-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Tue, 02 Apr 2024 20:02:10 -0300
Source: curl
Binary: curl curl-dbgsym libcurl3-gnutls libcurl3-gnutls-dbgsym libcurl3-nss libcurl3-nss-dbgsym libcurl4 libcurl4-dbgsym libcurl4-gnutls-dev libcurl4-nss-dev libcurl4-openssl-dev
Architecture: arm64
Version: 7.88.1-10+deb12u6
Distribution: bookworm
Urgency: medium
Maintainer: arm Build Daemon (arm-conova-03) <buildd_arm64-arm-conova-03@buildd.debian.org>
Changed-By: Guilherme Puida Moreira <guilherme@puida.xyz>
Description:
 curl       - command line tool for transferring data with URL syntax
 libcurl3-gnutls - easy-to-use client-side URL transfer library (GnuTLS flavour)
 libcurl3-nss - easy-to-use client-side URL transfer library (NSS flavour)
 libcurl4   - easy-to-use client-side URL transfer library (OpenSSL flavour)
 libcurl4-gnutls-dev - development files and documentation for libcurl (GnuTLS flavour)
 libcurl4-nss-dev - development files and documentation for libcurl (NSS flavour)
 libcurl4-openssl-dev - development files and documentation for libcurl (OpenSSL flavour)
Closes: 1053643
Changes:
 curl (7.88.1-10+deb12u6) bookworm; urgency=medium
 .
   * Team upload.
 .
   [ Sergio Durigan Junior ]
   * d/p/openldap-create-ldap-URLs-correctly-for-IPv6-addresses.patch:
     (Closes: #1053643)
 .
   [ Guilherme Puida Moreira ]
   * Add patches to fix CVE-2024-2004 and CVE-2024-2398.
     - CVE-2024-2004: When a protocol selection parameter disables all
       protocols without adding any then the default set of protocols would
       remain in the allowed set due to an error in the logic for removing
       protocols.
     - CVE-2024-2398: When an application tells libcurl it wants to allow
       HTTP/2 server push and the amount of received headers for the push
       surpasses the maximum allowed limit (1000), libcurl aborts the server
       push and leaks the memory allocated for the previously allocated
       headers.
   * d/p/openldap-create-ldap-URLs-correctly-for-IPv6-addresses.patch:
     Refresh patch.
Checksums-Sha1:
 0ec980ba8c32b346e5c2bf02f901049809502a6a 158124 curl-dbgsym_7.88.1-10+deb12u6_arm64.deb
 cada072f8c8397c52e579456bc078f840649b1e1 12967 curl_7.88.1-10+deb12u6_arm64-buildd.buildinfo
 eace1b24d5c0a88daed9b49e954aa3e8c613083c 308344 curl_7.88.1-10+deb12u6_arm64.deb
 2772b2e9da86d8d482e4977752d68722b929de3b 1012564 libcurl3-gnutls-dbgsym_7.88.1-10+deb12u6_arm64.deb
 e425768c21b5235d000b220d8a32a09767f4895b 360864 libcurl3-gnutls_7.88.1-10+deb12u6_arm64.deb
 ccbd2acf09c28dacd74078f1aab914bfd13c0e56 1057812 libcurl3-nss-dbgsym_7.88.1-10+deb12u6_arm64.deb
 dd9cefb993abbbd0b2631056c663240cf564a049 369208 libcurl3-nss_7.88.1-10+deb12u6_arm64.deb
 480683a0144180a9766996947f56be436b52bf9f 1039796 libcurl4-dbgsym_7.88.1-10+deb12u6_arm64.deb
 35ce4bd4aa8374b433b9328320ac0b9db867d030 470744 libcurl4-gnutls-dev_7.88.1-10+deb12u6_arm64.deb
 51a10302a976e116d31720e20259b21af9e3253e 480956 libcurl4-nss-dev_7.88.1-10+deb12u6_arm64.deb
 51cc33382c38a062f41bbfbda1082fa803246fcb 475188 libcurl4-openssl-dev_7.88.1-10+deb12u6_arm64.deb
 488908df37d6ae161bf71d36e5d79f3b60c172d7 366108 libcurl4_7.88.1-10+deb12u6_arm64.deb
Checksums-Sha256:
 237181df72a746b2c49847b5b66ca1ff1cec89e5af55b3bf291a49d87602408f 158124 curl-dbgsym_7.88.1-10+deb12u6_arm64.deb
