File: changelog

package info (click to toggle)
curl 7.52.1-5+deb9u9
  • links: PTS, VCS
  • area: main
  • in suites: stretch
  • size: 29,212 kB
  • sloc: ansic: 121,969; perl: 12,210; sh: 5,811; makefile: 2,302; cpp: 486; pascal: 388; python: 290; awk: 58
file content (2127 lines) | stat: -rw-r--r-- 74,221 bytes parent folder | download
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
858
859
860
861
862
863
864
865
866
867
868
869
870
871
872
873
874
875
876
877
878
879
880
881
882
883
884
885
886
887
888
889
890
891
892
893
894
895
896
897
898
899
900
901
902
903
904
905
906
907
908
909
910
911
912
913
914
915
916
917
918
919
920
921
922
923
924
925
926
927
928
929
930
931
932
933
934
935
936
937
938
939
940
941
942
943
944
945
946
947
948
949
950
951
952
953
954
955
956
957
958
959
960
961
962
963
964
965
966
967
968
969
970
971
972
973
974
975
976
977
978
979
980
981
982
983
984
985
986
987
988
989
990
991
992
993
994
995
996
997
998
999
1000
1001
1002
1003
1004
1005
1006
1007
1008
1009
1010
1011
1012
1013
1014
1015
1016
1017
1018
1019
1020
1021
1022
1023
1024
1025
1026
1027
1028
1029
1030
1031
1032
1033
1034
1035
1036
1037
1038
1039
1040
1041
1042
1043
1044
1045
1046
1047
1048
1049
1050
1051
1052
1053
1054
1055
1056
1057
1058
1059
1060
1061
1062
1063
1064
1065
1066
1067
1068
1069
1070
1071
1072
1073
1074
1075
1076
1077
1078
1079
1080
1081
1082
1083
1084
1085
1086
1087
1088
1089
1090
1091
1092
1093
1094
1095
1096
1097
1098
1099
1100
1101
1102
1103
1104
1105
1106
1107
1108
1109
1110
1111
1112
1113
1114
1115
1116
1117
1118
1119
1120
1121
1122
1123
1124
1125
1126
1127
1128
1129
1130
1131
1132
1133
1134
1135
1136
1137
1138
1139
1140
1141
1142
1143
1144
1145
1146
1147
1148
1149
1150
1151
1152
1153
1154
1155
1156
1157
1158
1159
1160
1161
1162
1163
1164
1165
1166
1167
1168
1169
1170
1171
1172
1173
1174
1175
1176
1177
1178
1179
1180
1181
1182
1183
1184
1185
1186
1187
1188
1189
1190
1191
1192
1193
1194
1195
1196
1197
1198
1199
1200
1201
1202
1203
1204
1205
1206
1207
1208
1209
1210
1211
1212
1213
1214
1215
1216
1217
1218
1219
1220
1221
1222
1223
1224
1225
1226
1227
1228
1229
1230
1231
1232
1233
1234
1235
1236
1237
1238
1239
1240
1241
1242
1243
1244
1245
1246
1247
1248
1249
1250
1251
1252
1253
1254
1255
1256
1257
1258
1259
1260
1261
1262
1263
1264
1265
1266
1267
1268
1269
1270
1271
1272
1273
1274
1275
1276
1277
1278
1279
1280
1281
1282
1283
1284
1285
1286
1287
1288
1289
1290
1291
1292
1293
1294
1295
1296
1297
1298
1299
1300
1301
1302
1303
1304
1305
1306
1307
1308
1309
1310
1311
1312
1313
1314
1315
1316
1317
1318
1319
1320
1321
1322
1323
1324
1325
1326
1327
1328
1329
1330
1331
1332
1333
1334
1335
1336
1337
1338
1339
1340
1341
1342
1343
1344
1345
1346
1347
1348
1349
1350
1351
1352
1353
1354
1355
1356
1357
1358
1359
1360
1361
1362
1363
1364
1365
1366
1367
1368
1369
1370
1371
1372
1373
1374
1375
1376
1377
1378
1379
1380
1381
1382
1383
1384
1385
1386
1387
1388
1389
1390
1391
1392
1393
1394
1395
1396
1397
1398
1399
1400
1401
1402
1403
1404
1405
1406
1407
1408
1409
1410
1411
1412
1413
1414
1415
1416
1417
1418
1419
1420
1421
1422
1423
1424
1425
1426
1427
1428
1429
1430
1431
1432
1433
1434
1435
1436
1437
1438
1439
1440
1441
1442
1443
1444
1445
1446
1447
1448
1449
1450
1451
1452
1453
1454
1455
1456
1457
1458
1459
1460
1461
1462
1463
1464
1465
1466
1467
1468
1469
1470
1471
1472
1473
1474
1475
1476
1477
1478
1479
1480
1481
1482
1483
1484
1485
1486
1487
1488
1489
1490
1491
1492
1493
1494
1495
1496
1497
1498
1499
1500
1501
1502
1503
1504
1505
1506
1507
1508
1509
1510
1511
1512
1513
1514
1515
1516
1517
1518
1519
1520
1521
1522
1523
1524
1525
1526
1527
1528
1529
1530
1531
1532
1533
1534
1535
1536
1537
1538
1539
1540
1541
1542
1543
1544
1545
1546
1547
1548
1549
1550
1551
1552
1553
1554
1555
1556
1557
1558
1559
1560
1561
1562
1563
1564
1565
1566
1567
1568
1569
1570
1571
1572
1573
1574
1575
1576
1577
1578
1579
1580
1581
1582
1583
1584
1585
1586
1587
1588
1589
1590
1591
1592
1593
1594
1595
1596
1597
1598
1599
1600
1601
1602
1603
1604
1605
1606
1607
1608
1609
1610
1611
1612
1613
1614
1615
1616
1617
1618
1619
1620
1621
1622
1623
1624
1625
1626
1627
1628
1629
1630
1631
1632
1633
1634
1635
1636
1637
1638
1639
1640
1641
1642
1643
1644
1645
1646
1647
1648
1649
1650
1651
1652
1653
1654
1655
1656
1657
1658
1659
1660
1661
1662
1663
1664
1665
1666
1667
1668
1669
1670
1671
1672
1673
1674
1675
1676
1677
1678
1679
1680
1681
1682
1683
1684
1685
1686
1687
1688
1689
1690
1691
1692
1693
1694
1695
1696
1697
1698
1699
1700
1701
1702
1703
1704
1705
1706
1707
1708
1709
1710
1711
1712
1713
1714
1715
1716
1717
1718
1719
1720
1721
1722
1723
1724
1725
1726
1727
1728
1729
1730
1731
1732
1733
1734
1735
1736
1737
1738
1739
1740
1741
1742
1743
1744
1745
1746
1747
1748
1749
1750
1751
1752
1753
1754
1755
1756
1757
1758
1759
1760
1761
1762
1763
1764
1765
1766
1767
1768
1769
1770
1771
1772
1773
1774
1775
1776
1777
1778
1779
1780
1781
1782
1783
1784
1785
1786
1787
1788
1789
1790
1791
1792
1793
1794
1795
1796
1797
1798
1799
1800
1801
1802
1803
1804
1805
1806
1807
1808
1809
1810
1811
1812
1813
1814
1815
1816
1817
1818
1819
1820
1821
1822
1823
1824
1825
1826
1827
1828
1829
1830
1831
1832
1833
1834
1835
1836
1837
1838
1839
1840
1841
1842
1843
1844
1845
1846
1847
1848
1849
1850
1851
1852
1853
1854
1855
1856
1857
1858
1859
1860
1861
1862
1863
1864
1865
1866
1867
1868
1869
1870
1871
1872
1873
1874
1875
1876
1877
1878
1879
1880
1881
1882
1883
1884
1885
1886
1887
1888
1889
1890
1891
1892
1893
1894
1895
1896
1897
1898
1899
1900
1901
1902
1903
1904
1905
1906
1907
1908
1909
1910
1911
1912
1913
1914
1915
1916
1917
1918
1919
1920
1921
1922
1923
1924
1925
1926
1927
1928
1929
1930
1931
1932
1933
1934
1935
1936
1937
1938
1939
1940
1941
1942
1943
1944
1945
1946
1947
1948
1949
1950
1951
1952
1953
1954
1955
1956
1957
1958
1959
1960
1961
1962
1963
1964
1965
1966
1967
1968
1969
1970
1971
1972
1973
1974
1975
1976
1977
1978
1979
1980
1981
1982
1983
1984
1985
1986
1987
1988
1989
1990
1991
1992
1993
1994
1995
1996
1997
1998
1999
2000
2001
2002
2003
2004
2005
2006
2007
2008
2009
2010
2011
2012
2013
2014
2015
2016
2017
2018
2019
2020
2021
2022
2023
2024
2025
2026
2027
2028
2029
2030
2031
2032
2033
2034
2035
2036
2037
2038
2039
2040
2041
2042
2043
2044
2045
2046
2047
2048
2049
2050
2051
2052
2053
2054
2055
2056
2057
2058
2059
2060
2061
2062
2063
2064
2065
2066
2067
2068
2069
2070
2071
2072
2073
2074
2075
2076
2077
2078
2079
2080
2081
2082
2083
2084
2085
2086
2087
2088
2089
2090
2091
2092
2093
2094
2095
2096
2097
2098
2099
2100
2101
2102
2103
2104
2105
2106
2107
2108
2109
2110
2111
2112
2113
2114
2115
2116
2117
2118
2119
2120
2121
2122
2123
2124
2125
2126
2127
curl (7.52.1-5+deb9u9) stretch-security; urgency=high

  * Fix NTLM type-2 out-of-bounds buffer read as per CVE-2018-16890
    https://curl.haxx.se/docs/CVE-2018-16890.html
  * Fix NTLMv2 type-3 header stack buffer overflow as per CVE-2019-3822
    https://curl.haxx.se/docs/CVE-2019-3822.html
  * Fix SMTP end-of-response out-of-bounds read as per CVE-2019-3823
    https://curl.haxx.se/docs/CVE-2019-3823.html

 -- Alessandro Ghedini <ghedo@debian.org>  Mon, 04 Feb 2019 20:55:32 +0000

curl (7.52.1-5+deb9u8) stretch-security; urgency=high

  * Fix SASL password overflow via integer overflow as per CVE-2018-16839
    https://curl.haxx.se/docs/CVE-2018-16839.html
  * Fix warning message out-of-buffer read as per CVE-2018-16842
    https://curl.haxx.se/docs/CVE-2018-16842.html

 -- Alessandro Ghedini <ghedo@debian.org>  Tue, 30 Oct 2018 21:39:11 +0000

curl (7.52.1-5+deb9u7) stretch-security; urgency=high

  * Fix NTLM password overflow via integer overflow as per CVE-2018-14618
    https://curl.haxx.se/docs/CVE-2018-14618.html

 -- Alessandro Ghedini <ghedo@debian.org>  Mon, 03 Sep 2018 23:50:29 +0100

curl (7.52.1-5+deb9u6) stretch-security; urgency=high

  * Fix heap buffer over-read when parsing bad RTSP headers
    as per CVE-2018-1000301
    https://curl.haxx.se/docs/adv_2018-b138.html

 -- Alessandro Ghedini <ghedo@debian.org>  Tue, 15 May 2018 23:00:28 +0100

curl (7.52.1-5+deb9u5) stretch-security; urgency=high

  * Fix NIL byte out of bounds write due to FTP path trickery
    as per CVE-2018-1000120
    https://curl.haxx.se/docs/adv_2018-9cd6.html
  * Fix LDAP NULL pointer dereference as per CVE-2018-1000121
    https://curl.haxx.se/docs/adv_2018-97a2.html
  * Fix RTSP RTP buffer over-read as per CVE-2018-1000122
    https://curl.haxx.se/docs/adv_2018-b047.html

 -- Alessandro Ghedini <ghedo@debian.org>  Tue, 13 Mar 2018 00:46:06 +0000

curl (7.52.1-5+deb9u4) stretch-security; urgency=high

  * Fix HTTP/2 trailer out-of-bounds read as per CVE-2018-1000005
    https://curl.haxx.se/docs/adv_2018-824a.html
  * Fix HTTP authentication leak in redirects as per CVE-2018-1000007
    https://curl.haxx.se/docs/adv_2018-b3bf.html

