-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.8 Date: Sat, 16 Nov 2013 13:04:23 +0100 Source: curl Binary: curl libcurl3 libcurl3-gnutls libcurl3-nss libcurl4-openssl-dev libcurl4-gnutls-dev libcurl4-nss-dev libcurl3-dbg Architecture: sparc Version: 7.26.0-1+wheezy5 Distribution: wheezy-security Urgency: high Maintainer: Stadler Changed-By: Alessandro Ghedini Description: curl - command line tool for transferring data with URL syntax libcurl3 - easy-to-use client-side URL transfer library (OpenSSL flavour) libcurl3-dbg - debugging symbols for libcurl (OpenSSL, GnuTLS and NSS flavours) libcurl3-gnutls - easy-to-use client-side URL transfer library (GnuTLS flavour) libcurl3-nss - easy-to-use client-side URL transfer library (NSS flavour) libcurl4-gnutls-dev - development files and documentation for libcurl (GnuTLS flavour) libcurl4-nss-dev - development files and documentation for libcurl (NSS flavour) libcurl4-openssl-dev - development files and documentation for libcurl (OpenSSL flavour) Changes: curl (7.26.0-1+wheezy5) stable-security; urgency=high . * Fix OpenSSL checking of a certificate CN or SAN name field when the digital signature verification is turned off as per CVE-2013-4545 http://curl.haxx.se/docs/adv_20131115.html * Set urgency=high accordingly Checksums-Sha1: 9f204fe5207341276604ee84a01d3df8c68a2f94 267634 curl_7.26.0-1+wheezy5_sparc.deb 9bf1ae576a7a5f54981a115571856466c2453153 317202 libcurl3_7.26.0-1+wheezy5_sparc.deb 7d83010b5a19975e2ef65176f7f5778891d6a410 307904 libcurl3-gnutls_7.26.0-1+wheezy5_sparc.deb 2ee7e797d2e3cd286d17c6585ad358a7999bd777 316494 libcurl3-nss_7.26.0-1+wheezy5_sparc.deb cb5b429b3e00ed80117dad1f4dd5d3db274c83c1 1240214 libcurl4-openssl-dev_7.26.0-1+wheezy5_sparc.deb 51ad4507330dca511c30423e264ee565d793a97d 1228626 libcurl4-gnutls-dev_7.26.0-1+wheezy5_sparc.deb 35c1e18e1dca84494d316f22f32e1544f1ce0e61 1238568 libcurl4-nss-dev_7.26.0-1+wheezy5_sparc.deb 7e8c9180ed546fca858f9ba57a06cb407801c1bd 2808220 libcurl3-dbg_7.26.0-1+wheezy5_sparc.deb Checksums-Sha256: 9b5bba592818f0aac791cbd6d45307b8ebdcfcc6dff2d12ab8429ecac704d022 267634 curl_7.26.0-1+wheezy5_sparc.deb dab9db18df71cc82f27aa0daa06413336d2240b8cb5cf761075473b4f739ccc5 317202 libcurl3_7.26.0-1+wheezy5_sparc.deb dc1b529df9e50c9128075fc969311696bde92edecaa372482bae0c4601aa8352 307904 libcurl3-gnutls_7.26.0-1+wheezy5_sparc.deb ebe38458542874d6a2b961ad9be1d040eae2fab57396297592d702ed928f4a4b 316494 libcurl3-nss_7.26.0-1+wheezy5_sparc.deb 535e21bbb43b129f86c74d3af7b109e146ea407c50e170ce75774a2737381461 1240214 libcurl4-openssl-dev_7.26.0-1+wheezy5_sparc.deb 3db487e851130e7d85ae1565175761f4d98ddbc11abc14b7f0aafb4ca2a34b4b 1228626 libcurl4-gnutls-dev_7.26.0-1+wheezy5_sparc.deb 983cc9830283d6c9429ffe58a875e43a5632f4674d0ee3883e64ee0222bd7daa 1238568 libcurl4-nss-dev_7.26.0-1+wheezy5_sparc.deb dc4c082b77de914408a4aa910a16197977d576522754b2cc4344b0e1518158c0 2808220 libcurl3-dbg_7.26.0-1+wheezy5_sparc.deb Files: 5bfecfce3000cffb704e8ac68364c167 267634 web optional curl_7.26.0-1+wheezy5_sparc.deb c148af34809beb301e8d2f1d59509914 317202 libs optional libcurl3_7.26.0-1+wheezy5_sparc.deb 05bbb2569b880e5c2f9d256a3347a02f 307904 libs optional libcurl3-gnutls_7.26.0-1+wheezy5_sparc.deb e1f480a46d2c3051ba43670d81ebd341 316494 libs optional libcurl3-nss_7.26.0-1+wheezy5_sparc.deb 53d3e0bf2cf822e9678cf84fd937c167 1240214 libdevel optional libcurl4-openssl-dev_7.26.0-1+wheezy5_sparc.deb 3ad79dc01859bc11ac2a8fe4218f54aa 1228626 libdevel optional libcurl4-gnutls-dev_7.26.0-1+wheezy5_sparc.deb 134c9bd2e616e9af0a600484d9616ab3 1238568 libdevel optional libcurl4-nss-dev_7.26.0-1+wheezy5_sparc.deb 79596bdfe0f565bdc05a968ac27e8da1 2808220 debug extra libcurl3-dbg_7.26.0-1+wheezy5_sparc.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQIcBAEBAgAGBQJSiNjfAAoJEG1FlVefmRn6VnIP/jaUR6lhrxG9V0hLJgLdv196 FgeyMGjwxkx3Ah3ai1V5eyrf8y09dPKJtFV4/RWBYlpdnFbTRyK6QMxwEfqSM8GG G/w290qIbn+sI7iqLAQgknhv7KM4/sIfezqXykPdITRXp5js3neH6oT5VLjAWpEE 4Im3PRklFT0yYio+2UzyKHe+8b67yT8KUjW1Mj44p7W2mhdDdMwrE2OuGzEsQV/c I1G+nbWaw5xLCozeO8AzDmJSb/ljTZ/00j2z74DxNHG1s2DTSBSGQlR93XKsvwFJ 8JAsDwD91/aH6JqZ8K1KNWbqxayHwZBo62bqfI+mTyrB8l3VpFAL/olF0Vz6d20R ZZhNDxo+U1mAIvB3BxJXtMnnGfU3XhKJOVJNUUNoeSHBv56mIG9Exo+fBTbi1k4j ZDtJ5bG7nUNBGEbGvykrSyr0UwEyQhd00aYh2BMdVUVkdvPCInnJlDkEQ/kKe5/W Gl0Ol/dQ1/J7V76ygU75U6oQCWOb3iVCMHUT84HZlhnqCX8MWdiI93mj0kmrS+zT aZFGTH/zkiiOHgf3cGxYv2FV2ta2TXvbfdEH13VPcHiB969Zdq4Tl4ksySNtfBXy 1laY/FfG64dkOEbFM6vRbyUrAooKZ4LaxFSMcbIZ6tL4Ro41DIBecfgW1lSJJOYM zQPFMj+7t1j48UM78eWp =bmWE -----END PGP SIGNATURE-----