On Tue, Nov 19, 2013 at 09:45:50PM +0100, Salvatore Bonaccorso wrote: > Hi Alessandro, > > On Tue, Nov 19, 2013 at 06:18:42PM +0100, Alessandro Ghedini wrote: > > Control: reassing -1 curl > > Control: found -1 curl/7.21.0-2.1+squeeze5 > > Control: found -1 curl/7.26.0-1+wheezy5 > > Control: tags -1 confirmed > > > > On mar, nov 19, 2013 at 09:51:35 -0600, Brian Kroth wrote: > > > Package: libcurl3 > > > Version: 7.21.0-2.1+squeeze5 > > > Severity: important > > > > > > > > > Hi, I believe I've found a regression in the recent libcurl3 DSA update. > > > Basically, it doesn't seem to be respecting the --insecure option in all > > > cases. > > > > Yes, it seems that the libcurl3 patch exposed a latent bug in the curl tool > > that was fixed in a later version (7.28.1 AFAICT). Wheezy is affected too. > > > > For the security team, I prepared new uploads that fix the regression (see > > attached debdiffs), could you please have a look? > > This looks good to me. Could you upload both packages for > security-master?
Done.
--
perl -E '$_=q;$/= @{[@_]};and s;\S+;<inidehG ordnasselA>;eg;say~~reverse'
signature.asc
Description: Digital signature