 -- Alessandro Ghedini <ghedo@debian.org>  Tue, 23 Jan 2018 21:56:56 +0000

curl (7.52.1-5+deb9u3) stretch-security; urgency=high

  * Non-maintainer upload by the Security Team.
  * Fix NTLM buffer overflow via integer overflow as per CVE-2017-8816
    https://curl.haxx.se/docs/adv_2017-11e7.html
  * Fix FTP wildcard out of bounds read as per CVE-2017-8817
    https://curl.haxx.se/docs/adv_2017-ae72.html

 -- Yves-Alexis Perez <corsac@debian.org>  Sun, 26 Nov 2017 13:00:56 +0100

curl (7.52.1-5+deb9u2) stretch-security; urgency=medium

  * Fix IMAP FETCH response out of bounds read as per CVE-2017-1000257
    https://curl.haxx.se/docs/adv_20171023.html

 -- Alessandro Ghedini <ghedo@debian.org>  Sun, 22 Oct 2017 21:23:30 +0100

curl (7.52.1-5+deb9u1) stretch-security; urgency=medium

  * Fix TFTP sends more than buffer size as per CVE-2017-1000100
    https://curl.haxx.se/docs/adv_20170809B.html
  * Fix URL globbing out of bounds read as per CVE-2017-1000101
    https://curl.haxx.se/docs/adv_20170809A.html
  * Fix FTP PWD response parser out of bounds read as per CVE-2017-1000254
    https://curl.haxx.se/docs/adv_20171004.html

 -- Alessandro Ghedini <ghedo@debian.org>  Sun, 01 Oct 2017 12:07:01 +0100

curl (7.52.1-5) unstable; urgency=high

  * Fix TLS session resumption client cert bypass as per CVE-2017-7468
    https://curl.haxx.se/docs/adv_20170419.html

 -- Alessandro Ghedini <ghedo@debian.org>  Wed, 19 Apr 2017 11:19:50 +0100

curl (7.52.1-4) unstable; urgency=medium

  * Fix regression in CONNECT response handling (Closes: #857613)
  * Fix buffer read overrun on --write-out as per CVE-2017-7407
    https://curl.haxx.se/docs/adv_20170403.html (Closes: #859500)

 -- Alessandro Ghedini <ghedo@debian.org>  Sat, 08 Apr 2017 21:55:27 +0100

curl (7.52.1-3) unstable; urgency=high

  * Make SSL_VERIFYSTATUS work again as per CVE-2017-2629
    https://curl.haxx.se/docs/adv_20170222.html

 -- Alessandro Ghedini <ghedo@debian.org>  Tue, 21 Feb 2017 22:38:41 +0000

curl (7.52.1-2) unstable; urgency=medium

  * Fix HTTPS connection timeout with OpenSSL (Closes: #852317)

 -- Alessandro Ghedini <ghedo@debian.org>  Sun, 29 Jan 2017 21:34:10 +0000

curl (7.52.1-1) unstable; urgency=medium

  * New upstream release
    - Fix printf floating point buffer overflow as per CVE-2016-9586
      (Closes: #848958)
  * B-D on "libssl1.0-dev | libssl-dev (<< 1.1)" (Closes: #850880, #844018)
  * Another attempt at making -dev packages multi-arch.
    Thanks to Benjamin Moody for the patches. (Closes: #731998, #846360)
  * Enable support for PSL (Closes: #847958)
  * Re-enable support for IDN (Closes: #849539)
  * Drop 10_disable-network-tests.patch.
    It didn't really work, and the issue is not urgent.
  * Switch curl binary back to libcurl3/OpenSSL.
    While the GnuTLS flavour mostly worked fine, there are a bunch of features
    that are not implemented.

 -- Alessandro Ghedini <ghedo@debian.org>  Thu, 12 Jan 2017 22:02:44 +0000

curl (7.51.0-1) unstable; urgency=medium

  * New upstream release
    - Fix cookie injection for other servers as per CVE-2016-8615
      https://curl.haxx.se/docs/adv_20161102A.html
    - Fix case insensitive password comparison as per CVE-2016-8616
      https://curl.haxx.se/docs/adv_20161102B.html
    - Fix OOB write via unchecked multiplication as per CVE-2016-8617
      https://curl.haxx.se/docs/adv_20161102C.html
    - Fix double-free in curl_maprintf as per CVE-2016-8618
      https://curl.haxx.se/docs/adv_20161102D.html
    - Fix double-free in krb5 code as per CVE-2016-8619
      https://curl.haxx.se/docs/adv_20161102E.html
    - Fix glob parser write/read out of bounds as per CVE-2016-8620
      https://curl.haxx.se/docs/adv_20161102F.html
    - Fix curl_getdate read out of bounds as per CVE-2016-8621
      https://curl.haxx.se/docs/adv_20161102G.html
    - Fix URL unescape heap overflow via integer truncation as per CVE-2016-8622
      https://curl.haxx.se/docs/adv_20161102H.html
    - Fix use-after-free via shared cookies as per CVE-2016-8623
      https://curl.haxx.se/docs/adv_20161102I.html
    - Fix invalid URL parsing with '#' as per CVE-2016-8624
      https://curl.haxx.se/docs/adv_20161102J.html
    - Fix IDNA 2003 makes curl use wrong host
      https://curl.haxx.se/docs/adv_20161102K.html
    - Fix escape and unescape integer overflows as
      per CVE-2016-7167 (Closes: #837945)
      https://curl.haxx.se/docs/adv_20160914.html
    - Fix incorrect reuse of client certificates (NSS backend)
      as per CVE-2016-7141 (Closes: #836918)
      https://curl.haxx.se/docs/adv_20160907.html
  * Drop 02_art_http_scripting.patch (file not shipped anymore)
  * Refresh patches
  * Temporarily disable IDN support
  * Don't install pdf and html docs (they are not shipped in the tarball anymore)
  * Install markdown docs

 -- Alessandro Ghedini <ghedo@debian.org>  Thu, 03 Nov 2016 22:46:14 +0000

curl (7.50.1-2) unstable; urgency=medium

  * Disable more network tests (Closes: #830273)

 -- Alessandro Ghedini <ghedo@debian.org>  Sun, 28 Aug 2016 14:48:05 +0100

curl (7.50.1-1) unstable; urgency=medium

  * New upstream release (Closes: #827900)
    - Fix TLS session resumption client cert bypass as per CVE-2016-5419
      https://curl.haxx.se/docs/adv_20160803A.html
    - Fix re-using connection with wrong client cert as per CVE-2016-5420
      https://curl.haxx.se/docs/adv_20160803B.html
    - Fix use of connection struct after free as per CVE-2016-5421
      https://curl.haxx.se/docs/adv_20160803C.html
    - Support OpenSSL 1.1 (Closes: #828127)
  * Fix 04_workaround_as_needed_bug.patch.
    Thanks to Yuriy M. Kaminskiy for the patch (Closes: #818131)
  * Bump Standards-Version to 3.9.8 (no changes needed)
  * Update Vcs-* URLs
  * Refresh patches
  * Add 08_enable-zsh.patch to re-enable zsh completion generation
  * Remove 08_fix-zsh-completion.patch (was already disabled)
  * Add 09_fix-typo.patch to fix spelling-error-in-manpage
  * Add 10_disable-network-tests.patch to disable networked tests
    (Closes: #830273)
  * Improve cross Build-Depends satisfiability.
    Thanks to Helmut Grohne for the patch (Closes: #818092)

 -- Alessandro Ghedini <ghedo@debian.org>  Wed, 03 Aug 2016 12:46:05 +0100

curl (7.47.0-1) unstable; urgency=high

  * New upstream release
    - Fix NTLM credentials not-checked for proxy connection re-use
      as per CVE-2016-0755
      http://curl.haxx.se/docs/adv_20160127A.html
    - Set uyrgency=high accordingly
  * Remove hard-coded dependency on libgnutls (Closes: #812542)
  * Drop 08_fix-zsh-completion.patch (merged upstream)
  * Refresh patches

 -- Alessandro Ghedini <ghedo@debian.org>  Wed, 27 Jan 2016 11:45:59 +0000

curl (7.46.0-1) unstable; urgency=medium

  * New upstream release
    - Initialize OpenSSL algorithms after loading config (Closes: #805408)
  * Install curl zsh completion (Closes: #805509)
    - Add 08_fix-zsh-completion.patch to fix zsh completion generation

 -- Alessandro Ghedini <ghedo@debian.org>  Sun, 27 Dec 2015 18:18:09 +0100

curl (7.45.0-1) unstable; urgency=medium

  * New upstream release
  * Drop 08_spelling.patch (merged upstream)

 -- Alessandro Ghedini <ghedo@debian.org>  Wed, 07 Oct 2015 12:59:03 +0200

curl (7.44.0-2) unstable; urgency=medium

  * Enable HTTP/2 support (Closes: #796302)

 -- Alessandro Ghedini <ghedo@debian.org>  Thu, 10 Sep 2015 11:25:14 +0200

curl (7.44.0-1) unstable; urgency=medium

  * New upstream release
  * Refresh patches
  * Update symbols files
  * Add 08_spelling.patch to fix some spelling errors

 -- Alessandro Ghedini <ghedo@debian.org>  Wed, 12 Aug 2015 11:49:04 +0200

curl (7.43.0-1) unstable; urgency=medium

  * New upstream release
    - Fix lingering HTTP credentials in connection re-use as per CVE-2015-3236
      http://curl.haxx.se/docs/adv_20150617A.html
    - Fix SMB send off unrelated memory contents as per CVE-2015-3237
      http://curl.haxx.se/docs/adv_20150617B.html
  * Refresh patches
  * Fix spelling-error-in-description

 -- Alessandro Ghedini <ghedo@debian.org>  Wed, 17 Jun 2015 10:21:34 +0200

curl (7.42.1-3) unstable; urgency=medium

  * Update copyright
  * Set both CA bundle and CA path default values for OpenSSL and GnuTLS
    backends
  * Bump versioned depends on libgnutls to workaround lack of nettle versioned
    symbols (Closes: #787960)

 -- Alessandro Ghedini <ghedo@debian.org>  Sun, 07 Jun 2015 18:15:15 +0200

curl (7.42.1-2) unstable; urgency=medium

  * Switch curl binary to libcurl3-gnutls (Closes: #342719)
    This is the first step of a possible migration to a GnuTLS-only
    libcurl for Debian. Let's see how it goes.

 -- Alessandro Ghedini <ghedo@debian.org>  Sun, 03 May 2015 13:13:15 +0200

curl (7.42.1-1) unstable; urgency=high

  * New upstream release
    - Don't send sensitive HTTP server headers to proxies as per
      CVE-2015-3153
      http://curl.haxx.se/docs/adv_20150429.html
  * Drop 08_fix-spelling.patch (merged upstream)
  * Refresh patches

 -- Alessandro Ghedini <ghedo@debian.org>  Wed, 29 Apr 2015 10:43:43 +0200

curl (7.42.0-1) unstable; urgency=medium

  * New upstream release
    - Fix re-using authenticated connection when unauthenticated
      as per CVE-2015-3143
      http://curl.haxx.se/docs/adv_20150422A.html
    - Fix host name out of boundary memory access as per CVE-2015-3144
      http://curl.haxx.se/docs/adv_20150422D.html
    - Fix cookie parser out of boundary memory access as per CVE-2015-3145
      http://curl.haxx.se/docs/adv_20150422C.html
    - Fix Negotiate not treated as connection-oriented as per CVE-2015-3148
      http://curl.haxx.se/docs/adv_20150422B.html
    - Disable SSLv3 in the OpenSSL backend when OPENSSL_NO_SSL3_METHOD is
      defined (Closes: #768562)
  * Drop patches merged upstream
  * Refresh patches
  * Bump Standards-Version to 3.9.6 (no changes needed)

 -- Alessandro Ghedini <ghedo@debian.org>  Wed, 22 Apr 2015 11:07:32 +0200

curl (7.38.0-4) unstable; urgency=high

  * Fix URL request injection vulnerability as per CVE-2014-8150
    http://curl.haxx.se/docs/adv_20150108B.html
  * Set urgency=high accordingly

 -- Alessandro Ghedini <ghedo@debian.org>  Thu, 08 Jan 2015 10:47:24 +0100

curl (7.38.0-3) unstable; urgency=high

  * Enable all hardening options (Closes: #763372)
  * Fix duphandle read out of bounds as per CVE-2014-3707
    http://curl.haxx.se/docs/adv_20141105.html
  * Set urgency=high accordingly

