Control: found -1 curl/7.64.0-4+deb10u1 I think this upstream pull request is relevant: https://github.com/curl/curl/pull/3148
It's not related to NTLM authentication but because some HTTP proxies converted chunked response body unchunked without Content-Length header. Sometimes it is quite hard for users to ask their IT to change the proxy's behavior, so a popular workaround to this problem is to recompile src:git to link with the openssl version of libcurl. Not sure whether Debian is happy to talk with upstream again about the problem or just carry the proposed patch on our own. Cheers, Aron