curl (7.26.0-1+wheezy25+deb7u1) wheezy-security; urgency=high

  * CVE-2018-1000301: Prevent an issue where curl could have be tricked into
    reading data beyond the end of a heap based buffer used to store downloaded
    content. (Closes: #898856)

 -- Chris Lamb <lamby@debian.org>  Wed, 16 May 2018 19:54:32 +0200

curl (7.26.0-1+wheezy25) wheezy-security; urgency=medium

  * Non-maintainer upload by the LTS Team.
  * Backport patches from jessie:
  * Fix CVE-2018-1000120: Buffer overflow in the FTP URL handling.
  * Fix CVE-2018-1000121: NULL pointer dereference in the LDAP code
  * Fix CVE-2018-1000122: buffer over-read in the RTSP+RTP handling code.

 -- Santiago R.R. <santiagorr@riseup.net>  Sun, 18 Mar 2018 15:39:35 +0000

curl (7.26.0-1+wheezy24) wheezy-security; urgency=high

  * Non-maintainer upload by the LTS Team.
  * CVE-2018-1000007
    libcurl might leak authentication data to third parties

 -- Thorsten Alteholz <debian@alteholz.de>  Mon, 29 Jan 2018 19:01:06 +0100

curl (7.26.0-1+wheezy23) wheezy-security; urgency=high

  * Non-maintainer upload by the LTS Team.
  * CVE-2017-8817
    fix FTP wildcard out of bounds read
    https://curl.haxx.se/docs/adv_2017-ae72.html

 -- Thorsten Alteholz <debian@alteholz.de>  Wed, 29 Nov 2017 19:31:06 +0100

curl (7.26.0-1+wheezy22) wheezy-security; urgency=high

  * Non-maintainer upload by the LTS Team.
  * CVE-2017-1000257
    Out of bounds read during IMAP FETCH response

 -- Thorsten Alteholz <debian@alteholz.de>  Sat, 19 Aug 2017 19:31:06 +0200

curl (7.26.0-1+wheezy21) wheezy-security; urgency=high

  * CVE-2017-1000254: Prevent an out-of-bounds read in FTP "PWD" response
    parsing. A malicious server could abuse this effectively prevent curl
    based clients to interact with it. See
    <https://curl.haxx.se/docs/adv_20171004.html> for more details.
    (Closes: #877671)

 -- Chris Lamb <lamby@debian.org>  Wed, 04 Oct 2017 22:11:40 +0100

curl (7.26.0-1+wheezy20) wheezy-security; urgency=high

  * Non-maintainer upload by the LTS Team.
  * CVE-2017-1000100
    Wrong handling of very long filenames during TFTP might result in
    curl sending more than buffer size.

 -- Thorsten Alteholz <debian@alteholz.de>  Sat, 19 Aug 2017 19:31:06 +0200

curl (7.26.0-1+wheezy19) wheezy-security; urgency=high

  * CVE-2017-7407: Fix a buffer read overrun in --write-out; if a % ended the
    statement the string's trailing NUL would be skipped and memory past the
    end of the buffer could be accessed and potentially displayed as part of
    the output.

 -- Chris Lamb <lamby@debian.org>  Tue, 04 Apr 2017 13:04:23 +0200

curl (7.26.0-1+wheezy18) wheezy-security; urgency=medium

  * Non-maintainer upload by the LTS Team.
  * CVE-2016-9586
    libcurl's implementation of the printf() functions triggers a buffer
    overflow when doing a large floating point output. The bug occurs
    when the conversion outputs more than 255 bytes.
    If there are any application that accepts a format string from the outside
    without necessary input filtering, it could allow remote attacks.
    This flaw does not exist in the command line tool.
    (Closes: #848958)

 -- Balint Reczey <balint@balintreczey.hu>  Wed, 28 Dec 2016 17:23:47 +0100

curl (7.26.0-1+wheezy17) wheezy-security; urgency=high

  * Non-maintainer upload by the LTS Team.
  * CVE-2016-8615
    If cookie state is written into a cookie jar file that is later read 
    back and used for subsequent requests, a malicious HTTP server can 
    inject new cookies for arbitrary domains into said cookie jar.
    The issue pertains to the function that loads cookies into memory, which 
    reads the specified file into a fixed-size buffer in a line-by-line 
    manner using the `fgets()` function. If an invocation of fgets() cannot 
    read the whole line into the destination buffer due to it being too 
    small, it truncates the output. 
    This way, a very long cookie (name + value) sent by a malicious server 
    would be stored in the file and subsequently that cookie could be read 
    partially and crafted correctly, it could be treated as a different 
    cookie for another server.  
  * CVE-2016-8616
    When re-using a connection, curl was doing case insensitive comparisons 
    of user name and password with the existing connections.  
    This means that if an unused connection with proper credentials exists 
    for a protocol that has connection-scoped credentials, an attacker can 
    cause that connection to be reused if s/he knows the case-insensitive 
    version of the correct password. 
  * CVE-2016-8617
    In libcurl's base64 encode function, the output buffer is allocated 
    as follows without any checks on insize:
       malloc( insize * 4 / 3 + 4 )
    On systems with 32-bit addresses in userspace (e.g. x86, ARM, x32), 
    the multiplication in the expression wraps around if insize is at 
    least 1GB of data. If this happens, an undersized output buffer will 
    be allocated, but the full result will be written, thus causing the 
    memory behind the output buffer to be overwritten.   
    Systems with 64 bit versions of the `size_t` type are not affected 
    by this issue. 
  * CVE-2016-8618
    The libcurl API function called `curl_maprintf()` can be tricked into 
    doing a double-free due to an unsafe `size_t` multiplication, on 
    systems using 32 bit `size_t` variables. The function is also used 
    internallty in numerous situations. 
    Systems with 64 bit versions of the `size_t` type are not affected 
    by this issue. 
  * CVE-2016-8619
    In curl's implementation of the Kerberos authentication mechanism, 
    the function `read_data()` in security.c is used to fill the 
    necessary krb5 structures. When reading one of the length fields from 
    the socket, it fails to ensure that the length parameter passed to 
    realloc() is not set to 0.            
  * CVE-2016-8621
    The `curl_getdate` converts a given date string into a numerical 
    timestamp and it supports a range of different formats and 
    possibilites to express a date and time. The underlying date 
    parsing function is also used internally when parsing for example 
    HTTP cookies (possibly received from remote servers) and it can be 
    used when doing conditional HTTP requests.
  * CVE-2016-8622
    The URL percent-encoding decode function in libcurl is called 
    `curl_easy_unescape`. Internally, even if this function would be 
    made to allocate a unscape destination buffer larger than 2GB, it 
    would return that new length in a signed 32 bit integer variable, 
    thus the length would get either just truncated or both truncated 
    and turned negative. That could then lead to libcurl writing outside 
    of its heap based buffer.     
  * CVE-2016-8623 9/11 curl Use-after-free via shared cookies
    libcurl explicitly allows users to share cookies between multiple 
    easy handles that are concurrently employed by different threads.
    When cookies to be sent to a server are collected, the matching 
    function collects all cookies to send and the cookie lock is released 
    immediately afterwards. That funcion however only returns a list with 
    *references* back to the original strings for name, value, path and so 
    on. Therefore, if another thread quickly takes the lock and frees one 
    of the original cookie structs together with its strings, 
    a use-after-free can occur and lead to information disclosure. Another 
    thread can also replace the contents of the cookies from separate HTTP 
    responses or API calls.       
  * CVE-2016-8624 10/11 curl invalid URL parsing with '#'
    curl doesn't parse the authority component of the URL correctly when 
    the host name part ends with a '#' character, and could instead be 
    tricked into connecting to a different host. This may have security 
    implications if you for example use an URL parser that follows the RFC 
    to check for allowed domains before using curl to request them.

 -- Thorsten Alteholz <debian@alteholz.de>  Thu, 10 Nov 2016 17:31:06 +0100

curl (7.26.0-1+wheezy16) wheezy-security; urgency=high

  * Non-maintainer upload by the LTS Team.
  * Fix CVE-2016-7167: Curl escape/unescape integer overflows (closes: #837945)

 -- Jonas Meurer <mejo@debian.org>  Sat, 17 Sep 2016 18:31:06 +0200

curl (7.26.0-1+wheezy15) wheezy-security; urgency=medium

  * Non-maintainer upload by the LTS team.
  * Fix CVE-2016-7141: Incorrect reuse of client certificates (Closes: #836918)

 -- Balint Reczey <balint@balintreczey.hu>  Wed, 07 Sep 2016 20:28:07 +0200

curl (7.26.0-1+wheezy14) wheezy-security; urgency=high

  * Non-maintainer upload by the LTS team.
  * Fix CVE-2016-5419: TLS session resumption client cert bypass.
  * Fix CVE-2016-5420: Re-using connection with wrong client cert.

