unit/unit1397.c.
    - CVE-2014-0139
  * debian/patches/fix_test172.path: fix expired cookie causing test to
    fail.

applied/ubuntu/raring-devel 2013-12-18 12:48:36 UTC 2013-12-18
Import patches-applied version 7.29.0-1ubuntu3.4 to applied/ubuntu/raring-sec...

Author: Marc Deslauriers
Author Date: 2013-12-17 17:47:31 UTC

Import patches-applied version 7.29.0-1ubuntu3.4 to applied/ubuntu/raring-security

Imported using git-ubuntu import.

Changelog parent: 890b331ca33120d9759047a48088bd8d207460a1
Unapplied parent: 4a1316483aae8a05838363b214e3839f6f59db3f

New changelog entries:
  * SECURITY UPDATE: missing CN verification when signature verification is
    disabled in GnuTLS backend.
    - debian/patches/CVE-2013-6422.patch: still verify host when
      CURLOPT_SSL_VERIFYPEER isn't set in lib/gtls.c.
    - CVE-2013-6422

applied/ubuntu/raring-security 2013-12-18 12:48:36 UTC 2013-12-18
Import patches-applied version 7.29.0-1ubuntu3.4 to applied/ubuntu/raring-sec...

Author: Marc Deslauriers
Author Date: 2013-12-17 17:47:31 UTC

Import patches-applied version 7.29.0-1ubuntu3.4 to applied/ubuntu/raring-security

Imported using git-ubuntu import.

Changelog parent: 890b331ca33120d9759047a48088bd8d207460a1
Unapplied parent: 4a1316483aae8a05838363b214e3839f6f59db3f

New changelog entries:
  * SECURITY UPDATE: missing CN verification when signature verification is
    disabled in GnuTLS backend.
    - debian/patches/CVE-2013-6422.patch: still verify host when
      CURLOPT_SSL_VERIFYPEER isn't set in lib/gtls.c.
    - CVE-2013-6422

ubuntu/raring-security 2013-12-18 12:48:36 UTC 2013-12-18
Import patches-unapplied version 7.29.0-1ubuntu3.4 to ubuntu/raring-security

Author: Marc Deslauriers
Author Date: 2013-12-17 17:47:31 UTC

Import patches-unapplied version 7.29.0-1ubuntu3.4 to ubuntu/raring-security

Imported using git-ubuntu import.

Changelog parent: 62bd43b4a1028a2f2cd865a8cf4f22b5b1cb1777

New changelog entries:
  * SECURITY UPDATE: missing CN verification when signature verification is
    disabled in GnuTLS backend.
    - debian/patches/CVE-2013-6422.patch: still verify host when
      CURLOPT_SSL_VERIFYPEER isn't set in lib/gtls.c.
    - CVE-2013-6422

applied/ubuntu/raring-updates 2013-12-18 12:48:36 UTC 2013-12-18
Import patches-applied version 7.29.0-1ubuntu3.4 to applied/ubuntu/raring-sec...

Author: Marc Deslauriers
Author Date: 2013-12-17 17:47:31 UTC

Import patches-applied version 7.29.0-1ubuntu3.4 to applied/ubuntu/raring-security

Imported using git-ubuntu import.

Changelog parent: 890b331ca33120d9759047a48088bd8d207460a1
Unapplied parent: 4a1316483aae8a05838363b214e3839f6f59db3f

New changelog entries:
  * SECURITY UPDATE: missing CN verification when signature verification is
    disabled in GnuTLS backend.
    - debian/patches/CVE-2013-6422.patch: still verify host when
      CURLOPT_SSL_VERIFYPEER isn't set in lib/gtls.c.
    - CVE-2013-6422

ubuntu/raring-devel 2013-12-18 12:48:36 UTC 2013-12-18
Import patches-unapplied version 7.29.0-1ubuntu3.4 to ubuntu/raring-security

Author: Marc Deslauriers
Author Date: 2013-12-17 17:47:31 UTC

Import patches-unapplied version 7.29.0-1ubuntu3.4 to ubuntu/raring-security

Imported using git-ubuntu import.

