Ubuntu
curl package

Merge ~danilogondolfo/ubuntu/+source/curl:merge_lunar_7.88.1_1 into ubuntu/+source/curl:debian/sid

  1. Git
  2. lp:~danilogondolfo/ubuntu/+source/curl
  3. merge_lunar_7.88.1_1
  4. Merge into debian/sid
Proposed by Danilo Egea Gondolfo
Status: Needs review
Proposed branch: ~danilogondolfo/ubuntu/+source/curl:merge_lunar_7.88.1_1
Merge into: ubuntu/+source/curl:debian/sid
Diff against target: 116 lines (+63/-2)
3 files modified
debian/changelog (+59/-0)
debian/control (+3/-2)
debian/rules (+1/-0)
Reviewer Review Type Date Requested Status
Simon Quigley (community) Approve
git-ubuntu import Pending
Review via email: mp+437707@code.launchpad.net
To post a comment you must log in.
Revision history for this message
Simon Quigley (tsimonq2) wrote :

Looks to be sponsored already, thanks!

review: Approve
Reply

Unmerged commits

7b80a18... by Danilo Egea Gondolfo

Update changelog

985ce9f... by Danilo Egea Gondolfo

Drop patch for CVEs fixed upsteam

 - debian/patches/CVE-2023-23914_5-1.patch
 - debian/patches/CVE-2023-23914_5-2.patch
 - debian/patches/CVE-2023-23914_5-3.patch
 - debian/patches/CVE-2023-23914_5-4.patch
 - debian/patches/CVE-2023-23914_5-5.patch
 - debian/patches/CVE-2023-23916.patch

92e3abf... by Danilo Egea Gondolfo

Merge branch 'ubuntu/devel' into merge_lunar_7.88.1_1

3827db7... by Marc Deslauriers

7.87.0-2ubuntu2 (patches unapplied)

Imported using git-ubuntu import.

ace56a5... by Gianfranco Costamagna

7.87.0-2ubuntu1 (patches unapplied)

Imported using git-ubuntu import.