 -- Markus Koschany <apo@debian.org>  Thu, 04 Aug 2016 13:40:13 +0200

curl (7.26.0-1+wheezy13) wheezy-security; urgency=high

  * Fix re-using authenticated connection when unauthenticated
    as per CVE-2015-3143
    http://curl.haxx.se/docs/adv_20150422A.html
  * Fix Negotiate not treated as connection-oriented as per CVE-2015-3148
    http://curl.haxx.se/docs/adv_20150422B.html

 -- Alessandro Ghedini <ghedo@debian.org>  Tue, 21 Apr 2015 13:51:57 +0200

curl (7.26.0-1+wheezy12) wheezy-security; urgency=high

  * Fix URL request injection vulnerability as per CVE-2014-8150
    http://curl.haxx.se/docs/adv_20150108B.html
  * Set urgency=high accordingly

 -- Alessandro Ghedini <ghedo@debian.org>  Tue, 30 Dec 2014 11:58:52 +0100

curl (7.26.0-1+wheezy11) wheezy-security; urgency=high

  * Fix duphandle read out of bounds as per CVE-2014-3707
    http://curl.haxx.se/docs/adv_20141105.html
  * Set urgency=high accordingly

 -- Alessandro Ghedini <ghedo@debian.org>  Sun, 02 Nov 2014 16:07:47 +0100

curl (7.26.0-1+wheezy10) wheezy-security; urgency=high

  * Fix multiple security issues:
    - Only use full host matches for hosts used as IP address
      as per CVE-2014-3613
    - Reject incoming cookies set for TLDs as per CVE-2014-3620
  * Set urgency=high accordingly

 -- Alessandro Ghedini <ghedo@debian.org>  Sat, 06 Sep 2014 14:07:02 +0200

curl (7.26.0-1+wheezy9) wheezy-security; urgency=high

  * Fix multiple security issues (Closes: #742728):
    - Fix connection re-use when using different log-in credentials
      as per CVE-2014-0138
      http://curl.haxx.se/docs/adv_20140326A.html
    - Reject IP address wildcard matches as per CVE-2014-0139
      http://curl.haxx.se/docs/adv_20140326B.html
  * Set urgency=high accordingly

 -- Alessandro Ghedini <ghedo@debian.org>  Wed, 09 Apr 2014 19:03:55 +0200

curl (7.26.0-1+wheezy8) wheezy-security; urgency=high

  * Fix re-use of wrong HTTP NTLM connection as per CVE-2014-0015
    http://curl.haxx.se/docs/adv_20140129.html
  * Set urgency=high accordingly

 -- Alessandro Ghedini <ghedo@debian.org>  Wed, 29 Jan 2014 19:01:03 +0100

curl (7.26.0-1+wheezy7) stable-security; urgency=high

  * Fix GnuTLS checking of a certificate CN or SAN name field when the digital
    signature verification is turned off as per CVE-2013-6422
    http://curl.haxx.se/docs/adv_20131217.html
  * Set urgency=high accordingly

 -- Alessandro Ghedini <ghedo@debian.org>  Wed, 11 Dec 2013 18:00:59 +0100

curl (7.26.0-1+wheezy6) stable-security; urgency=low

  * Disable host verification too when using the --insecure option
    (Closes: #729965)

 -- Alessandro Ghedini <ghedo@debian.org>  Tue, 19 Nov 2013 17:15:32 +0100

curl (7.26.0-1+wheezy5) stable-security; urgency=high

  * Fix OpenSSL checking of a certificate CN or SAN name field when the
    digital signature verification is turned off as per CVE-2013-4545
    http://curl.haxx.se/docs/adv_20131115.html
  * Set urgency=high accordingly

 -- Alessandro Ghedini <ghedo@debian.org>  Sat, 16 Nov 2013 13:04:23 +0100

curl (7.26.0-1+wheezy4) stable-proposed-updates; urgency=low

  * Add 09_reset-timecond.patch (Closes: #705783, #719300)

 -- Alessandro Ghedini <ghedo@debian.org>  Sat, 10 Aug 2013 16:45:38 +0200

curl (7.26.0-1+wheezy3) stable-security; urgency=high

  * Fix URL decode buffer boundary flaw as per CVE-2013-2174
    http://curl.haxx.se/docs/adv_20130622.html
  * Set urgency=high accordingly

 -- Alessandro Ghedini <ghedo@debian.org>  Sat, 22 Jun 2013 16:45:24 +0200

curl (7.26.0-1+wheezy2) wheezy-proposed-updates; urgency=high

  [ Alessandro Ghedini ]
  * Fix cookie domain tailmatch as per CVE-2013-1944
    http://curl.haxx.se/docs/adv_20130412.html (Closes: #705274)
  * Set urgency=high accordingly

  [ Salvatore Bonaccorso ]
  * Add testcase for CVE-2013-1944

 -- Alessandro Ghedini <ghedo@debian.org>  Wed, 10 Apr 2013 22:56:48 +0200

curl (7.26.0-1+wheezy1) testing-proposed-updates; urgency=high

  * Fix buffer overflow when negotiating SMTP DIGEST-MD5 authentication
    as per CVE-2013-0249 (Closes: #700002)
    http://curl.haxx.se/docs/adv_20130206.html
  * Set urgency=high accordingly

 -- Alessandro Ghedini <ghedo@debian.org>  Sun, 10 Feb 2013 19:14:47 +0100

curl (7.26.0-1) unstable; urgency=low

  * New upstream release
    - Reject numerical IPv6 addresses outside brackets (Closes: #670126)
  * Email change: Alessandro Ghedini -> ghedo@debian.org
  * Stricter Depends on libcurl3 (Closes: #666089)
  * Remove Ramakrishnan (as per his request), move myself to Maintainer
    Thank you for all your work so far
  * Disable memory tracking, but keep debug enabled
    - Remove memdebug symbols (used by curl only)
  * Refresh 01_runtests_gdb.patch, 90_gnutls.patch and 99_nss.patch
  * Disable not-quite-working symbols hiding

 -- Alessandro Ghedini <ghedo@debian.org>  Fri, 25 May 2012 15:19:51 +0200

curl (7.25.0-1) unstable; urgency=low

  * New upstream release
    - Add --ssl-allow-beast and CURLOPT_SSL_OPTIONS (Closes: #658276)
    - Allow negative numbers as option value (Closes: #659591)
  * Add libssh2-1-dev to libcurl4-gnutls-dev and libcurl4-nss-dev Depends
  * Bump debhelper compat level to 9
    - Make *.links files executable to simplify rules file
  * Pass --as-needed ld flag to avoid unneeded dependencies
    - Add workaround_as_needed_bug to workaround a libtool bug
    - Drop dont_link_to_krb5 (not needed because of --as-needed)
  * Do some clean-up in debian/rules
  * Update debian/copyright format as in Debian Policy 3.9.3
  * Bump Standards-Version to 3.9.3
  * Explicit Conflicts in -dev packages (fixes binaries-have-file-conflict)
  * Add openssh-server to build depends to enable some more tests
  * Update upstream copyright years
  * Refresh patches

 -- Alessandro Ghedini <al3xbio@gmail.com>  Fri, 23 Mar 2012 16:24:51 +0100

curl (7.24.0-1) unstable; urgency=high

  * New upstream release
    - Improve documentation for the --capath option (Closes: #628697)
    - Fix URL sanitization vulnerability as per CVE-2012-0036
      http://curl.haxx.se/docs/adv_20120124.html
    - Fix SSL CBC IV vulnerability as per CVE-2011-3389
      http://curl.haxx.se/docs/adv_20120124B.html
    - Set urgency=high accordingly
  * Remove curl_links_with_rt patch (curl links to librt anyway)
  * Improve descriptions of -dev and -dbg packages
  * Drop fix_manpage_spelling and versioned patches (merged upstream)
  * Refresh patches
  * Add keep_symbols_compat patch to not break backwards ABI compatibility
  * Enable libssh2 support for GnuTLS and NSS flavours too
    (libssh2 now uses libgcrypt instead of libssl)

 -- Alessandro Ghedini <al3xbio@gmail.com>  Tue, 24 Jan 2012 12:04:04 +0100

curl (7.23.1-3) unstable; urgency=low

  * Enable security hardening flags
  * Remove libdb-dev from B-D (not used)
  * Improve short and  long descriptions
  * Provide proper *.symbols files (Closes: #651619)
  * Do not version Curl_* symbols (for internal use only)
  * Do not override dh_makeshlibs version anymore