Changelog parent: 62bd43b4a1028a2f2cd865a8cf4f22b5b1cb1777

New changelog entries:
  * SECURITY UPDATE: missing CN verification when signature verification is
    disabled in GnuTLS backend.
    - debian/patches/CVE-2013-6422.patch: still verify host when
      CURLOPT_SSL_VERIFYPEER isn't set in lib/gtls.c.
    - CVE-2013-6422

ubuntu/raring-updates 2013-12-18 12:48:36 UTC 2013-12-18
Import patches-unapplied version 7.29.0-1ubuntu3.4 to ubuntu/raring-security

Author: Marc Deslauriers
Author Date: 2013-12-17 17:47:31 UTC

Import patches-unapplied version 7.29.0-1ubuntu3.4 to ubuntu/raring-security

Imported using git-ubuntu import.

Changelog parent: 62bd43b4a1028a2f2cd865a8cf4f22b5b1cb1777

New changelog entries:
  * SECURITY UPDATE: missing CN verification when signature verification is
    disabled in GnuTLS backend.
    - debian/patches/CVE-2013-6422.patch: still verify host when
      CURLOPT_SSL_VERIFYPEER isn't set in lib/gtls.c.
    - CVE-2013-6422

ubuntu/saucy-proposed 2013-09-04 21:43:14 UTC 2013-09-04
Import patches-unapplied version 7.32.0-1ubuntu1 to ubuntu/saucy-proposed

Author: Merge-o-Matic
Author Date: 2013-08-12 15:39:32 UTC

Import patches-unapplied version 7.32.0-1ubuntu1 to ubuntu/saucy-proposed

Imported using git-ubuntu import.

Changelog parent: 208f6bcce4740b26f5b0d98fdda93ab58b7ee9b9

New changelog entries:
  * Merge from Debian unstable. Remaining changes:
    - Drop dependencies not in main:
      + Build-Depends: Drop stunnel4 and libssh2-1-dev.
      + Drop libssh2-1-dev from binary package Depends.
    - Add new libcurl3-udeb package.
    - Add new curl-udeb package.
  * Fixes freeipa-client join. (LP: #1220928)

applied/ubuntu/saucy-proposed 2013-09-04 21:43:14 UTC 2013-09-04
Import patches-applied version 7.32.0-1ubuntu1 to applied/ubuntu/saucy-proposed

Author: Merge-o-Matic
Author Date: 2013-08-12 15:39:32 UTC

Import patches-applied version 7.32.0-1ubuntu1 to applied/ubuntu/saucy-proposed

Imported using git-ubuntu import.

Changelog parent: d1e6a9c47a8bf3f46cff85483136a49400fd5128
Unapplied parent: 21054e605a50cfbcf3be43468f2cbeca330767fb

New changelog entries:
  * Merge from Debian unstable. Remaining changes:
    - Drop dependencies not in main:
      + Build-Depends: Drop stunnel4 and libssh2-1-dev.
      + Drop libssh2-1-dev from binary package Depends.
    - Add new libcurl3-udeb package.
    - Add new curl-udeb package.
  * Fixes freeipa-client join. (LP: #1220928)

ubuntu/saucy 2013-09-04 21:43:14 UTC 2013-09-04
Import patches-unapplied version 7.32.0-1ubuntu1 to ubuntu/saucy-proposed

Author: Merge-o-Matic
Author Date: 2013-08-12 15:39:32 UTC

Import patches-unapplied version 7.32.0-1ubuntu1 to ubuntu/saucy-proposed

Imported using git-ubuntu import.

Changelog parent: 208f6bcce4740b26f5b0d98fdda93ab58b7ee9b9

New changelog entries:
  * Merge from Debian unstable. Remaining changes:
    - Drop dependencies not in main:
      + Build-Depends: Drop stunnel4 and libssh2-1-dev.
      + Drop libssh2-1-dev from binary package Depends.
    - Add new libcurl3-udeb package.
    - Add new curl-udeb package.
  * Fixes freeipa-client join. (LP: #1220928)

applied/ubuntu/saucy 2013-09-04 21:43:14 UTC 2013-09-04
Import patches-applied version 7.32.0-1ubuntu1 to applied/ubuntu/saucy-proposed

Author: Merge-o-Matic
Author Date: 2013-08-12 15:39:32 UTC

Import patches-applied version 7.32.0-1ubuntu1 to applied/ubuntu/saucy-proposed

Imported using git-ubuntu import.

