-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Thu, 02 Jan 2025 21:11:56 -0300
Source: curl
Binary: libcurl4-doc
Architecture: all
Version: 7.88.1-10+deb12u9
Distribution: bookworm
Urgency: medium
Maintainer: all Build Daemon (x86-csail-02) <buildd_all-x86-csail-02@buildd.debian.org>
Changed-By: Aquila Macedo Costa <aquilamacedo@riseup.net>
Description:
 libcurl4-doc - documentation for libcurl
Changes:
 curl (7.88.1-10+deb12u9) bookworm; urgency=medium
 .
   * Team upload.
   * Import patches for CVE-2024-9681
     - A vulnerability in curl's HSTS handling allows a subdomain’s expiry time
       to overwrite its parent domain’s cache entry. This can lead to unintended
       HTTPS upgrades or premature reversion to HTTP when both subdomains and
       parent domains are used. Affects applications with HSTS enabled,
       potentially disrupting access when a domain stops supporting HTTPS.
   * d/patches:
     - CVE-2024-9681-*.patch: Backport patches.
     - CVE-2024-9681-1: fix backport inconsistencies
     - large-time-testable-feature.patch: Import 'large-time' feature for tests
     - dont-stop-stunnel-before-retry.patch: Import patch to avoid stopping
       stunnel before retrying
Checksums-Sha1:
 7ac801d07d25b5c6b930abf854518892c44faadb 9934 curl_7.88.1-10+deb12u9_all-buildd.buildinfo
 2f5552edbd767a8ed7fa5dfee3cb83185810f96d 1082976 libcurl4-doc_7.88.1-10+deb12u9_all.deb
Checksums-Sha256:
 fecf23657130a050f4ae5cef9b49910a738fbfb6acd0303fe0b3ad5bb0d53c34 9934 curl_7.88.1-10+deb12u9_all-buildd.buildinfo
 d6297fe9eaac267698765159ff5f71895f99e240d83e11175611abe9e2e94fa3 1082976 libcurl4-doc_7.88.1-10+deb12u9_all.deb
Files:
 83be1b8de312e67d0e42ce76ac6b5b73 9934 web optional curl_7.88.1-10+deb12u9_all-buildd.buildinfo
 3265df019c79d5aca80d169b3f3b9b94 1082976 doc optional libcurl4-doc_7.88.1-10+deb12u9_all.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEzcbx6nIE/ydHa1FFigL77i1GSVkFAmeVKOYACgkQigL77i1G
SVmZkRAAh5I24bqxvqLMxWe+4tjx4WMfSFXcJ08SDKbMJS/d78UXwYzEzQEekrxt
FEXt9C2HpMMrbAUNG5x1xzqJdCPmLhu9KCza/Yoy+hj8LWkiaNTTxKWJNVIVmNZ7
rbl+rJ0r32BnAF8qpmJkxdFx0lwyk2J+x7qJaQhcGpqD+3Vm91hOAPb+iHVO7tDV
uK6oOMDXp3uUbdsdETnbZh+h5P85emIsd8/RBKT5cXiXUFPpyND9Wex2QGlKwxvr
AzGz457KvidCku7guF5Fao6fR+7Wp47nMASw1dziiURl0eWjxfhVVEJAIJMFhzi3
/gu5Q6FbPbd1p8irNUxA2uxSYv7iYYlfVxmnGYOY1nBmG/8dbk6ZlbkO+LsUygs+
zsqziLwhIChwVS93xFn02r783eUeifwg6VHdOUy9ESpp1rJdlfAla8GleoiqUtct
I4WBv1Nv5cAgH8lXQkqvFTC+prZagK1LFY9VkbdjEnCwLO0P+kP+LwJOJezJu3YN
MZ62M6c+g08Wda1tIZEYgAdDYhEh4XKy2noTgzIElnwcEMacAdOLZHH7XHoNUE2O
GjU/8rFItqbtmScmaBEWUL4bvAecAcKreBVouZMyWFBQpv0K9giu0nleYi+zs2z8
++JOVsZzmkPEWQjNrWyLou5s0aKYEK1ltMH5U9HNQdkMlDd8az4=
=tqxE
-----END PGP SIGNATURE-----