 -- Alessandro Ghedini <ghedo@debian.org>  Thu, 06 Nov 2014 11:40:24 +0100

curl (7.38.0-2) unstable; urgency=medium

  * Check for libtoolize instead of libtool during build.
    Thanks to Helmut Grohne for the patch (Closes: #761740)
  * Add README.source note regarding ordering of patches (Closes: #762193)
  * Add 10_fix-resolver.patch from upstream (Closes: #762014)

 -- Alessandro Ghedini <ghedo@debian.org>  Tue, 23 Sep 2014 16:41:53 +0200

curl (7.38.0-1) unstable; urgency=medium

  * New upstream release
    - Only use full host matches for hosts used as IP address
      as per CVE-2014-3613
      http://curl.haxx.se/docs/adv_20140910A.html
    - Reject incoming cookies set for TLDs as per CVE-2014-3620
      http://curl.haxx.se/docs/adv_20140910B.html
  * Drop 08_link-curl-to-nss.patch (merged upstream)
  * Refresh patches
  * Fix wildcard-matches-nothing-in-dep5-copyright
  * Add 08_fix-spelling.patch

 -- Alessandro Ghedini <ghedo@debian.org>  Wed, 10 Sep 2014 20:11:02 +0200

curl (7.37.1-1) unstable; urgency=medium

  * New upstream release
  * Re-enable RTMP support (Closes: #754222)
  * Add 08_link-curl-to-nss.patch to fix NSS build
  * Refresh patches
  * Install manpages of single libcurl options too

 -- Alessandro Ghedini <ghedo@debian.org>  Fri, 18 Jul 2014 10:18:03 +0200

curl (7.37.0-1) unstable; urgency=medium

  * New upstream release
    - Fix NULL pointer dereference in GnuTLS code (Closes: #746349)
  * Drop 08_fix-imap-tests.patch (merged upstream)
  * Refresh 01_runtests_gdb.patch
  * Remove Build-Depends on libgcrypt

 -- Alessandro Ghedini <ghedo@debian.org>  Wed, 21 May 2014 15:22:38 +0200

curl (7.36.0-2) unstable; urgency=medium

  * Move Depends on -dev packages needed to use static libraries to Suggests
  * Switch to GnuTLS 3.x (Closes: #741568)
  * Disable RTMP support (librtmp-dev requires libgnutls-dev, which conflicts
    with libgnutls28-dev)

 -- Alessandro Ghedini <ghedo@debian.org>  Mon, 28 Apr 2014 19:37:14 +0200

curl (7.36.0-1) unstable; urgency=high

  * New upstream release (Closes: #742728)
    - Fix connection re-use when using different log-in credentials
      as per CVE-2014-0138
      http://curl.haxx.se/docs/adv_20140326A.html
    - Reject IP address wildcard matches as per CVE-2014-0139
      http://curl.haxx.se/docs/adv_20140326B.html
    - Set urgency=high accordingly
  * Add 08_fix-imap-tests.patch to fix tests broken by the fix for CVE-2014-0138

 -- Alessandro Ghedini <ghedo@debian.org>  Sun, 30 Mar 2014 15:36:35 +0200

curl (7.35.0-1) unstable; urgency=high

  * New upstream release
    - Fix re-use of wrong HTTP NTLM connection as per CVE-2014-0015
      http://curl.haxx.se/docs/adv_20140129.html
    - Set urgency=high accordingly
  * Refresh patches

 -- Alessandro Ghedini <ghedo@debian.org>  Wed, 29 Jan 2014 11:16:57 +0100

curl (7.34.0-1) unstable; urgency=high

  * New upstream release
    - Fix GnuTLS checking of a certificate CN or SAN name field when the
      digital signature verification is turned off as per CVE-2013-6422
      http://curl.haxx.se/docs/adv_20131217.html
    - Set urgency=high accordingly
  * Drop patches merged upstream:
    - 08_fix-typo.patch
    - 09_fix-urlglob.patch

 -- Alessandro Ghedini <ghedo@debian.org>  Tue, 17 Dec 2013 13:16:19 +0100

curl (7.33.0-2) unstable; urgency=low

  * Make -dev packages Multi-Arch: same too (Closes: #731309)
  * Bump Standards-Version to 3.9.5 (no changes needed)
  * Add 09_fix-urlglob.patch to fix URL globbing (Closes: #731855)

 -- Alessandro Ghedini <ghedo@debian.org>  Wed, 11 Dec 2013 18:44:37 +0100

curl (7.33.0-1) unstable; urgency=low

  * New upstream release
    - Handle arbitrary-length username and password (Closes: #719856)
  * Remove Luk from Uploaders as per his request (Closes: #723603)
  * Do not Build-Depends on specific automake version (Closes: #724361)
  * Fix lintian vcs-field-not-canonical
  * Add 08_fix-typo.patch
  * Refresh patches

 -- Alessandro Ghedini <ghedo@debian.org>  Mon, 14 Oct 2013 22:11:14 +0200

curl (7.32.0-1) unstable; urgency=low

  * New upstream release
  * Fix typo in changelog entry for 7.31.0-1 (Closes: #714502)
  * Drop 08_typo.patch (merged upstream)
  * Drop 09_openssl-recv.patch (merged upstream)
  * Refresh 90_gnutls.patch and 99_nss.patch
  * Refresh 06_always-disable-valgrind.patch
  * Enable threaded DNS resolver (Closes: #570436)
    See NEWS.Debian for more info

 -- Alessandro Ghedini <ghedo@debian.org>  Mon, 12 Aug 2013 12:19:05 +0200

curl (7.31.0-2) unstable; urgency=high

  * Add 09_openssl-recv.patch to fix incorrect OpenSSL usage (Closes: #714050)
  * Set urgency=high because of the security fix in the previous upload

 -- Alessandro Ghedini <ghedo@debian.org>  Wed, 26 Jun 2013 11:47:00 +0200

curl (7.31.0-1) unstable; urgency=low

  * New upstream release
    - Fix URL decode buffer boundary flaw as per CVE-2013-2174
      http://curl.haxx.se/docs/adv_20130622.html
  * Make curl Multi-Arch: foreign (Closes: #712585)
  * Drop 08_reset-timecond.patch (merged upstream)
  * Refresh patches
  * Add 08_typo.patch to fix a couple of typos in one of the manpages

 -- Alessandro Ghedini <ghedo@debian.org>  Sat, 22 Jun 2013 15:46:53 +0200

curl (7.30.0-2) unstable; urgency=low

  * Move textual docs to the -doc package too
  * Move manpages from -dev packages to -doc as well
    - Add Breaks+Replaces accordingly
  * Remove outdated Replaces/Conflicts
  * Update watch file version to 3
  * Add 08_reset-timecond.patch (Closes: #705783)

 -- Alessandro Ghedini <ghedo@debian.org>  Fri, 10 May 2013 17:46:46 +0200

curl (7.30.0-1) unstable; urgency=low

  * New upstream release
  * Update upstream copyright years
  * Drop patches merged upstream:
    - 08_NULL-pointer-dereference-on-close.patch
    - 09_CVE-213-1944.patch
    - 10_test1218-another-cookie-tailmatch-test.patch
  * Update patches:
    - 03_keep_symbols_compat.patch
    - 90_gnutls.patch
    - 99_nss.patch
  * Add libcurl4-doc package:
    - Move *.pdf and *.html files to the libcurl4-doc package
    - Add Suggests for -doc package to -dev packages
    - Move examples to the -doc package
  * Add Build-Depends on python which is used by some tests

 -- Alessandro Ghedini <ghedo@debian.org>  Thu, 18 Apr 2013 12:55:09 +0200

curl (7.29.0-2.1) unstable; urgency=high

  * Non-maintainer upload.

  [ Alessandro Ghedini ]
  * Do not compress *.pdf files (Closes: #704093)

  [ Salvatore Bonaccorso ]
  * Add 09_CVE-213-1944.patch.
    Fix CVE-2013-1944: fix tailmatching to prevent cross-domain leakage.
    Cookies set for 'example.com' could accidentaly also be sent by libcurl
    to the 'bexample.com' (ie with a prefix to the first domain name).
    (Closes: #705274)
  * Add testcase for CVE-2013-1944.

 -- Salvatore Bonaccorso <carnil@debian.org>  Fri, 12 Apr 2013 13:55:34 +0200

curl (7.29.0-2) unstable; urgency=low

  * Fix a segfault when closing an unused multi handle (Closes: #701713)
  * Mention LDAPS in packages' long descriptions
  * Clean-up d/rules
    - Switch to short-form dh
    - Enable test suite on hurd and kfreebsd too
    - Enable GSSAPI support on hurd too

 -- Alessandro Ghedini <ghedo@debian.org>  Mon, 11 Mar 2013 19:02:56 +0100

curl (7.29.0-1) unstable; urgency=high

  * New upstream release
    - Fix buffer overflow when negotiating SASL DIGEST-MD5 authentication
      as per CVE-2013-0249 (Closes: #700002)
      http://curl.haxx.se/docs/adv_20130206.html
    - Set urgency=high accordingly
  * Install all the examples
  * Update 90_gnutls.patch and 99_nss.patch
  * Refresh patches
  * Correctly pass CPPFLAGS to ./configure
  * Upload to unstable

 -- Alessandro Ghedini <ghedo@debian.org>  Mon, 11 Feb 2013 14:48:03 +0100

curl (7.28.1-1) experimental; urgency=low

  * New upstream release
  * Drop 05_fix-git-over-https.patch and 08_fix-git-auth.patch
    (merged upstream)
  * Update 07_do-not-disable-debug-symbols.patch
  * Refresh patches
  * Add NEWS entry about change in CURLOPT_SSL_VERIFYHOST semantics

 -- Alessandro Ghedini <ghedo@debian.org>  Mon, 26 Nov 2012 17:51:27 +0100

curl (7.28.0-3) unstable; urgency=low

  * Add 07_do-not-disable-debug-symbols.patch, do not pass --enable-debug
    anymore (Closes: #693110)
  * Update 05_fix-git-over-https.patch to reflect new upstream patch
  * Add 08_fix-git-auth.patch to fix HTTPS authentication (Closes: #690764)

 -- Alessandro Ghedini <ghedo@debian.org>  Sat, 17 Nov 2012 14:07:21 +0100

curl (7.28.0-2) unstable; urgency=low

  * Add 05_fix-git-over-https.patch (Closes: #690551)
  * Add 06_always-disable-valgrind.patch (Closes: #690968)

 -- Alessandro Ghedini <ghedo@debian.org>  Mon, 22 Oct 2012 14:35:02 +0200

curl (7.28.0-1) unstable; urgency=low

  * New upstream release
    - gnutls: do not fail on non-fatal handshake errors (Closes: #685402)
  * Remove versioned build depends on libssh2 (already in stable)
  * Bump Standards-Version to 3.9.4 (no changes needed)
  * Refresh 01_runtests_gdb.patch
  * Update *.symbols files
  * Build depend on ca-certifcates to avoid test failure

 -- Alessandro Ghedini <ghedo@debian.org>  Thu, 11 Oct 2012 19:11:09 +0200

curl (7.27.0-1) unstable; urgency=low

  * New upstream release
  * Update upstream copyright
  * Refresh 01_runtests_gdb.patch, 90_gnutls.patch and 99_nss.patch

 -- Alessandro Ghedini <ghedo@debian.org>  Wed, 08 Aug 2012 17:22:00 +0200

curl (7.26.0-1) unstable; urgency=low

  * New upstream release
    - Reject numerical IPv6 addresses outside brackets (Closes: #670126)
  * Email change: Alessandro Ghedini -> ghedo@debian.org
  * Stricter Depends on libcurl3 (Closes: #666089)
  * Remove Ramakrishnan (as per his request), move myself to Maintainer
    Thank you for all your work so far
  * Disable memory tracking, but keep debug enabled
    - Remove memdebug symbols (used by curl only)
  * Refresh 01_runtests_gdb.patch, 90_gnutls.patch and 99_nss.patch
  * Disable not-quite-working symbols hiding