Changelog parent: d1e6a9c47a8bf3f46cff85483136a49400fd5128
Unapplied parent: 21054e605a50cfbcf3be43468f2cbeca330767fb

New changelog entries:
  * Merge from Debian unstable. Remaining changes:
    - Drop dependencies not in main:
      + Build-Depends: Drop stunnel4 and libssh2-1-dev.
      + Drop libssh2-1-dev from binary package Depends.
    - Add new libcurl3-udeb package.
    - Add new curl-udeb package.
  * Fixes freeipa-client join. (LP: #1220928)

applied/ubuntu/quantal-proposed 2013-08-30 18:38:18 UTC 2013-08-30
Import patches-applied version 7.27.0-1ubuntu1.4 to applied/ubuntu/quantal-pr...

Author: Dave Chiluk
Author Date: 2013-08-23 21:58:40 UTC

Import patches-applied version 7.27.0-1ubuntu1.4 to applied/ubuntu/quantal-proposed

Imported using git-ubuntu import.

Changelog parent: 96ff67b9e6cd109b1b2306c508462036a536a721
Unapplied parent: 1ac139e01a46906d44e98234f2ab63dd514e7b1c

New changelog entries:
  * Reset timecond when clearing session-info variables (LP: #1179781)
    This fixes CURLINFO_CONDITION_UNMET incorrectly reporting "1"

applied/ubuntu/precise-proposed 2013-08-30 18:38:18 UTC 2013-08-30
Import patches-applied version 7.22.0-3ubuntu4.3 to applied/ubuntu/precise-pr...

Author: Dave Chiluk
Author Date: 2013-08-23 23:05:09 UTC

Import patches-applied version 7.22.0-3ubuntu4.3 to applied/ubuntu/precise-proposed

Imported using git-ubuntu import.

Changelog parent: bb39e8d933e03179cddeda9bb80c21db94472126
Unapplied parent: 89d5d1a0076cabc946a634cc38a763c40d3d1eae

New changelog entries:
  * Reset timecond when clearing session-info variables (LP: #1179781)
    This fixes CURLINFO_CONDITION_UNMET incorrectly reporting "1"

ubuntu/raring-proposed 2013-08-30 18:38:18 UTC 2013-08-30
Import patches-unapplied version 7.29.0-1ubuntu3.2 to ubuntu/raring-proposed

Author: Dave Chiluk
Author Date: 2013-08-21 18:09:13 UTC

Import patches-unapplied version 7.29.0-1ubuntu3.2 to ubuntu/raring-proposed

Imported using git-ubuntu import.

Changelog parent: 60b43a82f4ab58c435399697bc6fc656ba88ab68

New changelog entries:
  * Reset timecond when clearing session-info variables (LP: #1179781)
    This fixes CURLINFO_CONDITION_UNMET incorrectly reporting "1"

applied/ubuntu/raring-proposed 2013-08-30 18:38:18 UTC 2013-08-30
Import patches-applied version 7.29.0-1ubuntu3.2 to applied/ubuntu/raring-pro...

Author: Dave Chiluk
Author Date: 2013-08-21 18:09:13 UTC

Import patches-applied version 7.29.0-1ubuntu3.2 to applied/ubuntu/raring-proposed

Imported using git-ubuntu import.

Changelog parent: 82010496cefcadea979849032c4f88222beb24e5
Unapplied parent: 4e7ff84d76eda4682104b982c397fd5003b7e971

New changelog entries:
  * Reset timecond when clearing session-info variables (LP: #1179781)
    This fixes CURLINFO_CONDITION_UNMET incorrectly reporting "1"

ubuntu/precise-proposed 2013-08-30 18:38:18 UTC 2013-08-30
Import patches-unapplied version 7.22.0-3ubuntu4.3 to ubuntu/precise-proposed

Author: Dave Chiluk
Author Date: 2013-08-23 23:05:09 UTC

Import patches-unapplied version 7.22.0-3ubuntu4.3 to ubuntu/precise-proposed

Imported using git-ubuntu import.

Changelog parent: 7976c891659376800eb0fa2d03fc64a936ed57dd

New changelog entries:
  * Reset timecond when clearing session-info variables (LP: #1179781)
    This fixes CURLINFO_CONDITION_UNMET incorrectly reporting "1"

ubuntu/quantal-proposed 2013-08-30 18:38:18 UTC 2013-08-30
Import patches-unapplied version 7.27.0-1ubuntu1.4 to ubuntu/quantal-proposed

Author: Dave Chiluk
Author Date: 2013-08-23 21:58:40 UTC

Import patches-unapplied version 7.27.0-1ubuntu1.4 to ubuntu/quantal-proposed

Imported using git-ubuntu import.

