ubuntu/+source/curl:debian/experimental

Last commit made on 2018-03-01
Get this branch:
git clone -b debian/experimental https://git.launchpad.net/ubuntu/+source/curl
Members of Ubuntu Server Dev import team can upload to this branch. Log in for directions.

Branch merges

Branch information

Name:
debian/experimental
Repository:
lp:ubuntu/+source/curl

Recent commits

445eb2f... by Alessandro Ghedini on 2018-02-27

Import patches-unapplied version 7.58.0-3 to debian/experimental

Imported using git-ubuntu import.

Changelog parent: 7371b12a752baa1b3e36daffb2bedea042f87727

New changelog entries:
  [ Steve Langasek ]
  * Build-depend on libssl-dev instead of libssl1.0-dev.
  * Rename libcurl3 to libcurl4, because libcurl exposes an SSL_CTX via
    CURLOPT_SSL_CTX_FUNCTION, and this object changes incompatibly between
    openssl 1.0 and openssl 1.1.
  * debian/patches/03_keep_symbols_compat.patch: drop, since we are no longer
    claiming compatibility.
  * debian/patches/90_gnutls.patch: Retain symbol versioning compatibility for
    non-OpenSSL builds. Closes: #858398.
  * Adjust libssl1.1 vs libssl1.0 Suggests/Conflicts; thanks, Adrian Bunk

7371b12... by Alessandro Ghedini on 2018-01-24

Import patches-unapplied version 7.58.0-2 to debian/sid

Imported using git-ubuntu import.

Changelog parent: f70d68d97172d3531c5c62e3131666968af4fcc0

New changelog entries:
  * Explicitly enable libssh2 support which got silently disabled in the
    previous update

f70d68d... by Alessandro Ghedini on 2018-01-24

Import patches-unapplied version 7.58.0-1 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 02781fad91b78d3ab6e5291b485931162c997a8b

New changelog entries:
  * New upstream release
    - Fix HTTP/2 trailer out-of-bounds read as per CVE-2018-1000005
      https://curl.haxx.se/docs/adv_2018-824a.html
    - Fix HTTP authentication leak in redirects as per CVE-2018-1000007
      https://curl.haxx.se/docs/adv_2018-b3bf.html
  * Point Vcs-* to salsa.d.o
  * Bump Standards-Version to 4.1.3 (no changes needed)
  * Bump debhlper compat level to 11
  * Refresh patches
  * fix insecure-copyright-format-uri

02781fa... by Alessandro Ghedini on 2017-11-30

Import patches-unapplied version 7.57.0-1 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 5d5191b1cf0d5a4940e1c7d60745f48da831e6f4

New changelog entries:
  * New upstream release
    - Fix NTLM buffer overflow via integer overflow as per CVE-2017-8816
      https://curl.haxx.se/docs/adv_2017-11e7.html
    - Fix FTP wildcard out of bounds read as per CVE-2017-8817
      https://curl.haxx.se/docs/adv_2017-ae72.html
    - Fix SSL out of buffer access as per CVE-2017-8818
      https://curl.haxx.se/docs/adv_2017-af0a.html
  * Remove -fdebug-prefix-map from curl-config.
    Thanks to Timo Weingärtner for the patch (Closes: #861974, #874223, #874238)
  * Don't install zsh completion when cross compiling.
    Thanks to Wookey for the patch (Closes: #812965)

5d5191b... by Alessandro Ghedini on 2017-10-24

Import patches-unapplied version 7.56.1-1 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 6651943a39abf91dc2329186d792d355b90ff0fd

New changelog entries:
  * New upstream release
    - Fix IMAP FETCH response out of bounds read as per CVE-2017-1000257
      https://curl.haxx.se/docs/adv_20171023.html
  * Bump Standards-Version to 4.1.1 (no changes needed)
  * Drop 01_runtests_gdb.patch
  * Drop 12_dont-wait-on-CONNECT.patch
  * Refresh patches
  * Update *.symbols files
  * Use https:// URL in watch file

6651943... by Alessandro Ghedini on 2017-09-02

Import patches-unapplied version 7.55.1-1 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 6d29eddfc82b336741d6c3fbfa46928f6bb372ac

New changelog entries:
  * New upstream release
    - Fix FTBFS on powerpc (Closes: #872502)
  * Apply upstream patch to fix connection timeouts with NetworkManager
    (Closes: #873181)
  * Refresh patches
  * Bump Standards-Version to 4.1.0 (no changes needed)

6d29edd... by Alessandro Ghedini on 2017-08-12

Import patches-unapplied version 7.55.0-1 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 4351b6803570cab64e28b6dc27b17a3ae74bfceb

New changelog entries:
  * New upstream release
    - Fix TFTP sends more than buffer size as per CVE-2017-1000100
      (Closes: #871555)
    - Fix URL globbing out of bounds read as per CVE-2017-1000101
      (Closes: #871554)
  * Refresh patches and drop patches merged upstream
  * Update Standards-Version to 4.0.1 (no changes needed)
  * Drop -dbg package

4351b68... by Alessandro Ghedini on 2017-04-19

Import patches-unapplied version 7.52.1-5 to debian/sid

Imported using git-ubuntu import.

Changelog parent: dd837796fb533d4d814394d9f0851edbf065386b

New changelog entries:
  * Fix TLS session resumption client cert bypass as per CVE-2017-7468
    https://curl.haxx.se/docs/adv_20170419.html

dd83779... by Alessandro Ghedini on 2017-04-08

Import patches-unapplied version 7.52.1-4 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 2919bea5483dd62172975384d3da1ce4ff50d86b

New changelog entries:
  * Fix regression in CONNECT response handling (Closes: #857613)
  * Fix buffer read overrun on --write-out as per CVE-2017-7407
    https://curl.haxx.se/docs/adv_20170403.html (Closes: #859500)

2919bea... by Alessandro Ghedini on 2017-02-21

Import patches-unapplied version 7.52.1-3 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 4eeb0572ddc390c50cde0b831b99f8c367d5ab29

New changelog entries:
  * Make SSL_VERIFYSTATUS work again as per CVE-2017-2629
    https://curl.haxx.se/docs/adv_20170222.html