 -- Alessandro Ghedini <ghedo@debian.org>  Fri, 25 May 2012 15:19:51 +0200

curl (7.25.0-1) unstable; urgency=low

  * New upstream release
    - Add --ssl-allow-beast and CURLOPT_SSL_OPTIONS (Closes: #658276)
    - Allow negative numbers as option value (Closes: #659591)
  * Add libssh2-1-dev to libcurl4-gnutls-dev and libcurl4-nss-dev Depends
  * Bump debhelper compat level to 9
    - Make *.links files executable to simplify rules file
  * Pass --as-needed ld flag to avoid unneeded dependencies
    - Add workaround_as_needed_bug to workaround a libtool bug
    - Drop dont_link_to_krb5 (not needed because of --as-needed)
  * Do some clean-up in debian/rules
  * Update debian/copyright format as in Debian Policy 3.9.3
  * Bump Standards-Version to 3.9.3
  * Explicit Conflicts in -dev packages (fixes binaries-have-file-conflict)
  * Add openssh-server to build depends to enable some more tests
  * Update upstream copyright years
  * Refresh patches

 -- Alessandro Ghedini <al3xbio@gmail.com>  Fri, 23 Mar 2012 16:24:51 +0100

curl (7.24.0-1) unstable; urgency=high

  * New upstream release
    - Improve documentation for the --capath option (Closes: #628697)
    - Fix URL sanitization vulnerability as per CVE-2012-0036
      http://curl.haxx.se/docs/adv_20120124.html
    - Fix SSL CBC IV vulnerability as per CVE-2011-3389
      http://curl.haxx.se/docs/adv_20120124B.html
    - Set urgency=high accordingly
  * Remove curl_links_with_rt patch (curl links to librt anyway)
  * Improve descriptions of -dev and -dbg packages
  * Drop fix_manpage_spelling and versioned patches (merged upstream)
  * Refresh patches
  * Add keep_symbols_compat patch to not break backwards ABI compatibility
  * Enable libssh2 support for GnuTLS and NSS flavours too
    (libssh2 now uses libgcrypt instead of libssl)

 -- Alessandro Ghedini <al3xbio@gmail.com>  Tue, 24 Jan 2012 12:04:04 +0100

curl (7.23.1-3) unstable; urgency=low

  * Enable security hardening flags
  * Remove libdb-dev from B-D (not used)
  * Improve short and  long descriptions
  * Provide proper *.symbols files (Closes: #651619)
  * Do not version Curl_* symbols (for internal use only)
  * Do not override dh_makeshlibs version anymore

 -- Alessandro Ghedini <al3xbio@gmail.com>  Tue, 13 Dec 2011 19:55:31 +0100

curl (7.23.1-2) unstable; urgency=low

  * Bump shlibs version for libcurl3-nss (Closes: #650498)

 -- Alessandro Ghedini <al3xbio@gmail.com>  Thu, 01 Dec 2011 22:32:19 +0100

curl (7.23.1-1) unstable; urgency=low

  * New upstream release
    - Do not use gnutls_priority_set_direct and
      gnutls_certificate_type_set_priority anymore (Closes: #624024)
  * Refresh patches
  * Add --enable-debug flag to configure (Closes: #648902)
  * One Provides/Replaces per line
  * libcurl4-openssl-dev Provides libcurl4-dev too (Closes: #644126)
  * Specify only 3 components for Standards-Version
    (the fourth is not really needed)
  * Move ca-certificates to Recommends in lib* packages (Closes: #546607)
  * Add NSS flavour to versioned symbols

 -- Alessandro Ghedini <al3xbio@gmail.com>  Sun, 27 Nov 2011 18:45:01 +0100

curl (7.22.0-3) unstable; urgency=low

  [ Ramakrishnan Muthukrishnan ]
  * Add new Uploaders, Ian and Alessandro. (Closes: #647255)

  [ Luk Claes ]
  * Install lintian overrides with dh_lintian.
  * Install all files with dh_install and get rid of dh_installdirs.

  [ Alessandro Ghedini ]
  * New upstream release.
  * Bump debhelper compat level to 8.
  * debian/control:
    - One (Build-)Depends per line.
    - Sort (Build-)Depends.
    - Remove Build-Depends on binutils
      (v2.18 is already in oldstable and it is Build-Essential: yes).
    - Build depends on stunnel4 instead of stunnel
      (stunnel is just a dummy package).
    - Remove duplicate Section field in package curl.
    - Add Luk to Uploaders too, sort names.
  * debian/patches:
    - Update runtests_gdb patch, add DEP3 headers.
    - Update gnutls and nss patches, add DEP3 headers.
    - Refresh other patches.
    - Add DEP3 headers to all the patches.
    - Remove libtool patch (not applied anyway)
    - Set Forwarded: not-needed for Debian specific patches
  * Replace dh_clean -k call with dh_prep
    (dh_clean -k is deprecated since debhelper 7).
  * Add fix_manpage_spelling patch
  * debian/copyright:
    - Switch to DEP5 format
    - Update copyright information
  * Add librtmp-dev to libcurl4-nss-dev too

 -- Alessandro Ghedini <al3xbio@gmail.com>  Sun, 13 Nov 2011 21:07:32 +0100

curl (7.21.7-3) unstable; urgency=low

  * debian/rules: Build only curl and libcurl3 with rtmp support. Rest of the
    packages do not need to be built with rtmp support. (closes: #641173)

 -- Ramakrishnan Muthukrishnan <rkrishnan@debian.org>  Sun, 11 Sep 2011 22:08:08 +0200

curl (7.21.7-2) unstable; urgency=low

  * debian/control: libcurl*-dev packages should depend on librtmp-dev.
    (closes: #640260)
  * debian/rules: add build-arch and build-indep targets.

 -- Ramakrishnan Muthukrishnan <rkrishnan@debian.org>  Mon, 05 Sep 2011 16:12:42 +0200

curl (7.21.7-1) unstable; urgency=low

  * New Upstream release which fixes the following bugs.
    - libcurl3-gnutls: HTTPS over HTTP still broken in
      Git (closes: #627335)
    - git-core: gnutls_handshake() fail when using
      https:// over a proxy (closes: #559371)
  * debian/control: capitalize 'ftp'. (closes: #587338)
  * debian/rules: add build-arch and build-indep targets.

 -- Ramakrishnan Muthukrishnan <rkrishnan@debian.org>  Sat, 30 Jul 2011 17:57:08 +0530

curl (7.21.6-3) unstable; urgency=low

  * Apply the Multiarch patch from Steve Langasek.
    (closes: #631946)

 -- Ramakrishnan Muthukrishnan <rkrishnan@debian.org>  Wed, 29 Jun 2011 08:26:56 +0530

curl (7.21.6-2) unstable; urgency=high

  * Fix for the inappropriate GSSAPI delegation vulnerability (CVE-2011-2192).
    (closes: #631615)

 -- Ramakrishnan Muthukrishnan <rkrishnan@debian.org>  Sat, 25 Jun 2011 23:37:04 +0530

curl (7.21.6-1) unstable; urgency=low

  * New upstream release to fix a HTTPS over a HTTP proxy bug on 7.21.5.

 -- Ramakrishnan Muthukrishnan <rkrishnan@debian.org>  Sat, 23 Apr 2011 07:12:57 +0530

curl (7.21.5-1) unstable; urgency=low

  * New Upstream version. (closes: #623459)
  * debian/patches/{sslv2_disable, error_code}: removed as these
    patches were backported earlier from new upstream and this
    release incorporates them.

 -- Ramakrishnan Muthukrishnan <rkrishnan@debian.org>  Fri, 22 Apr 2011 13:14:41 +0530

curl (7.21.4-2) unstable; urgency=low

  * debian/patches/{sslv2-disable, series}: Apply the
    upstream commit c66b0b32fba175d5f096c944d8ec8f9f06299f4a.
    (closes: #622016)
  * debian/{rules, control}: enable rtmp. (closes: #622328)
  * debian/control: removing hurd from dependencies. Hurd is
    an 'essential' package.

 -- Ramakrishnan Muthukrishnan <rkrishnan@debian.org>  Wed, 13 Apr 2011 16:15:27 -0700

curl (7.21.4-1) unstable; urgency=low

  * New upstream release.
  * debian/control: downgraded the version number of libdb-dev required
    to 4.6 from 4.7, based on the inputs from Erik Schanze <schanzi_@gmx.de>.

 -- Ramakrishnan Muthukrishnan <rkrishnan@debian.org>  Mon, 28 Feb 2011 19:35:36 +0530

curl (7.21.3-1) unstable; urgency=low

  * New upstream release.
  * debian/*.manpages: adding all manpages for the curl library.
    (closes: #605651)
  * gnutls->handshake: improved timeout handling. See #594150 for details.

 -- Ramakrishnan Muthukrishnan <rkrishnan@debian.org>  Wed, 15 Dec 2010 23:39:26 +0530

curl (7.21.2-4) unstable; urgency=low

  * support for curl library built against nss.
    (closes: #606244)
  * honour DEB_BUILD_OPTIONS=nocheck option.
    (closes: #606059)

 -- Ramakrishnan Muthukrishnan <rkrishnan@debian.org>  Thu, 09 Dec 2010 20:11:37 +0530

curl (7.21.2-3) unstable; urgency=low

  * debian/rules: reverting changes related to c-ares inclusion.
  * debian/control: removing libc-ares-dev for now.
    (closes: #605558)

 -- Ramakrishnan Muthukrishnan <rkrishnan@debian.org>  Thu, 02 Dec 2010 10:56:36 +0530

curl (7.21.2-2) unstable; urgency=low

  * debian/control: add libc-ares-dev as build dependency.
  * debian/rules: invoke configure with --enable-ares.
    (closes: #570436)
  * debian/copyright: add copyright notice of `lib/security.c'
    to the copyright file. (closes: #603712)

 -- Ramakrishnan Muthukrishnan <rkrishnan@debian.org>  Tue, 30 Nov 2010 17:35:29 +0530

curl (7.21.2-1) unstable; urgency=low

  * New upstream release.

 -- Ramakrishnan Muthukrishnan <rkrishnan@debian.org>  Mon, 18 Oct 2010 11:13:17 +0530

curl (7.21.1-1) unstable; urgency=low

  * New upstream release.

 -- Ramakrishnan Muthukrishnan <rkrishnan@debian.org>  Thu, 12 Aug 2010 08:20:48 +0530

curl (7.21.0-1) unstable; urgency=low

  * New upstream.

 -- Ramakrishnan Muthukrishnan <rkrishnan@debian.org>  Wed, 16 Jun 2010 19:25:37 +0530

curl (7.20.1-2) unstable; urgency=low

  * debian/rules: Removed the custom LDFLAGS variable. This is not
    required as we are no longer using the libtool patch.
    (closes: #578774)

 -- Ramakrishnan Muthukrishnan <rkrishnan@debian.org>  Wed, 28 Apr 2010 18:40:27 +0530

curl (7.20.1-1) unstable; urgency=low

  * New upstream release.
  * debian/patches/missing-double-quote: No longer needed as it has been
    fixed by the upstream.
  * debian/patches/no_com_err: Reworked the patches for the new release.
  * debian/patches/versioned: fix for build failure of 'make test'.
    (closes: #576237)
  * debian/rules: removed --enable-ldaps option from the configure as LDAP
    SSL (Novell extensions to openldap) is not available as Debian packages.
  * lib/http.c: chunked-encoding with Content-Length header problem has
    been fixed in the upstream. (closes: #572276)

 -- Ramakrishnan Muthukrishnan <rkrishnan@debian.org>  Mon, 19 Apr 2010 09:21:35 +0530

curl (7.20.0-3) unstable; urgency=low

  * debian/control: Vcs* tags added.
  * docs/libcurl/libcurl.m4: added the missing double quote (closes: #576518).

 -- Ramakrishnan Muthukrishnan <rkrishnan@debian.org>  Mon, 05 Apr 2010 18:56:40 +0530

curl (7.20.0-2) unstable; urgency=low

  * New Maintainer (closes: #574137).
  * Bug #533669 (curl segmentation fault in addbyter()) is fixed
    from release 7.19.7 onwards (closes: #533669).
  * Bug #510559 (curl sends whitespace unencoded in the url) can't
    be reproduced in the 7.20.0 release (closes: #510559).

 -- Ramakrishnan Muthukrishnan <rkrishnan@debian.org>  Thu, 18 Mar 2010 08:55:19 +0530

curl (7.20.0-1) unstable; urgency=low

  * Package is orphaned.
  * New upstream release.
  * Switch to dpkg-source 3.0 (quilt) format (closes: #538547).
  * Fixed build error with binutils-gold (closes: #554296).