Changelog parent: 1d32c7741d160b90fac8852f23145bb5709dcf60

New changelog entries:
  * Reset timecond when clearing session-info variables (LP: #1179781)
    This fixes CURLINFO_CONDITION_UNMET incorrectly reporting "1"

ubuntu/oneiric-devel 2013-04-16 01:33:13 UTC 2013-04-16
Import patches-unapplied version 7.21.6-3ubuntu3.3 to ubuntu/oneiric-security

Author: Seth Arnold
Author Date: 2013-04-11 20:55:41 UTC

Import patches-unapplied version 7.21.6-3ubuntu3.3 to ubuntu/oneiric-security

Imported using git-ubuntu import.

Changelog parent: ae8b81b96644cca3e98442b7d596cc1fe474f5af

New changelog entries:
  * SECURITY UPDATE: Incorrect cookie domain handling in tailmatch()
    - debian/patches/curl-tailmatch.patch: enforce strict subdomain match
      when sending cookies. Patch from YAMADA Yasuharu.
    - http://curl.haxx.se/curl-tailmatch.patch
    - CVE-2013-1944

applied/ubuntu/hardy-devel 2013-04-16 01:33:13 UTC 2013-04-16
Import patches-applied version 7.18.0-1ubuntu2.4 to applied/ubuntu/hardy-secu...

Author: Seth Arnold
Author Date: 2013-04-11 21:11:37 UTC

Import patches-applied version 7.18.0-1ubuntu2.4 to applied/ubuntu/hardy-security

Imported using git-ubuntu import.

Changelog parent: c6926def145935cc625653c10c9ee831670f2382
Unapplied parent: 6f84df12fd19be861ba36e7d6d7e312652fc178b

New changelog entries:
  * SECURITY UPDATE: Incorrect cookie domain handling in tailmatch()
    - debian/patches/curl-tailmatch.patch: enforce strict subdomain match
      when sending cookies. Patch from YAMADA Yasuharu.
    - http://curl.haxx.se/curl-tailmatch.patch
    - CVE-2013-1944

applied/ubuntu/hardy-security 2013-04-16 01:33:13 UTC 2013-04-16
Import patches-applied version 7.18.0-1ubuntu2.4 to applied/ubuntu/hardy-secu...

Author: Seth Arnold
Author Date: 2013-04-11 21:11:37 UTC

Import patches-applied version 7.18.0-1ubuntu2.4 to applied/ubuntu/hardy-security

Imported using git-ubuntu import.

Changelog parent: c6926def145935cc625653c10c9ee831670f2382
Unapplied parent: 6f84df12fd19be861ba36e7d6d7e312652fc178b

New changelog entries:
  * SECURITY UPDATE: Incorrect cookie domain handling in tailmatch()
    - debian/patches/curl-tailmatch.patch: enforce strict subdomain match
      when sending cookies. Patch from YAMADA Yasuharu.
    - http://curl.haxx.se/curl-tailmatch.patch
    - CVE-2013-1944

applied/ubuntu/hardy-updates 2013-04-16 01:33:13 UTC 2013-04-16
Import patches-applied version 7.18.0-1ubuntu2.4 to applied/ubuntu/hardy-secu...

Author: Seth Arnold
Author Date: 2013-04-11 21:11:37 UTC

Import patches-applied version 7.18.0-1ubuntu2.4 to applied/ubuntu/hardy-security

Imported using git-ubuntu import.

Changelog parent: c6926def145935cc625653c10c9ee831670f2382
Unapplied parent: 6f84df12fd19be861ba36e7d6d7e312652fc178b

New changelog entries:
  * SECURITY UPDATE: Incorrect cookie domain handling in tailmatch()
    - debian/patches/curl-tailmatch.patch: enforce strict subdomain match
      when sending cookies. Patch from YAMADA Yasuharu.
    - http://curl.haxx.se/curl-tailmatch.patch
    - CVE-2013-1944

applied/ubuntu/oneiric-devel 2013-04-16 01:33:13 UTC 2013-04-16
Import patches-applied version 7.21.6-3ubuntu3.3 to applied/ubuntu/oneiric-se...