 -- Alessandro Ghedini <al3xbio@gmail.com>  Tue, 13 Dec 2011 19:55:31 +0100

curl (7.23.1-2) unstable; urgency=low

  * Bump shlibs version for libcurl3-nss (Closes: #650498)

 -- Alessandro Ghedini <al3xbio@gmail.com>  Thu, 01 Dec 2011 22:32:19 +0100

curl (7.23.1-1) unstable; urgency=low

  * New upstream release
    - Do not use gnutls_priority_set_direct and
      gnutls_certificate_type_set_priority anymore (Closes: #624024)
  * Refresh patches
  * Add --enable-debug flag to configure (Closes: #648902)
  * One Provides/Replaces per line
  * libcurl4-openssl-dev Provides libcurl4-dev too (Closes: #644126)
  * Specify only 3 components for Standards-Version
    (the fourth is not really needed)
  * Move ca-certificates to Recommends in lib* packages (Closes: #546607)
  * Add NSS flavour to versioned symbols

 -- Alessandro Ghedini <al3xbio@gmail.com>  Sun, 27 Nov 2011 18:45:01 +0100

curl (7.22.0-3) unstable; urgency=low

  [ Ramakrishnan Muthukrishnan ]
  * Add new Uploaders, Ian and Alessandro. (Closes: #647255)

  [ Luk Claes ]
  * Install lintian overrides with dh_lintian.
  * Install all files with dh_install and get rid of dh_installdirs.

  [ Alessandro Ghedini ]
  * New upstream release.
  * Bump debhelper compat level to 8.
  * debian/control:
    - One (Build-)Depends per line.
    - Sort (Build-)Depends.
    - Remove Build-Depends on binutils
      (v2.18 is already in oldstable and it is Build-Essential: yes).
    - Build depends on stunnel4 instead of stunnel
      (stunnel is just a dummy package).
    - Remove duplicate Section field in package curl.
    - Add Luk to Uploaders too, sort names.
  * debian/patches:
    - Update runtests_gdb patch, add DEP3 headers.
    - Update gnutls and nss patches, add DEP3 headers.
    - Refresh other patches.
    - Add DEP3 headers to all the patches.
    - Remove libtool patch (not applied anyway)
    - Set Forwarded: not-needed for Debian specific patches
  * Replace dh_clean -k call with dh_prep
    (dh_clean -k is deprecated since debhelper 7).
  * Add fix_manpage_spelling patch
  * debian/copyright:
    - Switch to DEP5 format
    - Update copyright information
  * Add librtmp-dev to libcurl4-nss-dev too

 -- Alessandro Ghedini <al3xbio@gmail.com>  Sun, 13 Nov 2011 21:07:32 +0100

curl (7.21.7-3) unstable; urgency=low

  * debian/rules: Build only curl and libcurl3 with rtmp support. Rest of the
    packages do not need to be built with rtmp support. (closes: #641173)

 -- Ramakrishnan Muthukrishnan <rkrishnan@debian.org>  Sun, 11 Sep 2011 22:08:08 +0200

curl (7.21.7-2) unstable; urgency=low

  * debian/control: libcurl*-dev packages should depend on librtmp-dev.
    (closes: #640260)
  * debian/rules: add build-arch and build-indep targets.

 -- Ramakrishnan Muthukrishnan <rkrishnan@debian.org>  Mon, 05 Sep 2011 16:12:42 +0200

curl (7.21.7-1) unstable; urgency=low

  * New Upstream release which fixes the following bugs.
    - libcurl3-gnutls: HTTPS over HTTP still broken in
      Git (closes: #627335)
    - git-core: gnutls_handshake() fail when using
      https:// over a proxy (closes: #559371)
  * debian/control: capitalize 'ftp'. (closes: #587338)
  * debian/rules: add build-arch and build-indep targets.

 -- Ramakrishnan Muthukrishnan <rkrishnan@debian.org>  Sat, 30 Jul 2011 17:57:08 +0530

curl (7.21.6-3) unstable; urgency=low

  * Apply the Multiarch patch from Steve Langasek.
    (closes: #631946)

 -- Ramakrishnan Muthukrishnan <rkrishnan@debian.org>  Wed, 29 Jun 2011 08:26:56 +0530

curl (7.21.6-2) unstable; urgency=high

  * Fix for the inappropriate GSSAPI delegation vulnerability (CVE-2011-2192).
    (closes: #631615)

 -- Ramakrishnan Muthukrishnan <rkrishnan@debian.org>  Sat, 25 Jun 2011 23:37:04 +0530

curl (7.21.6-1) unstable; urgency=low

  * New upstream release to fix a HTTPS over a HTTP proxy bug on 7.21.5.

 -- Ramakrishnan Muthukrishnan <rkrishnan@debian.org>  Sat, 23 Apr 2011 07:12:57 +0530

curl (7.21.5-1) unstable; urgency=low

  * New Upstream version. (closes: #623459)
  * debian/patches/{sslv2_disable, error_code}: removed as these
    patches were backported earlier from new upstream and this
    release incorporates them.

 -- Ramakrishnan Muthukrishnan <rkrishnan@debian.org>  Fri, 22 Apr 2011 13:14:41 +0530

curl (7.21.4-2) unstable; urgency=low

  * debian/patches/{sslv2-disable, series}: Apply the
    upstream commit c66b0b32fba175d5f096c944d8ec8f9f06299f4a.
    (closes: #622016)
  * debian/{rules, control}: enable rtmp. (closes: #622328)
  * debian/control: removing hurd from dependencies. Hurd is
    an 'essential' package.

 -- Ramakrishnan Muthukrishnan <rkrishnan@debian.org>  Wed, 13 Apr 2011 16:15:27 -0700

curl (7.21.4-1) unstable; urgency=low

  * New upstream release.
  * debian/control: downgraded the version number of libdb-dev required
    to 4.6 from 4.7, based on the inputs from Erik Schanze <schanzi_@gmx.de>.

 -- Ramakrishnan Muthukrishnan <rkrishnan@debian.org>  Mon, 28 Feb 2011 19:35:36 +0530

curl (7.21.3-1) unstable; urgency=low

  * New upstream release.
  * debian/*.manpages: adding all manpages for the curl library.
    (closes: #605651)
  * gnutls->handshake: improved timeout handling. See #594150 for details.

 -- Ramakrishnan Muthukrishnan <rkrishnan@debian.org>  Wed, 15 Dec 2010 23:39:26 +0530

curl (7.21.2-4) unstable; urgency=low

  * support for curl library built against nss.
    (closes: #606244)
  * honour DEB_BUILD_OPTIONS=nocheck option.
    (closes: #606059)

 -- Ramakrishnan Muthukrishnan <rkrishnan@debian.org>  Thu, 09 Dec 2010 20:11:37 +0530

curl (7.21.2-3) unstable; urgency=low

  * debian/rules: reverting changes related to c-ares inclusion.
  * debian/control: removing libc-ares-dev for now.
    (closes: #605558)

 -- Ramakrishnan Muthukrishnan <rkrishnan@debian.org>  Thu, 02 Dec 2010 10:56:36 +0530

curl (7.21.2-2) unstable; urgency=low

  * debian/control: add libc-ares-dev as build dependency.
  * debian/rules: invoke configure with --enable-ares.
    (closes: #570436)
  * debian/copyright: add copyright notice of `lib/security.c'
    to the copyright file. (closes: #603712)

 -- Ramakrishnan Muthukrishnan <rkrishnan@debian.org>  Tue, 30 Nov 2010 17:35:29 +0530

curl (7.21.2-1) unstable; urgency=low

  * New upstream release.

 -- Ramakrishnan Muthukrishnan <rkrishnan@debian.org>  Mon, 18 Oct 2010 11:13:17 +0530

curl (7.21.1-1) unstable; urgency=low

  * New upstream release.

 -- Ramakrishnan Muthukrishnan <rkrishnan@debian.org>  Thu, 12 Aug 2010 08:20:48 +0530

curl (7.21.0-1) unstable; urgency=low

  * New upstream.

 -- Ramakrishnan Muthukrishnan <rkrishnan@debian.org>  Wed, 16 Jun 2010 19:25:37 +0530

curl (7.20.1-2) unstable; urgency=low

  * debian/rules: Removed the custom LDFLAGS variable. This is not
    required as we are no longer using the libtool patch.
    (closes: #578774)

 -- Ramakrishnan Muthukrishnan <rkrishnan@debian.org>  Wed, 28 Apr 2010 18:40:27 +0530

curl (7.20.1-1) unstable; urgency=low

  * New upstream release.
  * debian/patches/missing-double-quote: No longer needed as it has been
    fixed by the upstream.
  * debian/patches/no_com_err: Reworked the patches for the new release.
  * debian/patches/versioned: fix for build failure of 'make test'.
    (closes: #576237)
  * debian/rules: removed --enable-ldaps option from the configure as LDAP
    SSL (Novell extensions to openldap) is not available as Debian packages.
  * lib/http.c: chunked-encoding with Content-Length header problem has
    been fixed in the upstream. (closes: #572276)

 -- Ramakrishnan Muthukrishnan <rkrishnan@debian.org>  Mon, 19 Apr 2010 09:21:35 +0530

curl (7.20.0-3) unstable; urgency=low

  * debian/control: Vcs* tags added.
  * docs/libcurl/libcurl.m4: added the missing double quote (closes: #576518).