 -- Domenico Andreoli <cavok@debian.org>  Tue, 09 Feb 2010 13:06:39 +0100

curl (7.19.7-1) unstable; urgency=low

  * New upstream release:
    - curl_getdate(3) now correctly manages single letter military
      timezones as specified in RFC 822 (closes: #551461).
  * build depends on generic libdb-dev (closes: #548476).
  * build depends on libssh2-1-dev (>= 1.2) to enable new curl options.

 -- Domenico Andreoli <cavok@debian.org>  Thu, 05 Nov 2009 10:11:57 +0100

curl (7.19.5-1) unstable; urgency=low

  * New upstream release
  * Fix "libcurl3-gnutls has memory corruption" by upgrading to new upstream
    release, which fixes this bug (Closes: #530131)
  * update standards version to 3.8.1
  * adjust overrides from libdevel to debug for -dbg package
  * adjust doc-base section

 -- Andreas Schuldei <andreas@debian.org>  Sun, 24 May 2009 21:12:19 +0200

curl (7.19.4-1) unstable; urgency=low

  * New upstream release
  * Fix "newer bdb version" <explain what you changed and why>
    (Closes: #517277)
  * resolve libtool version confusion, thanks to
    Stefanos Harhalakis <v13@v13.gr>
  * add new dependency on libgcrypt11-dev due to newly arising binary symbols

 -- Andreas Schuldei <andreas@debian.org>  Thu, 02 Apr 2009 23:35:45 +0200

curl (7.18.2-8lenny1) stable-security; urgency=high

  * Applied upstream patch to fix arbitrary file access (CVE-2009-0037).

 -- Domenico Andreoli <cavok@debian.org>  Tue, 03 Mar 2009 10:29:03 +0100

curl (7.18.2-8) unstable; urgency=low

  * Fix "Please add support for ldap/ldaps protocols"
    by changing the linker option for liblber (Closes: #506096)

 -- Andreas Schuldei <andreas@debian.org>  Fri, 26 Dec 2008 23:48:19 +0100

curl (7.18.2-7) unstable; urgency=low

  * disable c-ares support again, no fix yet, just get stuff working again.

 -- Andreas Schuldei <andreas@debian.org>  Tue, 15 Jul 2008 01:17:29 +0200

curl (7.18.2-6) unstable; urgency=low

  * enable c-ares support, with ipv6 support

 -- Andreas Schuldei <andreas@debian.org>  Fri, 11 Jul 2008 02:05:16 +0200

curl (7.18.2-5) unstable; urgency=low

  * /usr/lib/pkgconfig/libcurl.pc: "pkg-config --libs libcurl" returns
    "-Wl, -z, defs" (Closes: #488701), closing same bug again for
    curl-config --libs  command

 -- Andreas Schuldei <andreas@jesaja.schuldei.org>  Wed, 02 Jul 2008 11:24:40 +0200

curl (7.18.2-4) unstable; urgency=medium

  * /usr/lib/pkgconfig/libcurl.pc: "pkg-config --libs libcurl" returns
    "-Wl, -z, defs" (Closes: #488701)

 -- Andreas Schuldei <andreas@debian.org>  Mon, 30 Jun 2008 23:59:55 +0200

curl (7.18.2-3) unstable; urgency=low

  * removing c-ares from the dependencies

 -- Andreas Schuldei <andreas@debian.org>  Sat, 28 Jun 2008 03:34:50 +0200

curl (7.18.2-2) unstable; urgency=medium

  * blanking the "dependency_libs" line in lib*.la file to keep all the listed libs
    from being linked to other libs linking to curl.
  * fixing miss-linking problem by specifying liblber as a configure argument
  * disabling c-ares again for stability reasons
  * correcting libgssapi linking in configure.ac (patch no_com_err)

 -- Andreas Schuldei <andreas@debian.org>  Fri, 27 Jun 2008 03:40:18 +0200

curl (7.18.2-1e1) experimental; urgency=low

  * testing c-ares-ipv6 integration patch

 -- Andreas Schuldei <andreas@debian.org>  Mon, 23 Jun 2008 08:48:31 +0200

curl (7.18.2-1) unstable; urgency=low

  * New upstream release:
    - removed patches/ftp-response, it is already in the upstream release
    - fixed issues with kerberos ftp (closes: #478864).
  * Disable c-ares support, it is still not ready for Debian's wide
    user base (closes: #478864, #481189).
  * Standards-Version bumped to 3.8.0:
    - added support for parallel builds to debian/rules
  * Removal of $QUILT_PC's override makes this package ready for new
    source format 3.0 (quilt) (closes: #485023).
  * Configure build with --with-ca-path but only for OpenSSL flavour,
    GnuTLS supports only --with-ca-bundle (closes: #482814, #483999).
    Both libcurl3 and libcurl3-gnutls now depend on ca-certificates.

 -- Domenico Andreoli <cavok@debian.org>  Mon, 09 Jun 2008 14:09:42 +0200

curl (7.18.1-1) unstable; urgency=low

  * New upstream release.
  * Fixed crossbuilding bug (closes: #465089).
  * Improved error reporting in case of failing FTP (closes: #474224).
  * Enable c-ares support (closes: #352694).
  * libcurl3-dbg now depends on either libcurl3 or libcurl3-gnutls
    (closes: #463173).

 -- Domenico Andreoli <cavok@debian.org>  Thu, 17 Apr 2008 10:22:28 +0200

curl (7.18.0-1) unstable; urgency=low

  * New upstream release.
  * Use Homepage field in debian/control.

 -- Domenico Andreoli <cavok@debian.org>  Tue, 29 Jan 2008 02:16:25 +0100

curl (7.17.1-1) unstable; urgency=low

  * New upstream release:
    - fixed bad use of "its" in curl.1 (closes: #443734)
    - fixed curl_easy_escape() with input bytes that are >= 0x80
      (closes: #445214)

 -- Domenico Andreoli <cavok@debian.org>  Wed, 31 Oct 2007 01:12:54 +0100

curl (7.17.0-1) unstable; urgency=low

  * New upstream release.
  * Updated to use libssh2-1-dev (closes: #441979, #442198).
  * Do not run the test suite on hurd (closes: #433834).
  * Enabled support for LDAPS protocol.

 -- Domenico Andreoli <cavok@debian.org>  Fri, 14 Sep 2007 00:24:21 +0200

curl (7.16.4-5) unstable; urgency=low

  * libcurl4-openssl-dev now depends on libssh2-0-dev.
    closes: #439317, #439326.

 -- Domenico Andreoli <cavok@debian.org>  Fri, 24 Aug 2007 18:13:17 +0200

curl (7.16.4-4) unstable; urgency=low

  * Build libcurl/GnuTLS without libssh2 because of the usual OpenSSL
    vs. GPL software lincense conflict (closes: #439176).

 -- Domenico Andreoli <cavok@debian.org>  Thu, 23 Aug 2007 23:47:35 +0200

curl (7.16.4-3) unstable; urgency=low

  * Added support for scp and SFTP protocols.

 -- Domenico Andreoli <cavok@debian.org>  Wed, 22 Aug 2007 00:48:32 +0200

curl (7.16.4-2) unstable; urgency=low

  * Fixed regression with FTP sites not requesting PASS (closes: #435771).

 -- Domenico Andreoli <cavok@debian.org>  Sat, 04 Aug 2007 02:04:40 +0200

curl (7.16.4-1) unstable; urgency=low

  * New upstream release (closes: #432514).
  * Welcome Andreas to the curl packagers!
  * Build-Depends is now more backporting friendly.

 -- Domenico Andreoli <cavok@debian.org>  Wed, 18 Jul 2007 16:44:30 +0200

curl (7.16.2-6) unstable; urgency=low

  * Added missing libcurl3 symlinks (closes: #429945)
    Patch courtesy of Bryan Donlan.

 -- Domenico Andreoli <cavok@debian.org>  Sat, 23 Jun 2007 00:39:20 +0200

curl (7.16.2-5) unstable; urgency=low

  [ Steve Langasek ]
  * Re-introduce curl3 symbol versions and rename the packages back to
    libcurl3*, restoring ABI compatibility with the etch version of the
    package.

  [ Domenico Andreoli ]
  * Package libcurl4-gnutls-dev now suggests libcurl3-dbg.
  * libcurl3-dbg replaces/conflict/provide libcurl4-dbg.
  * Properly use ${binary:Version} in control file.

 -- Domenico Andreoli <cavok@debian.org>  Wed, 20 Jun 2007 17:52:38 +0200

curl (7.16.2-4) unstable; urgency=low

  * Fixed configure.ac in case of build with GNUTLS (closes: #425013).
  * Fixed double-free bug (closes: #424894).
    Patch courtesy of Daniel Stenberg.

 -- Domenico Andreoli <cavok@debian.org>  Sun, 20 May 2007 01:15:01 +0200

curl (7.16.2-3) unstable; urgency=low

  * Updated to db4.5 (closes: #421933).
  * Got rid of unused libcomerr2 dependency (closes: #392294).

 -- Domenico Andreoli <cavok@debian.org>  Tue, 08 May 2007 08:46:21 +0200

curl (7.16.2-2) experimental; urgency=low

  * Improved package descriptions (closes: #410472).
  * Updated package Provides to ease the soname transition.

 -- Domenico Andreoli <cavok@debian.org>  Fri, 27 Apr 2007 15:37:44 +0200

curl (7.16.2-1) experimental; urgency=low

  * New upstream release.
  * libcurl4-openssl-dev now depends on libcurl4-openssl (closes: #419774).
  * Bumped shlibs version to 7.16.2-1.
  * Patches are now managed with quilt.

 -- Domenico Andreoli <cavok@debian.org>  Wed, 18 Apr 2007 09:29:48 +0200

curl (7.16.1-1) experimental; urgency=low

  * New upstream release.
  * Bumped shlibs version to 7.16.1-1.
  * Added HIDDEN section to version script to handle any __*, _rest or
    _save* local symbol.
  * Gopher protocol is not supported since 7.15.2. Removed any reference
    in package description (closes: #408704).
  * Moved libcurl/openssl to the new package libcurl4-openssl, now
    libcurl4 contains a version with no SSL or GSSAPI support (any
    future cryptographic stuff will be kept out of there).
  * Package libcurl4-dev now contains the matching headers for libcurl4
    (so crypto stuff).

 -- Domenico Andreoli <cavok@debian.org>  Thu,  1 Feb 2007 12:49:32 +0100

curl (7.16.0-1) experimental; urgency=low

  * New upstream release.
  * Bumped shlibs version to 7.16.0-1.
  * libcurl4 and libcurl4-gnutls now only recommend ca-certificates
    (closes: #404103).
  * pkg-config .pc file now uses Libs.private (closes: #405226).

 -- Domenico Andreoli <cavok@debian.org>  Fri, 26 Jan 2007 14:26:55 +0100

curl (7.15.5-1) unstable; urgency=low

  * New upstream release:
    - fixed nodes removal from the splay tree (closes: #375076).
  * Make package build also if $TAPE is set (closes: #377470).
  * Bumped shlibs version to 7.15.5-1.

 -- Domenico Andreoli <cavok@debian.org>  Mon,  7 Aug 2006 10:26:13 +0200

curl (7.15.4-1ubuntu1) edgy; urgency=low

  * Synchronize to Debian. Only change left: Removal of stunnel and
    libdb4.2-dev build dependencies.

 -- Martin Pitt <martin.pitt@ubuntu.com>  Thu, 29 Jun 2006 15:04:24 +0200

curl (7.15.4-1) unstable; urgency=low

  * New upstream release.
  * Bumped shlibs version to 7.15.4-1.

 -- Domenico Andreoli <cavok@debian.org>  Wed, 14 Jun 2006 14:41:16 +0200

curl (7.15.3-2) unstable; urgency=low

  * Fixed bug in configure.ac that makes FTBFS (closes: #367954).

 -- Domenico Andreoli <cavok@debian.org>  Wed, 31 May 2006 15:18:26 +0200

curl (7.15.3-1) unstable; urgency=high

  * New upstream release:
    - fixed TFTP packet buffer overflow vulnerability
      [lib/tftp.c, CVE-2006-1061].
    - improved curl_getenv.3 manpage grammar (closes: #357388).