Author: Seth Arnold
Author Date: 2013-04-11 20:55:41 UTC

Import patches-applied version 7.21.6-3ubuntu3.3 to applied/ubuntu/oneiric-security

Imported using git-ubuntu import.

Changelog parent: 410b53862cf3830b3b5bf9565f82e70105a90bb5
Unapplied parent: eb8f56853ee94d631d5c55513e0517642f7dd5e9

New changelog entries:
  * SECURITY UPDATE: Incorrect cookie domain handling in tailmatch()
    - debian/patches/curl-tailmatch.patch: enforce strict subdomain match
      when sending cookies. Patch from YAMADA Yasuharu.
    - http://curl.haxx.se/curl-tailmatch.patch
    - CVE-2013-1944

applied/ubuntu/oneiric-security 2013-04-16 01:33:13 UTC 2013-04-16
Import patches-applied version 7.21.6-3ubuntu3.3 to applied/ubuntu/oneiric-se...

Author: Seth Arnold
Author Date: 2013-04-11 20:55:41 UTC

Import patches-applied version 7.21.6-3ubuntu3.3 to applied/ubuntu/oneiric-security

Imported using git-ubuntu import.

Changelog parent: 410b53862cf3830b3b5bf9565f82e70105a90bb5
Unapplied parent: eb8f56853ee94d631d5c55513e0517642f7dd5e9

New changelog entries:
  * SECURITY UPDATE: Incorrect cookie domain handling in tailmatch()
    - debian/patches/curl-tailmatch.patch: enforce strict subdomain match
      when sending cookies. Patch from YAMADA Yasuharu.
    - http://curl.haxx.se/curl-tailmatch.patch
    - CVE-2013-1944

applied/ubuntu/oneiric-updates 2013-04-16 01:33:13 UTC 2013-04-16
Import patches-applied version 7.21.6-3ubuntu3.3 to applied/ubuntu/oneiric-se...

Author: Seth Arnold
Author Date: 2013-04-11 20:55:41 UTC

Import patches-applied version 7.21.6-3ubuntu3.3 to applied/ubuntu/oneiric-security

Imported using git-ubuntu import.

Changelog parent: 410b53862cf3830b3b5bf9565f82e70105a90bb5
Unapplied parent: eb8f56853ee94d631d5c55513e0517642f7dd5e9

New changelog entries:
  * SECURITY UPDATE: Incorrect cookie domain handling in tailmatch()
    - debian/patches/curl-tailmatch.patch: enforce strict subdomain match
      when sending cookies. Patch from YAMADA Yasuharu.
    - http://curl.haxx.se/curl-tailmatch.patch
    - CVE-2013-1944

ubuntu/hardy-devel 2013-04-16 01:33:13 UTC 2013-04-16
Import patches-unapplied version 7.18.0-1ubuntu2.4 to ubuntu/hardy-security

Author: Seth Arnold
Author Date: 2013-04-11 21:11:37 UTC

Import patches-unapplied version 7.18.0-1ubuntu2.4 to ubuntu/hardy-security

Imported using git-ubuntu import.

Changelog parent: 211dbad47624baa93d229a89d8b128e6a5b4be22

New changelog entries:
  * SECURITY UPDATE: Incorrect cookie domain handling in tailmatch()
    - debian/patches/curl-tailmatch.patch: enforce strict subdomain match
      when sending cookies. Patch from YAMADA Yasuharu.
    - http://curl.haxx.se/curl-tailmatch.patch
    - CVE-2013-1944

ubuntu/hardy-security 2013-04-16 01:33:13 UTC 2013-04-16
Import patches-unapplied version 7.18.0-1ubuntu2.4 to ubuntu/hardy-security

Author: Seth Arnold
Author Date: 2013-04-11 21:11:37 UTC

Import patches-unapplied version 7.18.0-1ubuntu2.4 to ubuntu/hardy-security

Imported using git-ubuntu import.

