-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.8 Date: Sat, 16 Nov 2013 13:04:23 +0100 Source: curl Binary: curl libcurl3 libcurl3-gnutls libcurl3-nss libcurl4-openssl-dev libcurl4-gnutls-dev libcurl4-nss-dev libcurl3-dbg Architecture: kfreebsd-i386 Version: 7.26.0-1+wheezy5 Distribution: wheezy-security Urgency: high Maintainer: kfreebsd-i386 Build Daemon (fils) Changed-By: Alessandro Ghedini Description: curl - command line tool for transferring data with URL syntax libcurl3 - easy-to-use client-side URL transfer library (OpenSSL flavour) libcurl3-dbg - debugging symbols for libcurl (OpenSSL, GnuTLS and NSS flavours) libcurl3-gnutls - easy-to-use client-side URL transfer library (GnuTLS flavour) libcurl3-nss - easy-to-use client-side URL transfer library (NSS flavour) libcurl4-gnutls-dev - development files and documentation for libcurl (GnuTLS flavour) libcurl4-nss-dev - development files and documentation for libcurl (NSS flavour) libcurl4-openssl-dev - development files and documentation for libcurl (OpenSSL flavour) Changes: curl (7.26.0-1+wheezy5) stable-security; urgency=high . * Fix OpenSSL checking of a certificate CN or SAN name field when the digital signature verification is turned off as per CVE-2013-4545 http://curl.haxx.se/docs/adv_20131115.html * Set urgency=high accordingly Checksums-Sha1: 0ec8d4e60f54aa29a4ad3285c489eb90fad987db 269582 curl_7.26.0-1+wheezy5_kfreebsd-i386.deb 3f5dd80e08e6c3f1e4340ec35f5cd021040f7ba1 336358 libcurl3_7.26.0-1+wheezy5_kfreebsd-i386.deb 48fb5b6753f13a36f4d81648f58fbbcfc7ef83d2 327196 libcurl3-gnutls_7.26.0-1+wheezy5_kfreebsd-i386.deb d5aa26e9d644020b9fdea5f7b3fb0f390bc7b794 333666 libcurl3-nss_7.26.0-1+wheezy5_kfreebsd-i386.deb 08034f837831cdd90561c1dfe880ebc9191b0456 1232964 libcurl4-openssl-dev_7.26.0-1+wheezy5_kfreebsd-i386.deb 7f6b03a07607eeae63a27654e7c58eb90b97ecec 1224200 libcurl4-gnutls-dev_7.26.0-1+wheezy5_kfreebsd-i386.deb 69516802578e15873c8f8125e8755a5de3fefac1 1230514 libcurl4-nss-dev_7.26.0-1+wheezy5_kfreebsd-i386.deb 050fd4cd3a3208668589c5bcbb46088dca6172b2 3251034 libcurl3-dbg_7.26.0-1+wheezy5_kfreebsd-i386.deb Checksums-Sha256: 63b3b955b5e7a72149fe967e7c35e43317f6ea5b07cf4b1656b799bddcc77701 269582 curl_7.26.0-1+wheezy5_kfreebsd-i386.deb db3f8b96ab35325b5aa5a14c4f0c4449231eb2b3d050298102b0da509f8e8606 336358 libcurl3_7.26.0-1+wheezy5_kfreebsd-i386.deb 