 -- Domenico Andreoli <cavok@debian.org>  Mon, 20 Mar 2006 11:46:25 +0100

curl (7.15.2-3) unstable; urgency=low

  * Applied upstream patch to fix multi interface and multi-part formposts
    (closes: #355715).
  * Build back with -O2, gcc 4.0.2-10 fixed the previously trigged bug.

 -- Domenico Andreoli <cavok@debian.org>  Wed,  8 Mar 2006 15:29:15 +0100

curl (7.15.2-2) unstable; urgency=low

  * Added missing autotools invocation. Re-added versioned symbols
    (closes: #355241).
  * Bumped shlibs version to 7.15.2-2.
  * Build with -O3 to work around sospicious segfaults on tests 253
    and 255.

 -- Domenico Andreoli <cavok@debian.org>  Sat,  4 Mar 2006 22:47:23 +0100

curl (7.15.2-1) unstable; urgency=low

  * New upstream release.
  * Bumped shlibs version to 7.15.2-1.
  * Adopted debhelper's compatibility level 5.

 -- Domenico Andreoli <cavok@debian.org>  Wed,  1 Mar 2006 16:12:51 +0100

curl (7.15.1-1ubuntu2) dapper; urgency=low

  * SECURITY UPDATE: Arbitrary remote code execution with long tftp:// URLs.
  * lib/tftp.c: Fix unbounded sprintf() to avoid buffer overflow. Thanks to
    Ulf Harnhammar for discovering this.
  * CVE-2006-1061

 -- Martin Pitt <martin.pitt@ubuntu.com>  Thu, 16 Mar 2006 11:30:25 +0100

curl (7.15.1-1ubuntu1) dapper; urgency=low

  * Resynchronise with Debian to get URL parser overflow fix from 7.15.1
    (CVE-2005-4077).

 -- Martin Pitt <martin.pitt@ubuntu.com>  Mon, 12 Dec 2005 15:04:52 +0100

curl (7.15.1-1) unstable; urgency=low

  * New upstream release:
    - fixed buffer overflow in URL parser function (closes: #342339).

 -- Domenico Andreoli <cavok@debian.org>  Wed,  7 Dec 2005 11:11:38 +0100

curl (7.15.0-5.1) unstable; urgency=high

  * Non-maintainer upload.
  * Urgency high for RC bug fix.
  * Let libcurl3-*-dev depend on libkrb5-dev (closes: #340784, #340916).

 -- Luk Claes <luk@debian.org>  Sun,  4 Dec 2005 11:59:20 +0100

curl (7.15.0-5) unstable; urgency=low

  * libcurl3-gnutls-dev and libcurl3-openssl-dev now only recommend
    libkrb5-dev (closes: #334888).
  * Applied upstream patch to fix error message in case FTP-path does
    not exist (closes: #338680).
  * Applied upstream patch to fix parsing of --limit-rate command line
    option (closes: #338681).

 -- Domenico Andreoli <cavok@debian.org>  Fri, 25 Nov 2005 10:30:25 +0100

curl (7.15.0-4ubuntu1) dapper; urgency=low

  * Resynchronise with Debian (only change left: Removal of stunnel build
    dependency).
  * Remove libdb4.2-dev build dependency.

 -- Martin Pitt <martin.pitt@ubuntu.com>  Thu, 10 Nov 2005 17:44:35 -0500

curl (7.15.0-4) unstable; urgency=low

  * Fixed output of curl-config --vernum (closes: #335296).
  * libcurl3-openssl-dev now replaces libcurl3-dev older than 7.14.1-1
    (closes: #335277).

 -- Domenico Andreoli <cavok@debian.org>  Tue, 25 Oct 2005 11:48:53 +0200

curl (7.15.0-3) unstable; urgency=low

  * libcurl3 and libcurl3-gnutls now suggest libldap2 (closes: #294407).

  * Re-introduced libcurl3-dev package for transition reasons.

 -- Domenico Andreoli <cavok@debian.org>  Wed, 19 Oct 2005 12:45:43 +0200

curl (7.15.0-2) unstable; urgency=low

  * Fixed depends of libcurl3-*-dev packages (closes: #334021, #333609, #334048).
  * Bumped shlibs version to 7.15.0-1 (closes: #334053).

 -- Domenico Andreoli <cavok@debian.org>  Sun, 16 Oct 2005 15:34:40 +0200

curl (7.15.0-1) unstable; urgency=low

  * New upstream release:
    - fixed user+domain name buffer overflow in the NTLM code
      (CAN-2005-3185, closes: #333734).
    - libcurl3-*-dev packages now depend on libkrb5-dev (closes: #333609).
    - improved docs about curl_easy_setopt() and ERRORBUFFER (closes: #329313).

 -- Domenico Andreoli <cavok@debian.org>  Fri, 14 Oct 2005 13:32:06 +0200

curl (7.14.1-5) unstable; urgency=low

  * Added build dependency on libtool (closes: #332729, #333174).

 -- Domenico Andreoli <cavok@debian.org>  Tue, 11 Oct 2005 10:05:36 +0200

curl (7.14.1-4) unstable; urgency=low

  * Fixed SEE ALSO section in curl_excape.3 (closes: #331505).
  * Fixed configure.ac when --host=i586-mingw32msvc is given (closes: #329444).
  * Added missing example files (closes: #331722).
  * Updated build dependency for OpenSSL 0.9.8 transition.

 -- Domenico Andreoli <cavok@debian.org>  Mon, 10 Oct 2005 12:43:25 +0200

curl (7.14.1-3) experimental; urgency=low

  * Fixed soname of libcurl-gnutls.so* variant.
  * Fixed broken sentence (closes: #329305).
  * Fixed reference to TheArtOfHttpScripting.gz (closes: #329299).
  * Added clarification about WRITEFUNCTION and WRITEDATA (closes: #329311).

 -- Domenico Andreoli <cavok@debian.org>  Wed, 28 Sep 2005 17:13:51 +0200

curl (7.14.1-2) experimental; urgency=low

  * Started using the system-wide CA certificate file (closes: #308514).
  * Fixed apostrophe typos in the curl man page (closes: #326511).
  * Only curl_* symbols are now globally visible outside of libcurl.

 -- Domenico Andreoli <cavok@debian.org>  Sat, 17 Sep 2005 23:52:28 +0200

curl (7.14.1-1) experimental; urgency=low

  * New upstream release.
  * libcurl3-gnutls has a modified soname and may be installed together
    with libcurl3 (closes: #318590).
  * Both libcurl3 and libcurl3-gnutls are built with versioned symbols
    and with support of GSSAPI authentication.
  * Renamed libcurl3-dev to libcurl3-openssl-dev.
  * Dropped package libcurl3-gssapi.

 -- Domenico Andreoli <cavok@debian.org>  Thu, 15 Sep 2005 23:59:32 +0200

curl (7.14.0-5) unstable; urgency=low

  * Added libcurl3-gnutls and libcurl3-gnutls-dev packages (closes: #318590).
  * libcurl3-gssapi now has its own shlibs file. Packages built with this
    package installed will depend on it.

 -- Domenico Andreoli <cavok@debian.org>  Thu, 18 Aug 2005 02:26:38 +0200

curl (7.14.0-4) unstable; urgency=low

  * OpenSSL is back (closes: #321294, #321391).

 -- Domenico Andreoli <cavok@debian.org>  Fri,  5 Aug 2005 23:34:45 +0200

curl (7.14.0-3) unstable; urgency=low

  * Updated the use of dpkg-architecture (closes: #320046).
  * Added missing aclocal file libcurl.m4 to libcurl3-dev (closes: #315848).
  * Added (many) missing man pages (closes: #315850).
  * OpenSSL is replaced by GnuTLS in providing SSL support (closes: #318590).
  * Heimdal is replaced by MIT Kerberos in providing GSSAPI support.

 -- Domenico Andreoli <cavok@debian.org>  Tue,  2 Aug 2005 22:34:01 +0200

curl (7.14.0-2ubuntu1) breezy; urgency=low

  * Synchronize with Debian.

 -- Matthias Klose <doko@ubuntu.com>  Tue, 26 Jul 2005 19:03:01 +0200

curl (7.14.0-2) unstable; urgency=low

  * Rebuilt and uploaded to unstable.

 -- Domenico Andreoli <cavok@debian.org>  Wed, 15 Jun 2005 11:41:32 +0200

curl (7.14.0-1) experimental; urgency=low

  * New upstream release.

 -- Domenico Andreoli <cavok@debian.org>  Tue, 17 May 2005 10:42:35 +0200

curl (7.13.2-3) unstable; urgency=high

  * HTTP response headers with null bytes are now correctly managed
    (closes: #310948).

 -- Domenico Andreoli <cavok@debian.org>  Fri,  3 Jun 2005 23:59:30 +0200

curl (7.13.2-2) unstable; urgency=low

  * Fixed conditional build of package libcurl3-gssapi
    (closes: #303939, #303953).

 -- Domenico Andreoli <cavok@debian.org>  Mon, 11 Apr 2005 19:00:27 +0200

curl (7.13.2-1) unstable; urgency=low

  * New upstream release:
    - fixed curl man page typos (closes: #302820).

 -- Domenico Andreoli <cavok@debian.org>  Tue,  5 Apr 2005 14:41:13 +0200

curl (7.13.1-3) unstable; urgency=low

  * Fixed hanging of some SSL connections (closes: #302366).

 -- Domenico Andreoli <cavok@debian.org>  Thu, 31 Mar 2005 16:27:41 +0200

curl (7.13.1-2) unstable; urgency=low

  * Rebuilt to get the correct libidn11 dependency (closes: #299348).
  * Added some missing documentation files (closes: #298855).

 -- Domenico Andreoli <cavok@debian.org>  Wed, 16 Mar 2005 14:30:03 +0100

curl (7.13.1-1) unstable; urgency=low

  * New upstream release.
  * Bumped up shlibs version for libcurl3 because of new curl options.

 -- Domenico Andreoli <cavok@debian.org>  Fri,  4 Mar 2005 16:03:17 +0100

curl (7.13.0-2) unstable; urgency=high

  * Fixed NTLM Authentication buffer overflow (closes: #296678).
    Patch courtesy of Daniel Stenberg. This handles CAN-2005-0490.
  * Removed libcurl2* packages and all the scary stuff used to build them
    (closes: #274631).

 -- Domenico Andreoli <cavok@debian.org>  Thu, 24 Feb 2005 10:07:22 +0100

curl (7.13.0-1) unstable; urgency=low

  * New upstream release.
  * libcurl3 now suggests package libldap2-dev to enable support for
    LDAP protocol.
  * Bumped up shlibs version for libcurl3 because of new curl options.

 -- Domenico Andreoli <cavok@debian.org>  Sat,  5 Feb 2005 10:39:52 +0100

curl (7.12.3-2ubuntu3) hoary; urgency=low

  * Fix the version numbers internal to debian/rules.  Closes; #8088

 -- LaMont Jones <lamont@ubuntu.com>  Wed, 23 Mar 2005 18:41:29 -0700

curl (7.12.3-2) unstable; urgency=low

  * Disabled test suite on m68k, it stalls.

 -- Domenico Andreoli <cavok@debian.org>  Thu, 30 Dec 2004 11:11:48 +0100

curl (7.12.3-1) unstable; urgency=low

  * New upstream release:
    - fixed debug tracing to network socket is stderr is closed
      (closes: #278691).
  * Applied patch to fix getpass license problems (closes: #286794).
    Patch courtesy of Daniel Stenberg.
  * Bumped up shlibs version for libcurl3 because of new curl options.

 -- Domenico Andreoli <cavok@debian.org>  Mon, 27 Dec 2004 12:50:30 +0100

curl (7.12.2-2) unstable; urgency=low

  * libcurl3-dbg package is now built by dh_strip --dbg-package
    (closes: #274710).
  * Added build dependency on libdb4.2-dev.

 -- Domenico Andreoli <cavok@debian.org>  Thu,  4 Nov 2004 11:36:17 +0100

curl (7.12.2-1) unstable; urgency=low

  * New upstream release.
  * Update diff to 7.11.2.
  * Add debian/watch file.
  * Add myself as a uploader.

 -- Matthias Klose <doko@debian.org>  Wed,  3 Nov 2004 00:55:52 +0100

curl (7.12.1-1) unstable; urgency=low

  * New upstream release:
    - workaround for ASN1_STRING_to_UTF8 failing if input is already
      UTF-8 encoded (closes: #264711).
  * Bumped up shlibs version for libcurl3 because of the introduction
    of FTP 3rd party transfer support options.

