| 2012-05-22 18:52:12 |
Andres Rodriguez |
description |
curl (7.25.0-1ubuntu1) quantal; urgency=low
.
* Merge from Debian testing. Remaining changes:
- Drop dependencies not in main:
+ Build-Depends: Drop stunnel4 and libssh2-1-dev.
+ Drop libssh2-1-dev from libcurl4-openssl-dev's Depends.
- Add new libcurl3-udeb and curl-udeb package.
* debian/patches/CVE-2012-0036.patch: Dropped. No longer needed.
.
curl (7.25.0-1) unstable; urgency=low
.
* New upstream release
- Add --ssl-allow-beast and CURLOPT_SSL_OPTIONS (Closes: #658276)
- Allow negative numbers as option value (Closes: #659591)
* Add libssh2-1-dev to libcurl4-gnutls-dev and libcurl4-nss-dev Depends
* Bump debhelper compat level to 9
- Make *.links files executable to simplify rules file
* Pass --as-needed ld flag to avoid unneeded dependencies
- Add workaround_as_needed_bug to workaround a libtool bug
- Drop dont_link_to_krb5 (not needed because of --as-needed)
* Do some clean-up in debian/rules
* Update debian/copyright format as in Debian Policy 3.9.3
* Bump Standards-Version to 3.9.3
* Explicit Conflicts in -dev packages (fixes binaries-have-file-conflict)
* Add openssh-server to build depends to enable some more tests
* Update upstream copyright years
* Refresh patches
.
curl (7.24.0-1) unstable; urgency=high
.
* New upstream release
- Improve documentation for the --capath option (Closes: #628697)
- Fix URL sanitization vulnerability as per CVE-2012-0036
http://curl.haxx.se/docs/adv_20120124.html
- Fix SSL CBC IV vulnerability as per CVE-2011-3389
http://curl.haxx.se/docs/adv_20120124B.html
- Set urgency=high accordingly
* Remove curl_links_with_rt patch (curl links to librt anyway)
* Improve descriptions of -dev and -dbg packages
* Drop fix_manpage_spelling and versioned patches (merged upstream)
* Refresh patches
* Add keep_symbols_compat patch to not break backwards ABI compatibility
* Enable libssh2 support for GnuTLS and NSS flavours too
(libssh2 now uses libgcrypt instead of libssl)
.
curl (7.23.1-3) unstable; urgency=low
.
* Enable security hardening flags
* Remove libdb-dev from B-D (not used)
* Improve short and long descriptions
* Provide proper *.symbols files (Closes: #651619)
* Do not version Curl_* symbols (for internal use only)
* Do not override dh_makeshlibs version anymore
.
curl (7.23.1-2) unstable; urgency=low
.
* Bump shlibs version for libcurl3-nss (Closes: #650498)
.
curl (7.23.1-1) unstable; urgency=low
.
* New upstream release
- Do not use gnutls_priority_set_direct and
gnutls_certificate_type_set_priority anymore (Closes: #624024)
* Refresh patches
* Add --enable-debug flag to configure (Closes: #648902)
* One Provides/Replaces per line
* libcurl4-openssl-dev Provides libcurl4-dev too (Closes: #644126)
* Specify only 3 components for Standards-Version
(the fourth is not really needed)
* Move ca-certificates to Recommends in lib* packages (Closes: #546607)
* Add NSS flavour to versioned symbols |
curl (7.25.0-1) unstable; urgency=low
.
* New upstream release
- Add --ssl-allow-beast and CURLOPT_SSL_OPTIONS (Closes: #658276)
- Allow negative numbers as option value (Closes: #659591)
* Add libssh2-1-dev to libcurl4-gnutls-dev and libcurl4-nss-dev Depends
* Bump debhelper compat level to 9
- Make *.links files executable to simplify rules file
* Pass --as-needed ld flag to avoid unneeded dependencies
- Add workaround_as_needed_bug to workaround a libtool bug
- Drop dont_link_to_krb5 (not needed because of --as-needed)
* Do some clean-up in debian/rules
* Update debian/copyright format as in Debian Policy 3.9.3
* Bump Standards-Version to 3.9.3
* Explicit Conflicts in -dev packages (fixes binaries-have-file-conflict)
* Add openssh-server to build depends to enable some more tests
* Update upstream copyright years
* Refresh patches
.
curl (7.24.0-1) unstable; urgency=high
.
* New upstream release
- Improve documentation for the --capath option (Closes: #628697)
- Fix URL sanitization vulnerability as per CVE-2012-0036
http://curl.haxx.se/docs/adv_20120124.html
- Fix SSL CBC IV vulnerability as per CVE-2011-3389
http://curl.haxx.se/docs/adv_20120124B.html
- Set urgency=high accordingly
* Remove curl_links_with_rt patch (curl links to librt anyway)
* Improve descriptions of -dev and -dbg packages
* Drop fix_manpage_spelling and versioned patches (merged upstream)
* Refresh patches
* Add keep_symbols_compat patch to not break backwards ABI compatibility
* Enable libssh2 support for GnuTLS and NSS flavours too
(libssh2 now uses libgcrypt instead of libssl)
.
curl (7.23.1-3) unstable; urgency=low
.
* Enable security hardening flags
* Remove libdb-dev from B-D (not used)
* Improve short and long descriptions
* Provide proper *.symbols files (Closes: #651619)
* Do not version Curl_* symbols (for internal use only)
* Do not override dh_makeshlibs version anymore
.
curl (7.23.1-2) unstable; urgency=low
.
* Bump shlibs version for libcurl3-nss (Closes: #650498)
.
curl (7.23.1-1) unstable; urgency=low
.
* New upstream release
- Do not use gnutls_priority_set_direct and
gnutls_certificate_type_set_priority anymore (Closes: #624024)
* Refresh patches
* Add --enable-debug flag to configure (Closes: #648902)
* One Provides/Replaces per line
* libcurl4-openssl-dev Provides libcurl4-dev too (Closes: #644126)
* Specify only 3 components for Standards-Version
(the fourth is not really needed)
* Move ca-certificates to Recommends in lib* packages (Closes: #546607)
* Add NSS flavour to versioned symbols |
|