Changelog parent: 211dbad47624baa93d229a89d8b128e6a5b4be22

New changelog entries:
  * SECURITY UPDATE: Incorrect cookie domain handling in tailmatch()
    - debian/patches/curl-tailmatch.patch: enforce strict subdomain match
      when sending cookies. Patch from YAMADA Yasuharu.
    - http://curl.haxx.se/curl-tailmatch.patch
    - CVE-2013-1944

ubuntu/hardy-updates 2013-04-16 01:33:13 UTC 2013-04-16
Import patches-unapplied version 7.18.0-1ubuntu2.4 to ubuntu/hardy-security

Author: Seth Arnold
Author Date: 2013-04-11 21:11:37 UTC

Import patches-unapplied version 7.18.0-1ubuntu2.4 to ubuntu/hardy-security

Imported using git-ubuntu import.

Changelog parent: 211dbad47624baa93d229a89d8b128e6a5b4be22

New changelog entries:
  * SECURITY UPDATE: Incorrect cookie domain handling in tailmatch()
    - debian/patches/curl-tailmatch.patch: enforce strict subdomain match
      when sending cookies. Patch from YAMADA Yasuharu.
    - http://curl.haxx.se/curl-tailmatch.patch
    - CVE-2013-1944

ubuntu/oneiric-security 2013-04-16 01:33:13 UTC 2013-04-16
Import patches-unapplied version 7.21.6-3ubuntu3.3 to ubuntu/oneiric-security

Author: Seth Arnold
Author Date: 2013-04-11 20:55:41 UTC

Import patches-unapplied version 7.21.6-3ubuntu3.3 to ubuntu/oneiric-security

Imported using git-ubuntu import.

Changelog parent: ae8b81b96644cca3e98442b7d596cc1fe474f5af

New changelog entries:
  * SECURITY UPDATE: Incorrect cookie domain handling in tailmatch()
    - debian/patches/curl-tailmatch.patch: enforce strict subdomain match
      when sending cookies. Patch from YAMADA Yasuharu.
    - http://curl.haxx.se/curl-tailmatch.patch
    - CVE-2013-1944

ubuntu/oneiric-updates 2013-04-16 01:33:13 UTC 2013-04-16
Import patches-unapplied version 7.21.6-3ubuntu3.3 to ubuntu/oneiric-security

Author: Seth Arnold
Author Date: 2013-04-11 20:55:41 UTC

Import patches-unapplied version 7.21.6-3ubuntu3.3 to ubuntu/oneiric-security

Imported using git-ubuntu import.

Changelog parent: ae8b81b96644cca3e98442b7d596cc1fe474f5af

New changelog entries:
  * SECURITY UPDATE: Incorrect cookie domain handling in tailmatch()
    - debian/patches/curl-tailmatch.patch: enforce strict subdomain match
      when sending cookies. Patch from YAMADA Yasuharu.
    - http://curl.haxx.se/curl-tailmatch.patch
    - CVE-2013-1944

applied/ubuntu/raring 2013-04-15 22:03:15 UTC 2013-04-15
Import patches-applied version 7.29.0-1ubuntu3 to applied/ubuntu/raring-proposed

Author: Seth Arnold
Author Date: 2013-04-10 22:16:17 UTC

Import patches-applied version 7.29.0-1ubuntu3 to applied/ubuntu/raring-proposed

Imported using git-ubuntu import.

Changelog parent: 605a449a3874f07a8c35e4da33192f8644e382e2
Unapplied parent: 2b7ff2c7625440f33a95b5e238222a242f77582e

New changelog entries:
  * SECURITY UPDATE: Incorrect cookie domain handling in tailmatch()
    - debian/patches/09_curl-tailmatch.patch: enforce strict subdomain match
      when sending cookies. Patch from YAMADA Yasuharu.
    - http://curl.haxx.se/curl-tailmatch.patch
    - CVE-2013-1944

ubuntu/raring 2013-04-15 22:03:15 UTC 2013-04-15
Import patches-unapplied version 7.29.0-1ubuntu3 to ubuntu/raring-proposed

Author: Seth Arnold
Author Date: 2013-04-10 22:16:17 UTC

Import patches-unapplied version 7.29.0-1ubuntu3 to ubuntu/raring-proposed

Imported using git-ubuntu import.