 -- Domenico Andreoli <cavok@debian.org>  Tue, 10 Aug 2004 11:40:29 +0200

curl (7.12.0.rel-6) unstable; urgency=low

  * In rebuilding the 7.11.2 tree starting from the 7.12.0 one,
    lib/getdate.y is patched before lib/getdate.c (closes: #262597).

 -- Domenico Andreoli <cavok@debian.org>  Sun,  1 Aug 2004 17:59:57 +0200

curl (7.12.0.rel-5) unstable; urgency=low

  * Tests are performed only if build target and building host are the
    same and are not kfreebsd-gnu or knetbsd-gnu (closes: #261591).
  * On hurd-i386 libcurl3-gssapi is not built.

 -- Domenico Andreoli <cavok@debian.org>  Thu, 29 Jul 2004 15:17:51 +0200

curl (7.12.0.rel-4) unstable; urgency=low

  * Added build dependency on groff-base to really build the built-in
    manual.
  * libcurl3 now replaces old libcurl2 versions (closes: #255262).

 -- Domenico Andreoli <cavok@debian.org>  Tue, 20 Jul 2004 11:40:09 +0200

curl (7.12.0.rel-3) unstable; urgency=low

  * Enabled curl's built-in manual.
  * configure script for 7.11.2 is now managed correctly.

 -- Domenico Andreoli <cavok@debian.org>  Sun, 18 Jul 2004 22:25:00 +0200

curl (7.12.0.rel-2) unstable; urgency=low

  * libcurl2 uses curl-ca-bundle-7.11.2.crt (closes: #255262).
    Yes, it is a hack to not add libcurl-common package right now.

 -- Domenico Andreoli <cavok@debian.org>  Sun, 18 Jul 2004 16:40:45 +0200

curl (7.12.0.rel-1) experimental; urgency=low

  * Version 7.12.0 is back with proper libcurl3* packages.
  * libcurl2* 7.11.2 packages are still provided (closes: #252879).
  * Enabled again the support for libidn.

 -- Domenico Andreoli <cavok@debian.org>  Sun,  6 Jun 2004 23:09:33 +0200

curl (7.12.0.is.7.11.2-1) unstable; urgency=low

  * Reverted to version 7.11.2 (closes: #252348).
  * Disabled support for libidn (closes: #252367). This is to leave
    curl in unstable as much similar as possible to the one in testing.

 -- Domenico Andreoli <cavok@debian.org>  Fri,  4 Jun 2004 19:09:25 +0200

curl (7.12.0-1) unstable; urgency=low

  * New upstream release:
    - fixed minor man page problem (closes: #232928)
    - improved --create-dirs description in curl man page (closes: #251351)
  * Enabled support for libidn.

 -- Domenico Andreoli <cavok@debian.org>  Wed,  2 Jun 2004 18:06:05 +0200

curl (7.11.2-2) unstable; urgency=low

  * Fixed curl.1 man page (closes: #232928).
    Patch courtesy of Daniel Stenberg, the upstream developer.

 -- Domenico Andreoli <cavok@debian.org>  Tue, 27 Apr 2004 19:47:09 +0200

curl (7.11.2-1) unstable; urgency=low

  * New upstream release.
  * Bumped up shlibs version because of the introduction of
    CURLOPT_TCP_NODELAY option.

 -- Domenico Andreoli <cavok@debian.org>  Mon, 26 Apr 2004 14:14:20 +0200

curl (7.11.1-2) unstable; urgency=low

  * Added GSSAPI support to package libcurl2-gssapi (closes: #241553).

 -- Domenico Andreoli <cavok@debian.org>  Fri,  2 Apr 2004 18:03:15 +0200

curl (7.11.1-1) unstable; urgency=low

  * New upstream release.
  * Bumped up shlibs version because of the introduction of
    CURLOPT_POSTFIELDSIZE_LARGE option.

 -- Domenico Andreoli <cavok@debian.org>  Fri, 19 Mar 2004 11:39:07 +0100

curl (7.11.0-4) unstable; urgency=low

  * Applied fix from upstream's CVS which adds another CRLF in
    chunked-transfers.

 -- Domenico Andreoli <cavok@debian.org>  Sun,  1 Feb 2004 13:19:02 +0100

curl (7.11.0-3) unstable; urgency=low

  * "Fixed" build process, now the right file is searched for CA
    certificates (closes: #228182).

 -- Domenico Andreoli <cavok@debian.org>  Sat, 31 Jan 2004 20:06:10 +0100

curl (7.11.0-2) unstable; urgency=low

  * Test suite is still performed but is not critical for the build
    being successful any more.

 -- Domenico Andreoli <cavok@debian.org>  Fri, 30 Jan 2004 13:03:03 +0100

curl (7.11.0-1) unstable; urgency=low

  * New upstream release.

 -- Domenico Andreoli <cavok@debian.org>  Sun, 25 Jan 2004 17:50:43 +0100

curl (7.10.8+7.11.0-pre1-1) unstable; urgency=low

  * New upstream pre-release:
    - proxy+ssl now passes post variables (closes: #222901)
    - various test case problems exposed in #222140 should now be fixed.
  * Bumped up shlibs version because of the introduction of
    CURLOPT_NETRC_FILE and CURLOPT_FTP_SSL options in libcurl.

 -- Domenico Andreoli <cavok@debian.org>  Wed, 14 Jan 2004 17:35:46 +0100

curl (7.10.8-1) unstable; urgency=low

  * New upstream release:
    - fixed LDAP support (closes: #149609)
    - cleaner environment for testsuite execution (closes: #210253)
    - fixed lib/Makefile.am's use of LDFLAGS (closes: #212086)
    - fixed name clash in curl.h with respect to unistd.h (closes: #213180)
    - fixed typo in curl manpage (closes: #218046).
  * Bumped up shlibs version because of new libcurl options.
  * Added stunnel to the Build-Depends in order to enable SSL test cases.

 -- Domenico Andreoli <cavok@debian.org>  Mon,  3 Nov 2003 10:26:12 +0100

curl (7.10.7-2) unstable; urgency=low

  * Fixed bug in cache_resolv_response on alpha and ia64 (closes: #207174).
    Patch courtesy of Jurij Smakov.

 -- Domenico Andreoli <cavok@debian.org>  Mon,  8 Sep 2003 21:55:46 +0200

curl (7.10.7-1) unstable; urgency=low

  * New upstream release.
  * Bumped up shlibs version because of the introduction of CURLOPT_PROXYAUTH
    and CURLOPT_FTP_CREATE_MISSING_DIRS options in libcurl.

 -- Domenico Andreoli <cavok@debian.org>  Mon, 18 Aug 2003 00:19:43 +0200

curl (7.10.6-3) unstable; urgency=low

  * Applied patch to fix test 60 on ia64.

 -- Domenico Andreoli <cavok@debian.org>  Sat,  9 Aug 2003 04:26:15 +0200

curl (7.10.6-2) unstable; urgency=low

  * Applied patch from upstream to fix url globbing (closes: #203827).
  * make test is still performed on building debug stuff but errors
    are ignored.

 -- Domenico Andreoli <cavok@debian.org>  Thu,  7 Aug 2003 02:20:46 +0200

curl (7.10.6-1) unstable; urgency=low

  * New upstream release:
    - added spport for http_proxy env var with name:passwd
      (closes: #193630).
  * make test is invoked after build

 -- Domenico Andreoli <cavok@debian.org>  Tue, 29 Jul 2003 01:26:50 +0200

curl (7.10.5-1) unstable; urgency=low

  * New upstream release:
    - fixed typo in curl's man page (closes: #189272).
  * New libcurl option CURLOPT_FTP_USE_EPRT has been added, bumped
    up shlibs.

 -- Domenico Andreoli <cavok@debian.org>  Mon, 19 May 2003 23:57:12 +0200

curl (7.10.4-1) unstable; urgency=low

  * New upstream release:
    - now uses new settings properly when re-using an existing connection
      (closes: #185254)
    - curl man page now refers to MANUAL (closes: #178509).
  * Changed section of libcurl2-dev and libcurl2-dbg to libdevel.

 -- Domenico Andreoli <cavok@debian.org>  Wed,  2 Apr 2003 21:25:24 +0200

curl (7.10.3-3) unstable; urgency=low

  * Rebuilt to link against libssl0.9.7.
  * Improved package descriptions thanks to suggestions provided by
    Filip Van Raemdonck <mechanix@debian.org> (closes: #177995).

 -- Domenico Andreoli <cavok@debian.org>  Fri, 14 Mar 2003 16:08:38 +0100

curl (7.10.3-2) unstable; urgency=low

  * Development package is now named libcurl2-dev, it provides
    libcurl-dev.  People can now safely make their build dependencies
    and be sure to use the right stuff.
  * New package libcurl2-dbg is provided to help in debugging sessions.

 -- Domenico Andreoli <cavok@debian.org>  Mon, 20 Jan 2003 22:04:32 +0100

curl (7.10.3-1) unstable; urgency=low

  * New upstream release.
  * It now suggests ca-certificates package.

 -- Domenico Andreoli <cavok@debian.org>  Thu, 16 Jan 2003 00:27:48 +0100

curl (7.10.2-2) unstable; urgency=low

  * Added AM_MAINTAINER_MODE to configure.in (closes: #170050).

 -- Domenico Andreoli <cavok@debian.org>  Fri, 22 Nov 2002 14:28:22 +0100

curl (7.10.2-1) unstable; urgency=low

  * New upstream release:
    - fixed segfault on retrieving relative redirects (closes: #165382)
    - fixed a leak of debug output (closes: #167678).
  * Updated config.guess and config.sub (closes: #166153).
  * Added zlib1g-dev to build and libcurl-dev dependencies
    (closes: #169654).
  * Added HTML and PDF versions of all manpages in libcurl-dev package.

 -- Domenico Andreoli <cavok@debian.org>  Wed, 20 Nov 2002 23:38:24 +0100

curl (7.10.1-1) unstable; urgency=low

  * New upstream release.

 -- Domenico Andreoli <cavok@debian.org>  Fri, 11 Oct 2002 23:26:50 +0200

curl (7.10-1) unstable; urgency=low

  * New upstream release:
    - new way to use option -x to prevent curl from using any proxy
      server (closes: #161153).

 -- Domenico Andreoli <cavok@debian.org>  Wed,  2 Oct 2002 01:04:20 +0200

curl (7.9.8-2) unstable; urgency=low

  * Added again libcurl2-ssl to the libcurl2 conflicts.

 -- Domenico Andreoli <cavok@debian.org>  Thu,  4 Jul 2002 02:35:24 +0200

curl (7.9.8-1) unstable; urgency=low

  * New upstream release.
  * Double flavor of curl to support both non-SSL and SSL is gone.
    Now curl comes only with SSL. Who needs SSL can require curl
    version >= 7.9.8 .

 -- Domenico Andreoli <cavok@debian.org>  Mon, 24 Jun 2002 23:04:37 +0200

curl (7.9.7-2) unstable; urgency=low

  * Fixed the bashism in debian/rules (closes: #147352).
  * SSL and non-SSL series of curl packages are now built from the
    same source. thanks crypto-in-main! :)

 -- Domenico Andreoli <cavok@debian.org>  Mon, 20 May 2002 23:28:05 +0200

curl (7.9.7-1) unstable; urgency=low

  * New upstream release.

 -- Domenico Andreoli <cavok@debian.org>  Wed, 15 May 2002 21:09:19 +0200

curl (7.9.6-1) unstable; urgency=low

  * New upstream release.
  * libcurl.3 manpage is now installed by libcurl-dev instead of
    libcurl2. Indeed it provides an overview on how to use libcurl in
    C programs.

 -- Domenico Andreoli <cavok@debian.org>  Sat, 20 Apr 2002 17:06:51 +0200

curl (7.9.5-2) unstable; urgency=low

  * curl-ssl stuff moved from non-US to main.

 -- Domenico Andreoli <cavok@debian.org>  Mon, 25 Mar 2002 23:40:02 +0100

curl (7.9.5-1) unstable; urgency=low

  * New upstream release (closes: #134608).
  * Added autotools-dev to the build dependencies. config.{guess,sub}
    can now be updated automatically in the build process.

 -- Domenico Andreoli <cavok@debian.org>  Tue, 12 Mar 2002 19:06:21 +0100

curl (7.9.3-2) unstable; urgency=low

  * Upstream source code has been correctly imported in my CVS
    repository (closes: #130906).