 -- Ramakrishnan Muthukrishnan <rkrishnan@debian.org>  Mon, 05 Apr 2010 18:56:40 +0530

curl (7.20.0-2) unstable; urgency=low

  * New Maintainer (closes: #574137).
  * Bug #533669 (curl segmentation fault in addbyter()) is fixed
    from release 7.19.7 onwards (closes: #533669).
  * Bug #510559 (curl sends whitespace unencoded in the url) can't
    be reproduced in the 7.20.0 release (closes: #510559).

 -- Ramakrishnan Muthukrishnan <rkrishnan@debian.org>  Thu, 18 Mar 2010 08:55:19 +0530

curl (7.20.0-1) unstable; urgency=low

  * Package is orphaned.
  * New upstream release.
  * Switch to dpkg-source 3.0 (quilt) format (closes: #538547).
  * Fixed build error with binutils-gold (closes: #554296).

 -- Domenico Andreoli <cavok@debian.org>  Tue, 09 Feb 2010 13:06:39 +0100

curl (7.19.7-1) unstable; urgency=low

  * New upstream release:
    - curl_getdate(3) now correctly manages single letter military
      timezones as specified in RFC 822 (closes: #551461).
  * build depends on generic libdb-dev (closes: #548476).
  * build depends on libssh2-1-dev (>= 1.2) to enable new curl options.

 -- Domenico Andreoli <cavok@debian.org>  Thu, 05 Nov 2009 10:11:57 +0100

curl (7.19.5-1) unstable; urgency=low

  * New upstream release
  * Fix "libcurl3-gnutls has memory corruption" by upgrading to new upstream
    release, which fixes this bug (Closes: #530131)
  * update standards version to 3.8.1
  * adjust overrides from libdevel to debug for -dbg package
  * adjust doc-base section

 -- Andreas Schuldei <andreas@debian.org>  Sun, 24 May 2009 21:12:19 +0200

curl (7.19.4-1) unstable; urgency=low

  * New upstream release
  * Fix "newer bdb version" <explain what you changed and why>
    (Closes: #517277)
  * resolve libtool version confusion, thanks to
    Stefanos Harhalakis <v13@v13.gr>
  * add new dependency on libgcrypt11-dev due to newly arising binary symbols

 -- Andreas Schuldei <andreas@debian.org>  Thu, 02 Apr 2009 23:35:45 +0200

curl (7.18.2-8lenny1) stable-security; urgency=high

  * Applied upstream patch to fix arbitrary file access (CVE-2009-0037).

 -- Domenico Andreoli <cavok@debian.org>  Tue, 03 Mar 2009 10:29:03 +0100

curl (7.18.2-8) unstable; urgency=low

  * Fix "Please add support for ldap/ldaps protocols"
    by changing the linker option for liblber (Closes: #506096)

 -- Andreas Schuldei <andreas@debian.org>  Fri, 26 Dec 2008 23:48:19 +0100

curl (7.18.2-7) unstable; urgency=low

  * disable c-ares support again, no fix yet, just get stuff working again.

 -- Andreas Schuldei <andreas@debian.org>  Tue, 15 Jul 2008 01:17:29 +0200

curl (7.18.2-6) unstable; urgency=low

  * enable c-ares support, with ipv6 support

 -- Andreas Schuldei <andreas@debian.org>  Fri, 11 Jul 2008 02:05:16 +0200

curl (7.18.2-5) unstable; urgency=low

  * /usr/lib/pkgconfig/libcurl.pc: "pkg-config --libs libcurl" returns
    "-Wl, -z, defs" (Closes: #488701), closing same bug again for
    curl-config --libs  command

 -- Andreas Schuldei <andreas@jesaja.schuldei.org>  Wed, 02 Jul 2008 11:24:40 +0200

curl (7.18.2-4) unstable; urgency=medium

  * /usr/lib/pkgconfig/libcurl.pc: "pkg-config --libs libcurl" returns
    "-Wl, -z, defs" (Closes: #488701)

 -- Andreas Schuldei <andreas@debian.org>  Mon, 30 Jun 2008 23:59:55 +0200

curl (7.18.2-3) unstable; urgency=low

  * removing c-ares from the dependencies

 -- Andreas Schuldei <andreas@debian.org>  Sat, 28 Jun 2008 03:34:50 +0200

curl (7.18.2-2) unstable; urgency=medium

  * blanking the "dependency_libs" line in lib*.la file to keep all the listed libs
    from being linked to other libs linking to curl.
  * fixing miss-linking problem by specifying liblber as a configure argument
  * disabling c-ares again for stability reasons
  * correcting libgssapi linking in configure.ac (patch no_com_err)

 -- Andreas Schuldei <andreas@debian.org>  Fri, 27 Jun 2008 03:40:18 +0200

curl (7.18.2-1e1) experimental; urgency=low

  * testing c-ares-ipv6 integration patch

 -- Andreas Schuldei <andreas@debian.org>  Mon, 23 Jun 2008 08:48:31 +0200

curl (7.18.2-1) unstable; urgency=low

  * New upstream release:
    - removed patches/ftp-response, it is already in the upstream release
    - fixed issues with kerberos ftp (closes: #478864).
  * Disable c-ares support, it is still not ready for Debian's wide
    user base (closes: #478864, #481189).
  * Standards-Version bumped to 3.8.0:
    - added support for parallel builds to debian/rules
  * Removal of $QUILT_PC's override makes this package ready for new
    source format 3.0 (quilt) (closes: #485023).
  * Configure build with --with-ca-path but only for OpenSSL flavour,
    GnuTLS supports only --with-ca-bundle (closes: #482814, #483999).
    Both libcurl3 and libcurl3-gnutls now depend on ca-certificates.

 -- Domenico Andreoli <cavok@debian.org>  Mon, 09 Jun 2008 14:09:42 +0200

curl (7.18.1-1) unstable; urgency=low

  * New upstream release.
  * Fixed crossbuilding bug (closes: #465089).
  * Improved error reporting in case of failing FTP (closes: #474224).
  * Enable c-ares support (closes: #352694).
  * libcurl3-dbg now depends on either libcurl3 or libcurl3-gnutls
    (closes: #463173).

 -- Domenico Andreoli <cavok@debian.org>  Thu, 17 Apr 2008 10:22:28 +0200

curl (7.18.0-1) unstable; urgency=low

  * New upstream release.
  * Use Homepage field in debian/control.

 -- Domenico Andreoli <cavok@debian.org>  Tue, 29 Jan 2008 02:16:25 +0100

curl (7.17.1-1) unstable; urgency=low

  * New upstream release:
    - fixed bad use of "its" in curl.1 (closes: #443734)
    - fixed curl_easy_escape() with input bytes that are >= 0x80
      (closes: #445214)

 -- Domenico Andreoli <cavok@debian.org>  Wed, 31 Oct 2007 01:12:54 +0100

curl (7.17.0-1) unstable; urgency=low

  * New upstream release.
  * Updated to use libssh2-1-dev (closes: #441979, #442198).
  * Do not run the test suite on hurd (closes: #433834).
  * Enabled support for LDAPS protocol.

 -- Domenico Andreoli <cavok@debian.org>  Fri, 14 Sep 2007 00:24:21 +0200

curl (7.16.4-5) unstable; urgency=low

  * libcurl4-openssl-dev now depends on libssh2-0-dev.
    closes: #439317, #439326.

 -- Domenico Andreoli <cavok@debian.org>  Fri, 24 Aug 2007 18:13:17 +0200

curl (7.16.4-4) unstable; urgency=low

  * Build libcurl/GnuTLS without libssh2 because of the usual OpenSSL
    vs. GPL software lincense conflict (closes: #439176).

 -- Domenico Andreoli <cavok@debian.org>  Thu, 23 Aug 2007 23:47:35 +0200

curl (7.16.4-3) unstable; urgency=low

  * Added support for scp and SFTP protocols.

 -- Domenico Andreoli <cavok@debian.org>  Wed, 22 Aug 2007 00:48:32 +0200

curl (7.16.4-2) unstable; urgency=low

  * Fixed regression with FTP sites not requesting PASS (closes: #435771).