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
1diff --git a/debian/changelog b/debian/changelog
2index 98efe4f..d2b0a15 100644
3--- a/debian/changelog
4+++ b/debian/changelog
5@@ -1,3 +1,19 @@
6+curl (7.88.1-1ubuntu1) lunar; urgency=medium
7+
8+ * Merge from Debian unstable. Remaining changes:
9+ + Drop patches for CVEs fixed upsteam.
10+ - debian/patches/CVE-2023-23914_5-1.patch
11+ - debian/patches/CVE-2023-23914_5-2.patch
12+ - debian/patches/CVE-2023-23914_5-3.patch
13+ - debian/patches/CVE-2023-23914_5-4.patch
14+ - debian/patches/CVE-2023-23914_5-5.patch
15+ - debian/patches/CVE-2023-23916.patch
16+ + Don't build-depend on python3-impacket on i386 so we can drop it
17+ (and its dependencies) from the i386 partial port. It's only used for
18+ the tests, which do not block the build in any case.
19+
20+ -- Danilo Egea Gondolfo <danilo.egea.gondolfo@canonical.com> Wed, 22 Feb 2023 17:14:26 +0000
21+
22 curl (7.88.1-1) unstable; urgency=medium
23
24 * New upstream version 7.88.1
25@@ -12,6 +28,41 @@ curl (7.88.1-1) unstable; urgency=medium
26
27 -- Samuel Henrique <samueloph@debian.org> Mon, 20 Feb 2023 22:35:53 +0000
28
29+curl (7.87.0-2ubuntu2) lunar; urgency=medium
30+
31+ * SECURITY UPDATE: multiple HSTS issues
32+ - debian/patches/CVE-2023-23914_5-1.patch: add sharing of HSTS cache
33+ among handles in docs/libcurl/opts/CURLSHOPT_SHARE.3,
34+ docs/libcurl/symbols-in-versions, include/curl/curl.h, lib/hsts.c,
35+ lib/hsts.h, lib/setopt.c, lib/share.c, lib/share.h, lib/transfer.c,
36+ lib/url.c, lib/urldata.h.
37+ - debian/patches/CVE-2023-23914_5-2.patch: share HSTS between handles
38+ in src/tool_operate.c.
39+ - debian/patches/CVE-2023-23914_5-3.patch: handle adding the same host
40+ name again in lib/hsts.c.
41+ - debian/patches/CVE-2023-23914_5-4.patch: support crlf="yes" for
42+ verify/proxy in tests/FILEFORMAT.md, tests/runtests.pl.
43+ - debian/patches/CVE-2023-23914_5-5.patch: verify hsts with two URLs in
44+ tests/data/Makefile.inc, tests/data/test446.
45+ - CVE-2023-23914
46+ - CVE-2023-23915
47+ * SECURITY UPDATE: HTTP multi-header compression denial of service
48+ - debian/patches/CVE-2023-23916.patch: do not reset stage counter for
49+ each header in lib/content_encoding.c, lib/urldata.h,
50+ tests/data/Makefile.inc, tests/data/test387, tests/data/test418.
51+ - CVE-2023-23916
52+
53+ -- Marc Deslauriers <marc.deslauriers@ubuntu.com> Fri, 17 Feb 2023 08:19:10 -0500
54+
55+curl (7.87.0-2ubuntu1) lunar; urgency=low
56+
57+ * Merge from Debian unstable. Remaining changes:
58+ - Don't build-depend on python3-impacket on i386 so we can drop it
59+ (and its dependencies) from the i386 partial port. It's only used for
60+ the tests, which do not block the build in any case.
61+
62+ -- Gianfranco Costamagna <locutusofborg@debian.org> Wed, 01 Feb 2023 11:24:47 +0100
63+
64 curl (7.87.0-2) unstable; urgency=medium
65
66 * d/patches: Add new upstream patch to fix regression in setopt/getinfo
67@@ -20,6 +71,14 @@ curl (7.87.0-2) unstable; urgency=medium
68
69 -- Samuel Henrique <samueloph@debian.org> Sun, 15 Jan 2023 21:12:09 +0000
70
71+curl (7.87.0-1ubuntu1) lunar; urgency=medium
72+
73+ * Don't build-depend on python3-impacket on i386 so we can drop it
74+ (and its dependencies) from the i386 partial port. It's only used for
75+ the tests, which do not block the build in any case.
76+
77+ -- Steve Langasek <steve.langasek@ubuntu.com> Sun, 08 Jan 2023 00:40:54 +0000
78+
79 curl (7.87.0-1) unstable; urgency=medium
80
81 * New upstream version 7.87.0
82diff --git a/debian/control b/debian/control
83index d2bd703..b1efa30 100644
84--- a/debian/control
85+++ b/debian/control
86@@ -1,7 +1,8 @@
87 Source: curl
88 Section: web
89 Priority: optional
90-Maintainer: Alessandro Ghedini <ghedo@debian.org>
91+Maintainer: Ubuntu Developers <ubuntu-devel-discuss@lists.ubuntu.com>
92+XSBC-Original-Maintainer: Alessandro Ghedini <ghedo@debian.org>
93 Uploaders: Samuel Henrique <samueloph@debian.org>,
94 Sergio Durigan Junior <sergiodj@debian.org>
95 Build-Depends:
96@@ -27,7 +28,7 @@ Build-Depends:
97 libzstd-dev,
98 openssh-server <!nocheck>,
99 python3:native <!nocheck>,
100- python3-impacket <!nocheck>,
101+ python3-impacket [!i386] <!nocheck>,
102 quilt,
103 stunnel4 <!nocheck>,
104 zlib1g-dev
105diff --git a/debian/rules b/debian/rules
106index 7bf6124..a1e6f80 100755
107--- a/debian/rules
108+++ b/debian/rules
109@@ -5,6 +5,7 @@ export DEB_BUILD_MAINT_OPTIONS = hardening=+all
110
111 DEB_BUILD_GNU_TYPE ?= $(shell dpkg-architecture -qDEB_BUILD_GNU_TYPE)
112 DEB_HOST_MULTIARCH ?= $(shell dpkg-architecture -qDEB_HOST_MULTIARCH)
113+DEB_HOST_ARCH ?= $(shell dpkg-architecture -qDEB_HOST_ARCH)
114
115 CONFIGURE_ARGS = -- --disable-dependency-tracking \
116 --disable-symbol-hiding --enable-versioned-symbols \

Subscribers

People subscribed via source and target branches