 -- Domenico Andreoli <cavok@debian.org>  Sun, 27 Jan 2002 22:23:54 +0100

curl (7.9.3-1) unstable; urgency=low

  * New upstream release:
    - fixed wrong assumption on char signedness (closes: #127011)
    - missing header added accordingly (closes: #130401)
  * Fixed a typo in curl description (closes: #124526).

 -- Domenico Andreoli <cavok@debian.org>  Thu, 24 Jan 2002 20:04:04 +0100

curl (7.9.2-1) unstable; urgency=low

  * New upstream release:
    - two bad timeout matters in libcurl2 are now solved (closes: #118595).

 -- Domenico Andreoli <cavok@debian.org>  Fri,  7 Dec 2001 16:58:45 +0100

curl (7.9.1-3) unstable; urgency=low

  * Fixed return type of Curl_ftpsendf(...) to CURLcode (closes: #120485).
  * Versions in debian/libcurl2.shlibs have been incremented to
    ">= 7.9.1-1".

 -- Domenico Andreoli <cavok@debian.org>  Thu, 22 Nov 2001 15:35:40 +0100

curl (7.9.1-2) unstable; urgency=low

  * Reverted to unpatched released 7.9.1 source tree, patch behavior
    was weird.

 -- Domenico Andreoli <cavok@debian.org>  Thu, 15 Nov 2001 18:05:58 +0100

curl (7.9.1-1) unstable; urgency=low

  * New upstream release.
  * Applied upstream patch #478780 found on sourceforge, fixes libcurl
    which didn't restore SIGALRM handler (closes: #118595).
  * Applied patch for patch #478780 of above, see bug #118595 in BTS.
    Patch courtesy of Enrik Berkhan <Enrik.Berkhan@planb.de>.
  * Build-Depends reduced to what is strictly required for building.
    autoconf, automake and libtool build dependencies are gone.

 -- Domenico Andreoli <cavok@debian.org>  Fri,  9 Nov 2001 13:56:36 +0100

curl (7.9-1) unstable; urgency=low

  * New upstream release:
    - output of "curl-config --libs" now includes -lcurl.

 -- Domenico Andreoli <cavok@debian.org>  Tue, 25 Sep 2001 18:38:46 +0200

curl (7.8-3) unstable; urgency=low

  * Added libc6-dev to libcurl2-dev dependencies.
  * Fixed lack of some FD_ZERO(...)s in lib/transfer.c (closes: #105516).

 -- Domenico Andreoli <cavok@debian.org>  Fri,  3 Aug 2001 16:32:20 +0200

curl (7.8-2) unstable; urgency=low

  * libcurl2.shlibs now includes version numbers. some new symbols have
    been introduced in libcurl 7.8, so program linked against 7.8 cannot
    work with older ones.
  * IPv6 support is now enabled
  * configure.in has been renamed to autoconf.ac to force the use of
    autoconf 2.50

 -- Domenico Andreoli <cavok@debian.org>  Thu,  5 Jul 2001 01:38:24 +0200

curl (7.8-1) unstable; urgency=low

  * New upstream release.
  * Applied patch for correct shared library versioning of libcurl, curl
    7.8 comes with broken shared library version out of the box.
    Patch provided by upstream developer.

 -- Domenico Andreoli <cavok@debian.org>  Sat,  9 Jun 2001 21:12:05 +0200

curl (7.7.3-3) unstable; urgency=low

  * Fixed manpages libcurl-dev with required simlinks (closes: 99610).

 -- Domenico Andreoli <cavok@debian.org>  Mon,  4 Jun 2001 14:37:49 +0200

curl (7.7.3-2) unstable; urgency=low

  * lib/url.c and lib/version.c are now fixed (closes: #97709).
  * install upstream changelog (closes: #97628).

 -- Domenico Andreoli <cavok@debian.org>  Fri, 18 May 2001 10:32:25 +0200

curl (7.7.3-1) unstable; urgency=low

  * New upstream release.
  * Using dh_installman instead dh_installmanpages.
  * Installing libcurl examples with dh_installexamples.
  * Policy 3.5.3.0 compliant.

 -- Domenico Andreoli <cavok@debian.org>  Thu, 10 May 2001 09:45:05 +0200

curl (7.7.2-1) unstable; urgency=low

  * New upstream release.

 -- Domenico Andreoli <cavok@debian.org>  Tue, 24 Apr 2001 09:14:51 +0200

curl (7.7.1-2) unstable; urgency=low

  * Fixed debian/rules (closes: #78232, #93837).

 -- Domenico Andreoli <cavok@debian.org>  Tue, 17 Apr 2001 17:12:19 +0200

curl (7.7.1-1) unstable; urgency=low

  * New upstream release.

 -- Domenico Andreoli <cavok@debian.org>  Tue, 10 Apr 2001 13:26:09 +0200

curl (7.7-1) unstable; urgency=low

  * New upstream release.
  * Fixed formatting errors in curl.1 (closes: #90281).

 -- Domenico Andreoli <cavok@debian.org>  Fri, 23 Mar 2001 18:25:26 +0100

curl (7.6.1-5) unstable; urgency=low

  * Fixed debian/libcurl1.shlibs in order to solve any problem for those
    packages which should depend on either libcurl1 or libcurl1-ssl.
    I should have done it long time ago.

 -- Domenico Andreoli <cavok@debian.org>  Tue, 13 Mar 2001 18:29:06 +0100

curl (7.6.1-4) unstable; urgency=low

  * Added versioned Build-Depend for debhelper.

 -- Domenico Andreoli <cavok@debian.org>  Tue,  6 Mar 2001 15:16:02 +0100

curl (7.6.1-3) unstable; urgency=low

  * Refining the transition to debhelper compatibility 2. I forgot the
    executable in the curl package (closes: #87886).

 -- Domenico Andreoli <cavok@debian.org>  Wed, 28 Feb 2001 14:31:43 +0100

curl (7.6.1-2) unstable; urgency=low

  * Switched to debhelper compatibility version 2.

 -- Domenico Andreoli <cavok@debian.org>  Fri, 23 Feb 2001 18:24:02 +0100

curl (7.6.1-1) unstable; urgency=low

  * New upstream release.

 -- Domenico Andreoli <cavok@libero.it>  Tue, 13 Feb 2001 18:04:04 +0100

curl (7.6-2) unstable; urgency=low

  * Adjusted dependencies in order to let curl-ssl package manage a
    smooth upgrade from potato.

 -- Domenico Andreoli <cavok@libero.it>  Fri,  9 Feb 2001 13:36:11 +0100

curl (7.6-1) unstable; urgency=low

  * New upstream release.

 -- Domenico Andreoli <cavok@libero.it>  Mon, 29 Jan 2001 16:00:59 +0100

curl (7.5.2-2) unstable; urgency=low

  * This is a service upload in order to fix dependencies problems arose
    for a ill-formed upload of 7.5.2-1.

 -- Domenico Andreoli <cavok@libero.it>  Mon, 29 Jan 2001 14:54:57 +0100

curl (7.5.2-1) unstable; urgency=low

  * New upstream release.
  * It needed to be recompiled against the new libc (closes: #80256).

 -- Domenico Andreoli <cavok@libero.it>  Mon, 15 Jan 2001 13:08:15 +0100

curl (7.5-1) unstable; urgency=low

  * New upstream release.

 -- Domenico Andreoli <cavok@libero.it>  Mon,  4 Dec 2000 13:15:33 +0100

curl (7.4.2-2) unstable; urgency=low

  * curl replaces curl-ssl. curl is only a frontend for libcurl and is not
    aware of any protocol, libcurl is. so what is really different whether
    ssl is enable or not is only libcurl.
  * curl now depends on (libcurl0 | libcurl0-ssl).
  * The workaround for libtool -rpath parameter is not required, so
    it has been removed from configure.in.
  * Removed "Suggests: " field in control file for libcurl0. It suggested
    to install curl and libcurl-dev too but it really doesn't make sense
    (this change was really applied in -1).

 -- Domenico Andreoli <cavok@libero.it>  Tue, 28 Nov 2000 14:27:29 +0100

curl (7.4.2-1) unstable; urgency=low

  * New upstream release.

 -- Domenico Andreoli <cavok@libero.it>  Fri, 17 Nov 2000 16:19:23 +0100

curl (7.2.1-1) unstable; urgency=low

  * New upstream release.

 -- Domenico Andreoli <cavok@libero.it>  Mon,  4 Sep 2000 01:22:44 +0200

curl (7.1-3) unstable; urgency=low

  * Added "Suggests: " field in control file for libcurl0. Now curl and
    libcurl-dev are suggested upon installation of libcurl0.

 -- Domenico Andreoli <cavok@libero.it>  Mon, 14 Aug 2000 15:01:08 +0200

curl (7.1-2) unstable; urgency=low

  * Fixed a line that did not install development manpages.

 -- Domenico Andreoli <cavok@libero.it>  Thu, 10 Aug 2000 14:32:23 +0200

curl (7.1-1) unstable; urgency=low

  * New upstream release.
  * libcurl is now a separate package, it provides shared libraries and
    includes to allow developing for other applications.

 -- Domenico Andreoli <cavok@libero.it>  Wed,  9 Aug 2000 01:21:25 +0200

curl (6.5.2-4) unstable; urgency=low

  * Some missing build dependencies (autoconf, automake, libtool) added.

 -- Domenico Andreoli <cavok@libero.it>  Sat,  8 Jul 2000 00:13:16 +0200

curl (6.5.2-3) unstable; urgency=low

  * Due to some policy and technical restrictions, curl's source package
    has been splitted again in two, one for main archive and one for non-US.

 -- Domenico Andreoli <cavok@libero.it>  Tue,  4 Jul 2000 15:52:14 +0200

curl (6.5.2-2) unstable; urgency=low

  * Added a Build-Depends in order to compile curl-ssl only if
    libssl09-dev is installed.
  * Documentation reflects the new location of curl debian packages
    home page (http://curl-deb.sourceforge.net).
  * Corrected minor spelling errors in README.Debian.

 -- Domenico Andreoli <cavok@libero.it>  Sat, 17 Jun 2000 01:13:19 +0200

curl (6.5.2-1) unstable; urgency=low

  * New upstream release.
  * Now curl and curl-ssl binary packages are generated from the same
    debian source package.
  * Uploads and downloads are now performed simultaneously (closes: #56627).

 -- Domenico Andreoli <cavok@libero.it>  Sat, 25 Mar 2000 01:06:35 +0100

curl (6.4-1) unstable; urgency=low

  * New upstream release.

 -- Domenico Andreoli <cavok@libero.it>  Sun, 30 Jan 2000 02:21:32 +0100

curl (6.3.1-1) unstable; urgency=low

  * New upstream release.

 -- Domenico Andreoli <cavok@libero.it>  Sat, 11 Dec 1999 17:38:13 +0100

curl (6.2-1) unstable; urgency=low

  * New upstream release.
  * No hack to compile without SSL is required anymore. Fixed by
    upstream maintainer.

 -- Domenico Andreoli <cavok@libero.it>  Mon,  1 Nov 1999 00:37:32 +0100

curl (6.0-1) unstable; urgency=low

  * New upstream release.

 -- Domenico Andreoli <cavok@freemail.it>  Mon, 27 Sep 1999 22:28:13 +0200

curl (5.11-1.1) unstable; urgency=low

  * Put sources into the right section.

 -- Domenico Andreoli <cavok@freemail.it>  Mon, 30 Aug 1999 03:14:21 +0200

curl (5.11-1) unstable; urgency=low

  * New upstream release.
  * New debian maintainer.

 -- Domenico Andreoli <cavok@freemail.it>  Fri, 27 Aug 1999 11:50:04 +0200

curl (5.9-2) unstable; urgency=low

  * Moved to non-US, and compiled against ssl (closes: #40099).

 -- Leon Breedt <ljb@debian.org>  Sat,  3 Jul 1999 15:46:54 +0200

curl (5.9-1) unstable; urgency=low

  * New upstream release.

 -- Leon Breedt <ljb@debian.org>  Sun, 23 May 1999 21:51:30 +0200

curl (5.8-1) unstable; urgency=low

  * Initial Release.

 -- Leon Breedt <ljb@debian.org>  Sun,  9 May 1999 18:55:48 +0200