 -- Domenico Andreoli <cavok@debian.org>  Sat, 04 Aug 2007 02:04:40 +0200

curl (7.16.4-1) unstable; urgency=low

  * New upstream release (closes: #432514).
  * Welcome Andreas to the curl packagers!
  * Build-Depends is now more backporting friendly.

 -- Domenico Andreoli <cavok@debian.org>  Wed, 18 Jul 2007 16:44:30 +0200

curl (7.16.2-6) unstable; urgency=low

  * Added missing libcurl3 symlinks (closes: #429945)
    Patch courtesy of Bryan Donlan.

 -- Domenico Andreoli <cavok@debian.org>  Sat, 23 Jun 2007 00:39:20 +0200

curl (7.16.2-5) unstable; urgency=low

  [ Steve Langasek ]
  * Re-introduce curl3 symbol versions and rename the packages back to
    libcurl3*, restoring ABI compatibility with the etch version of the
    package.

  [ Domenico Andreoli ]
  * Package libcurl4-gnutls-dev now suggests libcurl3-dbg.
  * libcurl3-dbg replaces/conflict/provide libcurl4-dbg.
  * Properly use ${binary:Version} in control file.

 -- Domenico Andreoli <cavok@debian.org>  Wed, 20 Jun 2007 17:52:38 +0200

curl (7.16.2-4) unstable; urgency=low

  * Fixed configure.ac in case of build with GNUTLS (closes: #425013).
  * Fixed double-free bug (closes: #424894).
    Patch courtesy of Daniel Stenberg.

 -- Domenico Andreoli <cavok@debian.org>  Sun, 20 May 2007 01:15:01 +0200

curl (7.16.2-3) unstable; urgency=low

  * Updated to db4.5 (closes: #421933).
  * Got rid of unused libcomerr2 dependency (closes: #392294).

 -- Domenico Andreoli <cavok@debian.org>  Tue, 08 May 2007 08:46:21 +0200

curl (7.16.2-2) experimental; urgency=low

  * Improved package descriptions (closes: #410472).
  * Updated package Provides to ease the soname transition.

 -- Domenico Andreoli <cavok@debian.org>  Fri, 27 Apr 2007 15:37:44 +0200

curl (7.16.2-1) experimental; urgency=low

  * New upstream release.
  * libcurl4-openssl-dev now depends on libcurl4-openssl (closes: #419774).
  * Bumped shlibs version to 7.16.2-1.
  * Patches are now managed with quilt.

 -- Domenico Andreoli <cavok@debian.org>  Wed, 18 Apr 2007 09:29:48 +0200

curl (7.16.1-1) experimental; urgency=low

  * New upstream release.
  * Bumped shlibs version to 7.16.1-1.
  * Added HIDDEN section to version script to handle any __*, _rest or
    _save* local symbol.
  * Gopher protocol is not supported since 7.15.2. Removed any reference
    in package description (closes: #408704).
  * Moved libcurl/openssl to the new package libcurl4-openssl, now
    libcurl4 contains a version with no SSL or GSSAPI support (any
    future cryptographic stuff will be kept out of there).
  * Package libcurl4-dev now contains the matching headers for libcurl4
    (so crypto stuff).

 -- Domenico Andreoli <cavok@debian.org>  Thu,  1 Feb 2007 12:49:32 +0100

curl (7.16.0-1) experimental; urgency=low

  * New upstream release.
  * Bumped shlibs version to 7.16.0-1.
  * libcurl4 and libcurl4-gnutls now only recommend ca-certificates
    (closes: #404103).
  * pkg-config .pc file now uses Libs.private (closes: #405226).

 -- Domenico Andreoli <cavok@debian.org>  Fri, 26 Jan 2007 14:26:55 +0100

curl (7.15.5-1) unstable; urgency=low

  * New upstream release:
    - fixed nodes removal from the splay tree (closes: #375076).
  * Make package build also if $TAPE is set (closes: #377470).
  * Bumped shlibs version to 7.15.5-1.

 -- Domenico Andreoli <cavok@debian.org>  Mon,  7 Aug 2006 10:26:13 +0200

curl (7.15.4-1ubuntu1) edgy; urgency=low

  * Synchronize to Debian. Only change left: Removal of stunnel and
    libdb4.2-dev build dependencies.

 -- Martin Pitt <martin.pitt@ubuntu.com>  Thu, 29 Jun 2006 15:04:24 +0200

curl (7.15.4-1) unstable; urgency=low

  * New upstream release.
  * Bumped shlibs version to 7.15.4-1.

 -- Domenico Andreoli <cavok@debian.org>  Wed, 14 Jun 2006 14:41:16 +0200

curl (7.15.3-2) unstable; urgency=low

  * Fixed bug in configure.ac that makes FTBFS (closes: #367954).

 -- Domenico Andreoli <cavok@debian.org>  Wed, 31 May 2006 15:18:26 +0200

curl (7.15.3-1) unstable; urgency=high

  * New upstream release:
    - fixed TFTP packet buffer overflow vulnerability
      [lib/tftp.c, CVE-2006-1061].
    - improved curl_getenv.3 manpage grammar (closes: #357388).

 -- Domenico Andreoli <cavok@debian.org>  Mon, 20 Mar 2006 11:46:25 +0100

curl (7.15.2-3) unstable; urgency=low

  * Applied upstream patch to fix multi interface and multi-part formposts
    (closes: #355715).
  * Build back with -O2, gcc 4.0.2-10 fixed the previously trigged bug.

 -- Domenico Andreoli <cavok@debian.org>  Wed,  8 Mar 2006 15:29:15 +0100

curl (7.15.2-2) unstable; urgency=low

  * Added missing autotools invocation. Re-added versioned symbols
    (closes: #355241).
  * Bumped shlibs version to 7.15.2-2.
  * Build with -O3 to work around sospicious segfaults on tests 253
    and 255.

 -- Domenico Andreoli <cavok@debian.org>  Sat,  4 Mar 2006 22:47:23 +0100

curl (7.15.2-1) unstable; urgency=low

  * New upstream release.
  * Bumped shlibs version to 7.15.2-1.
  * Adopted debhelper's compatibility level 5.

 -- Domenico Andreoli <cavok@debian.org>  Wed,  1 Mar 2006 16:12:51 +0100

curl (7.15.1-1ubuntu2) dapper; urgency=low

  * SECURITY UPDATE: Arbitrary remote code execution with long tftp:// URLs.
  * lib/tftp.c: Fix unbounded sprintf() to avoid buffer overflow. Thanks to
    Ulf Harnhammar for discovering this.
  * CVE-2006-1061

 -- Martin Pitt <martin.pitt@ubuntu.com>  Thu, 16 Mar 2006 11:30:25 +0100

curl (7.15.1-1ubuntu1) dapper; urgency=low

  * Resynchronise with Debian to get URL parser overflow fix from 7.15.1
    (CVE-2005-4077).

 -- Martin Pitt <martin.pitt@ubuntu.com>  Mon, 12 Dec 2005 15:04:52 +0100

curl (7.15.1-1) unstable; urgency=low

  * New upstream release:
    - fixed buffer overflow in URL parser function (closes: #342339).

 -- Domenico Andreoli <cavok@debian.org>  Wed,  7 Dec 2005 11:11:38 +0100

curl (7.15.0-5.1) unstable; urgency=high

  * Non-maintainer upload.
  * Urgency high for RC bug fix.
  * Let libcurl3-*-dev depend on libkrb5-dev (closes: #340784, #340916).

 -- Luk Claes <luk@debian.org>  Sun,  4 Dec 2005 11:59:20 +0100

curl (7.15.0-5) unstable; urgency=low

  * libcurl3-gnutls-dev and libcurl3-openssl-dev now only recommend
    libkrb5-dev (closes: #334888).
  * Applied upstream patch to fix error message in case FTP-path does
    not exist (closes: #338680).
  * Applied upstream patch to fix parsing of --limit-rate command line
    option (closes: #338681).

 -- Domenico Andreoli <cavok@debian.org>  Fri, 25 Nov 2005 10:30:25 +0100

curl (7.15.0-4ubuntu1) dapper; urgency=low

  * Resynchronise with Debian (only change left: Removal of stunnel build
    dependency).
  * Remove libdb4.2-dev build dependency.

 -- Martin Pitt <martin.pitt@ubuntu.com>  Thu, 10 Nov 2005 17:44:35 -0500

curl (7.15.0-4) unstable; urgency=low

  * Fixed output of curl-config --vernum (closes: #335296).
  * libcurl3-openssl-dev now replaces libcurl3-dev older than 7.14.1-1
    (closes: #335277).