Changelog parent: c196ab5d87b49c24618b9d580e83b649b407eeda

New changelog entries:
  * SECURITY UPDATE: Incorrect cookie domain handling in tailmatch()
    - debian/patches/09_curl-tailmatch.patch: enforce strict subdomain match
      when sending cookies. Patch from YAMADA Yasuharu.
    - http://curl.haxx.se/curl-tailmatch.patch
    - CVE-2013-1944

ubuntu/quantal 2012-08-20 14:33:30 UTC 2012-08-20
Import patches-unapplied version 7.27.0-1ubuntu1 to ubuntu/quantal

Author: Colin Watson
Author Date: 2012-08-20 12:54:01 UTC

Import patches-unapplied version 7.27.0-1ubuntu1 to ubuntu/quantal

Imported using git-ubuntu import.

Changelog parent: b6399fa01c773334e4431a5392c74ccfcbb0b281

New changelog entries:
  * Resynchronise with Debian. Remaining changes:
    - Drop dependencies not in main:
      + Build-Depends: Drop stunnel4 and libssh2-1-dev.
      + Drop libssh2-1-dev from binary package Depends.
    - Add new libcurl3-udeb package.
    - Add new curl-udeb package.

applied/ubuntu/quantal 2012-08-20 14:33:30 UTC 2012-08-20
Import patches-applied version 7.27.0-1ubuntu1 to applied/ubuntu/quantal

Author: Colin Watson
Author Date: 2012-08-20 12:54:01 UTC

Import patches-applied version 7.27.0-1ubuntu1 to applied/ubuntu/quantal

Imported using git-ubuntu import.

Changelog parent: 4c5f675326193b814eb198c0f00e075026b392ea
Unapplied parent: 60f8f79e12b80fa05f97af2165132d6694b0ec4c

New changelog entries:
  * Resynchronise with Debian. Remaining changes:
    - Drop dependencies not in main:
      + Build-Depends: Drop stunnel4 and libssh2-1-dev.
      + Drop libssh2-1-dev from binary package Depends.
    - Add new libcurl3-udeb package.
    - Add new curl-udeb package.

applied/ubuntu/precise 2012-03-22 23:34:16 UTC 2012-03-22
Import patches-applied version 7.22.0-3ubuntu4 to applied/ubuntu/precise

Author: Andres Rodriguez
Author Date: 2012-03-22 22:40:30 UTC

Import patches-applied version 7.22.0-3ubuntu4 to applied/ubuntu/precise

Imported using git-ubuntu import.

Changelog parent: bff4e806f29ad7bef62ca8c2fcf391a0bc2ad454
Unapplied parent: 6d413f237b74ecc1acc3b9e33297d03aad7fbaff

New changelog entries:
  * debian/control: Add missing Depends on libcrypto1.0.0-udeb.

ubuntu/precise 2012-03-22 23:34:16 UTC 2012-03-22
Import patches-unapplied version 7.22.0-3ubuntu4 to ubuntu/precise

Author: Andres Rodriguez
Author Date: 2012-03-22 22:40:30 UTC

Import patches-unapplied version 7.22.0-3ubuntu4 to ubuntu/precise

Imported using git-ubuntu import.

Changelog parent: b4a093a4ca6b1cc9bca71aa56b57441255d29494

New changelog entries:
  * debian/control: Add missing Depends on libcrypto1.0.0-udeb.

debian/lenny 2012-03-10 15:11:00 UTC 2012-03-10
Import patches-unapplied version 7.18.2-8lenny6 to debian/lenny

Author: Alessandro Ghedini
Author Date: 2012-01-25 15:03:45 UTC

Import patches-unapplied version 7.18.2-8lenny6 to debian/lenny

Imported using git-ubuntu import.

Changelog parent: f4ef4fcefd53aecc474a888b2a52e4fbc1be62a2

New changelog entries:
  * Non-maintainer upload.
  * Fix SSL CBC IV vulnerability as per CVE-2011-3389
    http://curl.haxx.se/docs/adv_20120124B.html
  * Set urgency=high accordingly
  * debian/patches/curl-gssapi-delegation: Fix for GSSAPI delegation
    vulnerability as detailed in CVE-2011-2192. More information and
    the patch at <http://curl.haxx.se/docs/adv_20110623.html>.
    (closes: #631615)

applied/debian/lenny 2012-03-10 15:11:00 UTC 2012-03-10
Import patches-applied version 7.18.2-8lenny6 to applied/debian/lenny

Author: Alessandro Ghedini
Author Date: 2012-01-25 15:03:45 UTC

Import patches-applied version 7.18.2-8lenny6 to applied/debian/lenny

Imported using git-ubuntu import.

