lp:ubuntu/utopic/curl

Branch merges

Propose for merging

No branches dependent on this one.

Related source package recipes

No recipes using this branch. (?)

Create packaging recipe

Related snap packages

Related bugs

Related blueprints

83. By Brian Murray on 2014-10-02

debian/patches/09_fix-timeout-in-poll-and-wait.patch: apply upstream
commit fixing timeout return value for curl_poll and curl_wait_ms.
Thanks to Grzegorz Gutowski for finding the patch. (LP: #1375663)

82. By Marc Deslauriers on 2014-09-11

* SECURITY UPDATE: incorrect cookie handling via partial literal IP
  addresses
  - debian/patches/CVE-2014-3613.patch: only use full host matches for
    hosts used as IP address in lib/cookie.c, added tests to
    tests/data/test1105, tests/data/test31, tests/data/test8.
  - CVE-2014-3613
* SECURITY UPDATE: incorrect cookie handling for TLDs
  - debian/patches/CVE-2014-3620.patch: reject incoming cookies set for
    TLDs in lib/cookie.c, added test to tests/data/test61.
  - CVE-2014-3620

81. By Gianfranco Costamagna on 2014-07-25

* Merge from Debian unstable (LP: #1348564). Remaining changes:
  - Drop dependencies not in main:
    + Build-Depends: Drop stunnel4 and libssh2-1-dev.
    + Drop libssh2-1-dev from binary package Depends.
  - Add new libcurl3-udeb package.
  - Add new curl-udeb package.

80. By Michael Vogt on 2014-07-11

* Merge from Debian unstable. Remaining changes:
  - Drop dependencies not in main:
    + Build-Depends: Drop stunnel4 and libssh2-1-dev.
    + Drop libssh2-1-dev from binary package Depends.
  - Add new libcurl3-udeb package.
  - Add new curl-udeb package.

79. By Colin Watson on 2014-06-06

Rebuild against libgnutls-deb0-28.

78. By Michael Vogt on 2014-04-30

* Merge from Debian unstable. Remaining changes:
  - Drop dependencies not in main:
    + Build-Depends: Drop stunnel4 and libssh2-1-dev.
    + Drop libssh2-1-dev from binary package Depends.
  - Add new libcurl3-udeb package.
  - Add new curl-udeb package.

77. By Dimitri John Ledkov on 2014-04-26

No change rebuild against librtmp1.

76. By Marc Deslauriers on 2014-04-01

* SECURITY UPDATE: wrong re-use of connections
  - debian/patches/CVE-2014-0138.patch: fix possible issues with NTLM
    HTTP logic, and extend new connection logic to other protocols in
    lib/http.c, lib/url.c, lib/urldata.h, add new tests to
    tests/data/Makefile.am, tests/data/test1418, tests/data/test1419.
  - CVE-2014-0138
* SECURITY UPDATE: incorrect wildcard SSL certificate validation with
  literal IP addresses
  - debian/patches/CVE-2014-0139.patch: fix wildcard logic in
    lib/hostcheck.c, added tests to tests/data/Makefile.am,
    tests/data/test1397, tests/unit/Makefile.inc, tests/unit/unit1397.c.
  - CVE-2014-0139
* debian/patches/fix_test172.path: fix expired cookie causing test to
  fail.

75. By Marc Deslauriers on 2014-01-31

* Resynchronize on Debian, remaining changes:
  - Drop dependencies not in main:
    + Build-Depends: Drop stunnel4 and libssh2-1-dev.
    + Drop libssh2-1-dev from binary package Depends.
  - Add new libcurl3-udeb package.
  - Add new curl-udeb package.

74. By Marc Deslauriers on 2013-12-20

* Resynchronize on Debian, remaining changes
  - Drop dependencies not in main:
    + Build-Depends: Drop stunnel4 and libssh2-1-dev.
    + Drop libssh2-1-dev from binary package Depends.
  - Add new libcurl3-udeb package.
  - Add new curl-udeb package.
* Dropped undocumented Build-Depends change to automake1.9.