 -- Domenico Andreoli <cavok@debian.org>  Tue, 25 Oct 2005 11:48:53 +0200

curl (7.15.0-3) unstable; urgency=low

  * libcurl3 and libcurl3-gnutls now suggest libldap2 (closes: #294407).

  * Re-introduced libcurl3-dev package for transition reasons.

 -- Domenico Andreoli <cavok@debian.org>  Wed, 19 Oct 2005 12:45:43 +0200

curl (7.15.0-2) unstable; urgency=low

  * Fixed depends of libcurl3-*-dev packages (closes: #334021, #333609, #334048).
  * Bumped shlibs version to 7.15.0-1 (closes: #334053).

 -- Domenico Andreoli <cavok@debian.org>  Sun, 16 Oct 2005 15:34:40 +0200

curl (7.15.0-1) unstable; urgency=low

  * New upstream release:
    - fixed user+domain name buffer overflow in the NTLM code
      (CAN-2005-3185, closes: #333734).
    - libcurl3-*-dev packages now depend on libkrb5-dev (closes: #333609).
    - improved docs about curl_easy_setopt() and ERRORBUFFER (closes: #329313).

 -- Domenico Andreoli <cavok@debian.org>  Fri, 14 Oct 2005 13:32:06 +0200

curl (7.14.1-5) unstable; urgency=low

  * Added build dependency on libtool (closes: #332729, #333174).

 -- Domenico Andreoli <cavok@debian.org>  Tue, 11 Oct 2005 10:05:36 +0200

curl (7.14.1-4) unstable; urgency=low

  * Fixed SEE ALSO section in curl_excape.3 (closes: #331505).
  * Fixed configure.ac when --host=i586-mingw32msvc is given (closes: #329444).
  * Added missing example files (closes: #331722).
  * Updated build dependency for OpenSSL 0.9.8 transition.

 -- Domenico Andreoli <cavok@debian.org>  Mon, 10 Oct 2005 12:43:25 +0200

curl (7.14.1-3) experimental; urgency=low

  * Fixed soname of libcurl-gnutls.so* variant.
  * Fixed broken sentence (closes: #329305).
  * Fixed reference to TheArtOfHttpScripting.gz (closes: #329299).
  * Added clarification about WRITEFUNCTION and WRITEDATA (closes: #329311).

 -- Domenico Andreoli <cavok@debian.org>  Wed, 28 Sep 2005 17:13:51 +0200

curl (7.14.1-2) experimental; urgency=low

  * Started using the system-wide CA certificate file (closes: #308514).
  * Fixed apostrophe typos in the curl man page (closes: #326511).
  * Only curl_* symbols are now globally visible outside of libcurl.

 -- Domenico Andreoli <cavok@debian.org>  Sat, 17 Sep 2005 23:52:28 +0200

curl (7.14.1-1) experimental; urgency=low

  * New upstream release.
  * libcurl3-gnutls has a modified soname and may be installed together
    with libcurl3 (closes: #318590).
  * Both libcurl3 and libcurl3-gnutls are built with versioned symbols
    and with support of GSSAPI authentication.
  * Renamed libcurl3-dev to libcurl3-openssl-dev.
  * Dropped package libcurl3-gssapi.

 -- Domenico Andreoli <cavok@debian.org>  Thu, 15 Sep 2005 23:59:32 +0200

curl (7.14.0-5) unstable; urgency=low

  * Added libcurl3-gnutls and libcurl3-gnutls-dev packages (closes: #318590).
  * libcurl3-gssapi now has its own shlibs file. Packages built with this
    package installed will depend on it.

 -- Domenico Andreoli <cavok@debian.org>  Thu, 18 Aug 2005 02:26:38 +0200

curl (7.14.0-4) unstable; urgency=low

  * OpenSSL is back (closes: #321294, #321391).

 -- Domenico Andreoli <cavok@debian.org>  Fri,  5 Aug 2005 23:34:45 +0200

curl (7.14.0-3) unstable; urgency=low

  * Updated the use of dpkg-architecture (closes: #320046).
  * Added missing aclocal file libcurl.m4 to libcurl3-dev (closes: #315848).
  * Added (many) missing man pages (closes: #315850).
  * OpenSSL is replaced by GnuTLS in providing SSL support (closes: #318590).
  * Heimdal is replaced by MIT Kerberos in providing GSSAPI support.

 -- Domenico Andreoli <cavok@debian.org>  Tue,  2 Aug 2005 22:34:01 +0200

curl (7.14.0-2ubuntu1) breezy; urgency=low

  * Synchronize with Debian.

 -- Matthias Klose <doko@ubuntu.com>  Tue, 26 Jul 2005 19:03:01 +0200

curl (7.14.0-2) unstable; urgency=low

  * Rebuilt and uploaded to unstable.

 -- Domenico Andreoli <cavok@debian.org>  Wed, 15 Jun 2005 11:41:32 +0200

curl (7.14.0-1) experimental; urgency=low

  * New upstream release.

 -- Domenico Andreoli <cavok@debian.org>  Tue, 17 May 2005 10:42:35 +0200

curl (7.13.2-3) unstable; urgency=high

  * HTTP response headers with null bytes are now correctly managed
    (closes: #310948).

 -- Domenico Andreoli <cavok@debian.org>  Fri,  3 Jun 2005 23:59:30 +0200

curl (7.13.2-2) unstable; urgency=low

  * Fixed conditional build of package libcurl3-gssapi
    (closes: #303939, #303953).

 -- Domenico Andreoli <cavok@debian.org>  Mon, 11 Apr 2005 19:00:27 +0200

curl (7.13.2-1) unstable; urgency=low

  * New upstream release:
    - fixed curl man page typos (closes: #302820).

 -- Domenico Andreoli <cavok@debian.org>  Tue,  5 Apr 2005 14:41:13 +0200

curl (7.13.1-3) unstable; urgency=low

  * Fixed hanging of some SSL connections (closes: #302366).

 -- Domenico Andreoli <cavok@debian.org>  Thu, 31 Mar 2005 16:27:41 +0200

curl (7.13.1-2) unstable; urgency=low

  * Rebuilt to get the correct libidn11 dependency (closes: #299348).
  * Added some missing documentation files (closes: #298855).

 -- Domenico Andreoli <cavok@debian.org>  Wed, 16 Mar 2005 14:30:03 +0100

curl (7.13.1-1) unstable; urgency=low

  * New upstream release.
  * Bumped up shlibs version for libcurl3 because of new curl options.

 -- Domenico Andreoli <cavok@debian.org>  Fri,  4 Mar 2005 16:03:17 +0100

curl (7.13.0-2) unstable; urgency=high

  * Fixed NTLM Authentication buffer overflow (closes: #296678).
    Patch courtesy of Daniel Stenberg. This handles CAN-2005-0490.
  * Removed libcurl2* packages and all the scary stuff used to build them
    (closes: #274631).

 -- Domenico Andreoli <cavok@debian.org>  Thu, 24 Feb 2005 10:07:22 +0100

curl (7.13.0-1) unstable; urgency=low

  * New upstream release.
  * libcurl3 now suggests package libldap2-dev to enable support for
    LDAP protocol.
  * Bumped up shlibs version for libcurl3 because of new curl options.

 -- Domenico Andreoli <cavok@debian.org>  Sat,  5 Feb 2005 10:39:52 +0100

curl (7.12.3-2ubuntu3) hoary; urgency=low

  * Fix the version numbers internal to debian/rules.  Closes; #8088

 -- LaMont Jones <lamont@ubuntu.com>  Wed, 23 Mar 2005 18:41:29 -0700

curl (7.12.3-2) unstable; urgency=low

  * Disabled test suite on m68k, it stalls.

 -- Domenico Andreoli <cavok@debian.org>  Thu, 30 Dec 2004 11:11:48 +0100

curl (7.12.3-1) unstable; urgency=low

  * New upstream release:
    - fixed debug tracing to network socket is stderr is closed
      (closes: #278691).
  * Applied patch to fix getpass license problems (closes: #286794).
    Patch courtesy of Daniel Stenberg.
  * Bumped up shlibs version for libcurl3 because of new curl options.

 -- Domenico Andreoli <cavok@debian.org>  Mon, 27 Dec 2004 12:50:30 +0100

curl (7.12.2-2) unstable; urgency=low

  * libcurl3-dbg package is now built by dh_strip --dbg-package
    (closes: #274710).
  * Added build dependency on libdb4.2-dev.

 -- Domenico Andreoli <cavok@debian.org>  Thu,  4 Nov 2004 11:36:17 +0100

curl (7.12.2-1) unstable; urgency=low

  * New upstream release.
  * Update diff to 7.11.2.
  * Add debian/watch file.
  * Add myself as a uploader.