Changelog parent: ca61ba6f179fcb9481c1a9561e8066340cea3e34
Unapplied parent: f05b6cee735679f0fb620626c2d84d9dc29abb8b

New changelog entries:
  * Non-maintainer upload.
  * Fix SSL CBC IV vulnerability as per CVE-2011-3389
    http://curl.haxx.se/docs/adv_20120124B.html
  * Set urgency=high accordingly
  * debian/patches/curl-gssapi-delegation: Fix for GSSAPI delegation
    vulnerability as detailed in CVE-2011-2192. More information and
    the patch at <http://curl.haxx.se/docs/adv_20110623.html>.
    (closes: #631615)

applied/ubuntu/maverick-security 2012-01-24 21:07:49 UTC 2012-01-24
Import patches-applied version 7.21.0-1ubuntu1.3 to applied/ubuntu/maverick-s...

Author: Marc Deslauriers
Author Date: 2012-01-24 13:29:10 UTC

Import patches-applied version 7.21.0-1ubuntu1.3 to applied/ubuntu/maverick-security

Imported using git-ubuntu import.

Changelog parent: cbb4d560519c307468121f61a037c79bee52d505
Unapplied parent: 1d8d9dc4612920a87b8967fc6d4446fd768b4cd2

New changelog entries:
  * SECURITY UPDATE: URL sanitization vulnerability
    - debian/patches/CVE-2012-0036.patch: reject URLs with embedded control
      codes in lib/{escape.h,escape.c,imap.c,pop3.c,smtp.c}.
    - CVE-2012-0036

ubuntu/maverick-devel 2012-01-24 21:07:49 UTC 2012-01-24
Import patches-unapplied version 7.21.0-1ubuntu1.3 to ubuntu/maverick-security

Author: Marc Deslauriers
Author Date: 2012-01-24 13:29:10 UTC

Import patches-unapplied version 7.21.0-1ubuntu1.3 to ubuntu/maverick-security

Imported using git-ubuntu import.

Changelog parent: d0e43bb5431dd0d68aa053fd8f255f6ed7620593

New changelog entries:
  * SECURITY UPDATE: URL sanitization vulnerability
    - debian/patches/CVE-2012-0036.patch: reject URLs with embedded control
      codes in lib/{escape.h,escape.c,imap.c,pop3.c,smtp.c}.
    - CVE-2012-0036

ubuntu/maverick-security 2012-01-24 21:07:49 UTC 2012-01-24
Import patches-unapplied version 7.21.0-1ubuntu1.3 to ubuntu/maverick-security

Author: Marc Deslauriers
Author Date: 2012-01-24 13:29:10 UTC

Import patches-unapplied version 7.21.0-1ubuntu1.3 to ubuntu/maverick-security

Imported using git-ubuntu import.

Changelog parent: d0e43bb5431dd0d68aa053fd8f255f6ed7620593

New changelog entries:
  * SECURITY UPDATE: URL sanitization vulnerability
    - debian/patches/CVE-2012-0036.patch: reject URLs with embedded control
      codes in lib/{escape.h,escape.c,imap.c,pop3.c,smtp.c}.
    - CVE-2012-0036

ubuntu/maverick-updates 2012-01-24 21:07:49 UTC 2012-01-24
Import patches-unapplied version 7.21.0-1ubuntu1.3 to ubuntu/maverick-security

Author: Marc Deslauriers
Author Date: 2012-01-24 13:29:10 UTC

Import patches-unapplied version 7.21.0-1ubuntu1.3 to ubuntu/maverick-security

Imported using git-ubuntu import.

Changelog parent: d0e43bb5431dd0d68aa053fd8f255f6ed7620593

New changelog entries:
  * SECURITY UPDATE: URL sanitization vulnerability
    - debian/patches/CVE-2012-0036.patch: reject URLs with embedded control
      codes in lib/{escape.h,escape.c,imap.c,pop3.c,smtp.c}.
    - CVE-2012-0036

101200 of 294 results

Other repositories

Name Last Modified
lp:ubuntu/+source/curl 2019-06-22
lp:~paelzer/ubuntu/+source/curl 2017-12-07
12 of 2 results
You can't create new repositories for curl in Ubuntu.