 22a6f190b48f63e072996a9f00499627adf15036460f02d4d1a80596b448e1de 12967 curl_7.88.1-10+deb12u6_arm64-buildd.buildinfo
 88c8ff4848cf5b7cd8d6f870b1753bd910ebbab87c2e5dc6b7cefc8414bb8881 308344 curl_7.88.1-10+deb12u6_arm64.deb
 4643f4f7ff1db2a9515438d91c8842b5b7ae4a99ed8ae6977d088fb8ee9c183b 1012564 libcurl3-gnutls-dbgsym_7.88.1-10+deb12u6_arm64.deb
 c161b5e0468f3d70a893fbb630787083139d3f97d7cfbf18504acfdab120488d 360864 libcurl3-gnutls_7.88.1-10+deb12u6_arm64.deb
 06f77c70c075894d1d20250b46303a8b2ca54a5f7496a6de5b597aa61201e5b7 1057812 libcurl3-nss-dbgsym_7.88.1-10+deb12u6_arm64.deb
 c2c0c28246fcec5bc7a362954d3759891daa0b5ddf65c69951121608b8f810ca 369208 libcurl3-nss_7.88.1-10+deb12u6_arm64.deb
 ef6b16d1920e9865266247fccc3adc959ba82ed83b9e44b7923c49e85a7df199 1039796 libcurl4-dbgsym_7.88.1-10+deb12u6_arm64.deb
 f173b6288c9c5ff410cc7ded8d83e48aa86e673b8b20c3e859f8de2c2a37f5f9 470744 libcurl4-gnutls-dev_7.88.1-10+deb12u6_arm64.deb
 98e6d9786403eaf4d93f315c5327c1448a42d44cb2b3b81d6ec62567ef9a29c3 480956 libcurl4-nss-dev_7.88.1-10+deb12u6_arm64.deb
 4d59d4a5a3d09123de9507bd720de89d7531517fb28626db14206a1bd67de67c 475188 libcurl4-openssl-dev_7.88.1-10+deb12u6_arm64.deb
 578fd91996118252c2644f8967a7dd4ca0cab17f2a643f530e82ef60337fd90d 366108 libcurl4_7.88.1-10+deb12u6_arm64.deb
Files:
 c7ad918cbc2b6f4e2a8c24418151ca68 158124 debug optional curl-dbgsym_7.88.1-10+deb12u6_arm64.deb
 e558f3fdccc06e622f0392aaab19bdb8 12967 web optional curl_7.88.1-10+deb12u6_arm64-buildd.buildinfo
 96515f938055d01699e041bc47c9a9ae 308344 web optional curl_7.88.1-10+deb12u6_arm64.deb
 07385703814373b6b433e2d087afdee3 1012564 debug optional libcurl3-gnutls-dbgsym_7.88.1-10+deb12u6_arm64.deb
 c60d1969ed8f669d762446d4c783a6ba 360864 libs optional libcurl3-gnutls_7.88.1-10+deb12u6_arm64.deb
 882cc7bf97b09295b5a448f7b59288eb 1057812 debug optional libcurl3-nss-dbgsym_7.88.1-10+deb12u6_arm64.deb
 f75e5523012c26607d3a078ada8866c0 369208 libs optional libcurl3-nss_7.88.1-10+deb12u6_arm64.deb
 7936307f1835b5a680d33ddc40af5c32 1039796 debug optional libcurl4-dbgsym_7.88.1-10+deb12u6_arm64.deb
 b385ab83d53e5efdea336876fdb75264 470744 libdevel optional libcurl4-gnutls-dev_7.88.1-10+deb12u6_arm64.deb
 8c73a245284d7858f50d7106bfdda43a 480956 libdevel optional libcurl4-nss-dev_7.88.1-10+deb12u6_arm64.deb
 0f352e65e7d4639e4566457dc04548e2 475188 libdevel optional libcurl4-openssl-dev_7.88.1-10+deb12u6_arm64.deb
 ca4d8a298cb317650693325c3500f64c 366108 libs optional libcurl4_7.88.1-10+deb12u6_arm64.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEU81tY/BC8e+eAeWhLffeOnPnbLUFAmYVfRAACgkQLffeOnPn
bLVI6Q//ezNkor9aXYNr1YviZCqC6ed3dwxqUJJm0cIUDoBiGnct/ExfHRW4rTYC
iVXWDUta7iUDsmVVSQWt++ZmwHkrhyMjbLLYf5ajMr4X7tqPTwsawFfVTyZiYAQh
FmtptH4zJbUgaOfPviFL6KeQA7GwLp9wgD8CU6oQMovvxmPRIzpt6RMzzFpMhK0m
TNwE3fjLBOZzTcZVI3KSoa2aoyOhcXh6bjF9TgC4HDjCll+sPHhHu9JVlVeh1p5a
WRR3u3/e8rL8wqbE6lE8Vk4p8sg6uswtT7i/QyVodqD1oF3v3ngGxHT783/DAoVB
mxUwI//anIbSJYx6CeBaEM+0ItM6ME0rI33NlQCLfj+NtnBYrNp6/x/OufBgCL17
Z4jJFEbE84zQUQJXEDkMd8RErmWiSi90DQrymQ34BNve+4jWdYiWu2yhi+GxrXqc
CnHFakFEgw1+dZRPVin4DpcTbzAdWLsKmGtZlJL02UTMVyu+XTG4VUe1kD0xf+80
2++ZONzOlQbYVW/vQ8zR1RfphbQ5ENPn5vluWSMSepqGsIP7Ou824V6DutUr8L4H
2xdAusxbTJNv2FgqDAQpDCFFVr+Po2QVjsqkVLJboKb4Ryuf5NIu/6un0q5IzX64
rTpjqcYLti27H6gbDAtO+yzwl8BKihFEY2I5AdlnY68t+Ytqkzw=
=Bmri
-----END PGP SIGNATURE-----