 -- Matthias Klose <doko@debian.org>  Wed,  3 Nov 2004 00:55:52 +0100

curl (7.12.1-1) unstable; urgency=low

  * New upstream release:
    - workaround for ASN1_STRING_to_UTF8 failing if input is already
      UTF-8 encoded (closes: #264711).
  * Bumped up shlibs version for libcurl3 because of the introduction
    of FTP 3rd party transfer support options.

 -- Domenico Andreoli <cavok@debian.org>  Tue, 10 Aug 2004 11:40:29 +0200

curl (7.12.0.rel-6) unstable; urgency=low

  * In rebuilding the 7.11.2 tree starting from the 7.12.0 one,
    lib/getdate.y is patched before lib/getdate.c (closes: #262597).

 -- Domenico Andreoli <cavok@debian.org>  Sun,  1 Aug 2004 17:59:57 +0200

curl (7.12.0.rel-5) unstable; urgency=low

  * Tests are performed only if build target and building host are the
    same and are not kfreebsd-gnu or knetbsd-gnu (closes: #261591).
  * On hurd-i386 libcurl3-gssapi is not built.

 -- Domenico Andreoli <cavok@debian.org>  Thu, 29 Jul 2004 15:17:51 +0200

curl (7.12.0.rel-4) unstable; urgency=low

  * Added build dependency on groff-base to really build the built-in
    manual.
  * libcurl3 now replaces old libcurl2 versions (closes: #255262).

 -- Domenico Andreoli <cavok@debian.org>  Tue, 20 Jul 2004 11:40:09 +0200

curl (7.12.0.rel-3) unstable; urgency=low

  * Enabled curl's built-in manual.
  * configure script for 7.11.2 is now managed correctly.

 -- Domenico Andreoli <cavok@debian.org>  Sun, 18 Jul 2004 22:25:00 +0200

curl (7.12.0.rel-2) unstable; urgency=low

  * libcurl2 uses curl-ca-bundle-7.11.2.crt (closes: #255262).
    Yes, it is a hack to not add libcurl-common package right now.

 -- Domenico Andreoli <cavok@debian.org>  Sun, 18 Jul 2004 16:40:45 +0200

curl (7.12.0.rel-1) experimental; urgency=low

  * Version 7.12.0 is back with proper libcurl3* packages.
  * libcurl2* 7.11.2 packages are still provided (closes: #252879).
  * Enabled again the support for libidn.

 -- Domenico Andreoli <cavok@debian.org>  Sun,  6 Jun 2004 23:09:33 +0200

curl (7.12.0.is.7.11.2-1) unstable; urgency=low

  * Reverted to version 7.11.2 (closes: #252348).
  * Disabled support for libidn (closes: #252367). This is to leave
    curl in unstable as much similar as possible to the one in testing.

 -- Domenico Andreoli <cavok@debian.org>  Fri,  4 Jun 2004 19:09:25 +0200

curl (7.12.0-1) unstable; urgency=low

  * New upstream release:
    - fixed minor man page problem (closes: #232928)
    - improved --create-dirs description in curl man page (closes: #251351)
  * Enabled support for libidn.

 -- Domenico Andreoli <cavok@debian.org>  Wed,  2 Jun 2004 18:06:05 +0200

curl (7.11.2-2) unstable; urgency=low

  * Fixed curl.1 man page (closes: #232928).
    Patch courtesy of Daniel Stenberg, the upstream developer.

 -- Domenico Andreoli <cavok@debian.org>  Tue, 27 Apr 2004 19:47:09 +0200

curl (7.11.2-1) unstable; urgency=low

  * New upstream release.
  * Bumped up shlibs version because of the introduction of
    CURLOPT_TCP_NODELAY option.

 -- Domenico Andreoli <cavok@debian.org>  Mon, 26 Apr 2004 14:14:20 +0200

curl (7.11.1-2) unstable; urgency=low

  * Added GSSAPI support to package libcurl2-gssapi (closes: #241553).

 -- Domenico Andreoli <cavok@debian.org>  Fri,  2 Apr 2004 18:03:15 +0200

curl (7.11.1-1) unstable; urgency=low

  * New upstream release.
  * Bumped up shlibs version because of the introduction of
    CURLOPT_POSTFIELDSIZE_LARGE option.

 -- Domenico Andreoli <cavok@debian.org>  Fri, 19 Mar 2004 11:39:07 +0100

curl (7.11.0-4) unstable; urgency=low

  * Applied fix from upstream's CVS which adds another CRLF in
    chunked-transfers.

 -- Domenico Andreoli <cavok@debian.org>  Sun,  1 Feb 2004 13:19:02 +0100

curl (7.11.0-3) unstable; urgency=low

  * "Fixed" build process, now the right file is searched for CA
    certificates (closes: #228182).

 -- Domenico Andreoli <cavok@debian.org>  Sat, 31 Jan 2004 20:06:10 +0100

curl (7.11.0-2) unstable; urgency=low

  * Test suite is still performed but is not critical for the build
    being successful any more.

 -- Domenico Andreoli <cavok@debian.org>  Fri, 30 Jan 2004 13:03:03 +0100

curl (7.11.0-1) unstable; urgency=low

  * New upstream release.

 -- Domenico Andreoli <cavok@debian.org>  Sun, 25 Jan 2004 17:50:43 +0100

curl (7.10.8+7.11.0-pre1-1) unstable; urgency=low

  * New upstream pre-release:
    - proxy+ssl now passes post variables (closes: #222901)
    - various test case problems exposed in #222140 should now be fixed.
  * Bumped up shlibs version because of the introduction of
    CURLOPT_NETRC_FILE and CURLOPT_FTP_SSL options in libcurl.

 -- Domenico Andreoli <cavok@debian.org>  Wed, 14 Jan 2004 17:35:46 +0100

curl (7.10.8-1) unstable; urgency=low

  * New upstream release:
    - fixed LDAP support (closes: #149609)
    - cleaner environment for testsuite execution (closes: #210253)
    - fixed lib/Makefile.am's use of LDFLAGS (closes: #212086)
    - fixed name clash in curl.h with respect to unistd.h (closes: #213180)
    - fixed typo in curl manpage (closes: #218046).
  * Bumped up shlibs version because of new libcurl options.
  * Added stunnel to the Build-Depends in order to enable SSL test cases.

 -- Domenico Andreoli <cavok@debian.org>  Mon,  3 Nov 2003 10:26:12 +0100

curl (7.10.7-2) unstable; urgency=low

  * Fixed bug in cache_resolv_response on alpha and ia64 (closes: #207174).
    Patch courtesy of Jurij Smakov.

 -- Domenico Andreoli <cavok@debian.org>  Mon,  8 Sep 2003 21:55:46 +0200

curl (7.10.7-1) unstable; urgency=low

  * New upstream release.
  * Bumped up shlibs version because of the introduction of CURLOPT_PROXYAUTH
    and CURLOPT_FTP_CREATE_MISSING_DIRS options in libcurl.

 -- Domenico Andreoli <cavok@debian.org>  Mon, 18 Aug 2003 00:19:43 +0200

curl (7.10.6-3) unstable; urgency=low

  * Applied patch to fix test 60 on ia64.

 -- Domenico Andreoli <cavok@debian.org>  Sat,  9 Aug 2003 04:26:15 +0200

curl (7.10.6-2) unstable; urgency=low

  * Applied patch from upstream to fix url globbing (closes: #203827).
  * make test is still performed on building debug stuff but errors
    are ignored.

 -- Domenico Andreoli <cavok@debian.org>  Thu,  7 Aug 2003 02:20:46 +0200

curl (7.10.6-1) unstable; urgency=low

  * New upstream release:
    - added spport for http_proxy env var with name:passwd
      (closes: #193630).
  * make test is invoked after build

 -- Domenico Andreoli <cavok@debian.org>  Tue, 29 Jul 2003 01:26:50 +0200

curl (7.10.5-1) unstable; urgency=low

  * New upstream release:
    - fixed typo in curl's man page (closes: #189272).
  * New libcurl option CURLOPT_FTP_USE_EPRT has been added, bumped
    up shlibs.

 -- Domenico Andreoli <cavok@debian.org>  Mon, 19 May 2003 23:57:12 +0200

curl (7.10.4-1) unstable; urgency=low

  * New upstream release:
    - now uses new settings properly when re-using an existing connection
      (closes: #185254)
    - curl man page now refers to MANUAL (closes: #178509).
  * Changed section of libcurl2-dev and libcurl2-dbg to libdevel.