6613b96cb76264f8dc5d80f136c5b70d1e33e370a21454c9479439d19a5fd392 327196 libcurl3-gnutls_7.26.0-1+wheezy5_kfreebsd-i386.deb 852a507901fccb2743f580c3ff46e56b95cd3ee83ae13bbb922478851486e23a 333666 libcurl3-nss_7.26.0-1+wheezy5_kfreebsd-i386.deb ea7e27d75ec8bb6d33c18269f4f3c9efa35f5465d1db5834b087d5b23c4efe72 1232964 libcurl4-openssl-dev_7.26.0-1+wheezy5_kfreebsd-i386.deb 522253ab23c2a79cff9f6d7e324e32f32d3e366693598fcdc26f953c7c479c29 1224200 libcurl4-gnutls-dev_7.26.0-1+wheezy5_kfreebsd-i386.deb f4094f4c6f65d7f054531febe466869f793d892ec5cc41fe5c434fafe7937e0a 1230514 libcurl4-nss-dev_7.26.0-1+wheezy5_kfreebsd-i386.deb 4ef047569834e6cb149effe834ab2b4117d0f364e81d36bf832cd7e0b01abbab 3251034 libcurl3-dbg_7.26.0-1+wheezy5_kfreebsd-i386.deb Files: dce6e575fd6ee84208ee189d14e0b0a6 269582 web optional curl_7.26.0-1+wheezy5_kfreebsd-i386.deb 2f5d2d77fb70f7724339f1d29976002e 336358 libs optional libcurl3_7.26.0-1+wheezy5_kfreebsd-i386.deb 57c3ab10534dbef4bdf730a99072062e 327196 libs optional libcurl3-gnutls_7.26.0-1+wheezy5_kfreebsd-i386.deb 6b9ec37106bed3b59b2f038a048ace54 333666 libs optional libcurl3-nss_7.26.0-1+wheezy5_kfreebsd-i386.deb dccb46eb724ad4720fd058761581b87d 1232964 libdevel optional libcurl4-openssl-dev_7.26.0-1+wheezy5_kfreebsd-i386.deb 3fbc8c6dde3e4d4b212aa43d61a0ab81 1224200 libdevel optional libcurl4-gnutls-dev_7.26.0-1+wheezy5_kfreebsd-i386.deb 3b2f038c9ef6a45e64e4900feff3ce7a 1230514 libdevel optional libcurl4-nss-dev_7.26.0-1+wheezy5_kfreebsd-i386.deb 0fae98f44867e3d89516ce8122153139 3251034 debug extra libcurl3-dbg_7.26.0-1+wheezy5_kfreebsd-i386.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/kFreeBSD) iQIcBAEBAgAGBQJSiM4mAAoJEOBZ3EoQ4ujo+8EP/3p9jw1uOA5HjsmUdiWmrJgB kU6SP9FjcnDTO8a2TbFKyyWkZP4mxCKWqIWulhbOuw4xNEMC58zxD6nR53HcgHjz uWlTifgQScGCQYmDhrF1Pq17hCpKbY5tS+u28vAXFPhdhFuJDPd3fuUoNYdd9Wh7 EbU0ukoJ4l2R6/5ETQXOOCU/FlmSF4HUEMcNYOveO2G+jTdzla6+MgvqxfVytXLV /8xFrysvc+/+CZYwXcrpTIpZ6uoXEPI+pU6eGqZvxhrGe9TX3LNIfr0JnuSr0B22 wAtjne7vxwSmNlk3HRiF1epHEt8Fz0gGguAzYcG88kRHrBv3c9BFTJ09t42ZYmyC LkvYBxai2Odj7N9L0sWe4+Xk6TbLBnsex9rgpxsjgLxvx444bHljBMuyeFidIgxa DqnNTrdTZWwhRZOWtMHbVCNjR5BZuzdQxPRnTZmq5l5JckrFZxvUdMeKKsBE/E/Q jI4Ma54jqR9wGIOTfAQXa8Z1TGrW3Os//16JLD18VUr+fZUTGfDHzpDIuA4yH6vf yt4d1wfsBBccIXy+sDXnNgHx23ExQiIoAOgsNKhtjFLuzOh2VpOEgKP4ohREXcQP DmwA0fRp13xPiaHBPuX2faOL4TT5iekim9OOO+lnmFhWC+GDvVyF7dyaysui46m8 LR+dyG+ys6x0EFFJyvRK =CU/h -----END PGP SIGNATURE-----