 -- Domenico Andreoli <cavok@debian.org>  Wed,  2 Apr 2003 21:25:24 +0200

curl (7.10.3-3) unstable; urgency=low

  * Rebuilt to link against libssl0.9.7.
  * Improved package descriptions thanks to suggestions provided by
    Filip Van Raemdonck <mechanix@debian.org> (closes: #177995).

 -- Domenico Andreoli <cavok@debian.org>  Fri, 14 Mar 2003 16:08:38 +0100

curl (7.10.3-2) unstable; urgency=low

  * Development package is now named libcurl2-dev, it provides
    libcurl-dev.  People can now safely make their build dependencies
    and be sure to use the right stuff.
  * New package libcurl2-dbg is provided to help in debugging sessions.

 -- Domenico Andreoli <cavok@debian.org>  Mon, 20 Jan 2003 22:04:32 +0100

curl (7.10.3-1) unstable; urgency=low

  * New upstream release.
  * It now suggests ca-certificates package.

 -- Domenico Andreoli <cavok@debian.org>  Thu, 16 Jan 2003 00:27:48 +0100

curl (7.10.2-2) unstable; urgency=low

  * Added AM_MAINTAINER_MODE to configure.in (closes: #170050).

 -- Domenico Andreoli <cavok@debian.org>  Fri, 22 Nov 2002 14:28:22 +0100

curl (7.10.2-1) unstable; urgency=low

  * New upstream release:
    - fixed segfault on retrieving relative redirects (closes: #165382)
    - fixed a leak of debug output (closes: #167678).
  * Updated config.guess and config.sub (closes: #166153).
  * Added zlib1g-dev to build and libcurl-dev dependencies
    (closes: #169654).
  * Added HTML and PDF versions of all manpages in libcurl-dev package.

 -- Domenico Andreoli <cavok@debian.org>  Wed, 20 Nov 2002 23:38:24 +0100

curl (7.10.1-1) unstable; urgency=low

  * New upstream release.

 -- Domenico Andreoli <cavok@debian.org>  Fri, 11 Oct 2002 23:26:50 +0200

curl (7.10-1) unstable; urgency=low

  * New upstream release:
    - new way to use option -x to prevent curl from using any proxy
      server (closes: #161153).

 -- Domenico Andreoli <cavok@debian.org>  Wed,  2 Oct 2002 01:04:20 +0200

curl (7.9.8-2) unstable; urgency=low

  * Added again libcurl2-ssl to the libcurl2 conflicts.

 -- Domenico Andreoli <cavok@debian.org>  Thu,  4 Jul 2002 02:35:24 +0200

curl (7.9.8-1) unstable; urgency=low

  * New upstream release.
  * Double flavor of curl to support both non-SSL and SSL is gone.
    Now curl comes only with SSL. Who needs SSL can require curl
    version >= 7.9.8 .

 -- Domenico Andreoli <cavok@debian.org>  Mon, 24 Jun 2002 23:04:37 +0200

curl (7.9.7-2) unstable; urgency=low

  * Fixed the bashism in debian/rules (closes: #147352).
  * SSL and non-SSL series of curl packages are now built from the
    same source. thanks crypto-in-main! :)

 -- Domenico Andreoli <cavok@debian.org>  Mon, 20 May 2002 23:28:05 +0200

curl (7.9.7-1) unstable; urgency=low

  * New upstream release.

 -- Domenico Andreoli <cavok@debian.org>  Wed, 15 May 2002 21:09:19 +0200

curl (7.9.6-1) unstable; urgency=low

  * New upstream release.
  * libcurl.3 manpage is now installed by libcurl-dev instead of
    libcurl2. Indeed it provides an overview on how to use libcurl in
    C programs.

 -- Domenico Andreoli <cavok@debian.org>  Sat, 20 Apr 2002 17:06:51 +0200

curl (7.9.5-2) unstable; urgency=low

  * curl-ssl stuff moved from non-US to main.

 -- Domenico Andreoli <cavok@debian.org>  Mon, 25 Mar 2002 23:40:02 +0100

curl (7.9.5-1) unstable; urgency=low

  * New upstream release (closes: #134608).
  * Added autotools-dev to the build dependencies. config.{guess,sub}
    can now be updated automatically in the build process.

 -- Domenico Andreoli <cavok@debian.org>  Tue, 12 Mar 2002 19:06:21 +0100

curl (7.9.3-2) unstable; urgency=low

  * Upstream source code has been correctly imported in my CVS
    repository (closes: #130906).

 -- Domenico Andreoli <cavok@debian.org>  Sun, 27 Jan 2002 22:23:54 +0100

curl (7.9.3-1) unstable; urgency=low

  * New upstream release:
    - fixed wrong assumption on char signedness (closes: #127011)
    - missing header added accordingly (closes: #130401)
  * Fixed a typo in curl description (closes: #124526).

 -- Domenico Andreoli <cavok@debian.org>  Thu, 24 Jan 2002 20:04:04 +0100

curl (7.9.2-1) unstable; urgency=low

  * New upstream release:
    - two bad timeout matters in libcurl2 are now solved (closes: #118595).

 -- Domenico Andreoli <cavok@debian.org>  Fri,  7 Dec 2001 16:58:45 +0100

curl (7.9.1-3) unstable; urgency=low

  * Fixed return type of Curl_ftpsendf(...) to CURLcode (closes: #120485).
  * Versions in debian/libcurl2.shlibs have been incremented to
    ">= 7.9.1-1".

 -- Domenico Andreoli <cavok@debian.org>  Thu, 22 Nov 2001 15:35:40 +0100

curl (7.9.1-2) unstable; urgency=low

  * Reverted to unpatched released 7.9.1 source tree, patch behavior
    was weird.

 -- Domenico Andreoli <cavok@debian.org>  Thu, 15 Nov 2001 18:05:58 +0100

curl (7.9.1-1) unstable; urgency=low

  * New upstream release.
  * Applied upstream patch #478780 found on sourceforge, fixes libcurl
    which didn't restore SIGALRM handler (closes: #118595).
  * Applied patch for patch #478780 of above, see bug #118595 in BTS.
    Patch courtesy of Enrik Berkhan <Enrik.Berkhan@planb.de>.
  * Build-Depends reduced to what is strictly required for building.
    autoconf, automake and libtool build dependencies are gone.

 -- Domenico Andreoli <cavok@debian.org>  Fri,  9 Nov 2001 13:56:36 +0100

curl (7.9-1) unstable; urgency=low

  * New upstream release:
    - output of "curl-config --libs" now includes -lcurl.

 -- Domenico Andreoli <cavok@debian.org>  Tue, 25 Sep 2001 18:38:46 +0200

curl (7.8-3) unstable; urgency=low

  * Added libc6-dev to libcurl2-dev dependencies.
  * Fixed lack of some FD_ZERO(...)s in lib/transfer.c (closes: #105516).

 -- Domenico Andreoli <cavok@debian.org>  Fri,  3 Aug 2001 16:32:20 +0200

curl (7.8-2) unstable; urgency=low

  * libcurl2.shlibs now includes version numbers. some new symbols have
    been introduced in libcurl 7.8, so program linked against 7.8 cannot
    work with older ones.
  * IPv6 support is now enabled
  * configure.in has been renamed to autoconf.ac to force the use of
    autoconf 2.50

 -- Domenico Andreoli <cavok@debian.org>  Thu,  5 Jul 2001 01:38:24 +0200

curl (7.8-1) unstable; urgency=low

  * New upstream release.
  * Applied patch for correct shared library versioning of libcurl, curl
    7.8 comes with broken shared library version out of the box.
    Patch provided by upstream developer.

 -- Domenico Andreoli <cavok@debian.org>  Sat,  9 Jun 2001 21:12:05 +0200

curl (7.7.3-3) unstable; urgency=low

  * Fixed manpages libcurl-dev with required simlinks (closes: 99610).

 -- Domenico Andreoli <cavok@debian.org>  Mon,  4 Jun 2001 14:37:49 +0200

curl (7.7.3-2) unstable; urgency=low

  * lib/url.c and lib/version.c are now fixed (closes: #97709).
  * install upstream changelog (closes: #97628).

 -- Domenico Andreoli <cavok@debian.org>  Fri, 18 May 2001 10:32:25 +0200

curl (7.7.3-1) unstable; urgency=low

  * New upstream release.
  * Using dh_installman instead dh_installmanpages.
  * Installing libcurl examples with dh_installexamples.
  * Policy 3.5.3.0 compliant.

 -- Domenico Andreoli <cavok@debian.org>  Thu, 10 May 2001 09:45:05 +0200

curl (7.7.2-1) unstable; urgency=low

  * New upstream release.

 -- Domenico Andreoli <cavok@debian.org>  Tue, 24 Apr 2001 09:14:51 +0200

curl (7.7.1-2) unstable; urgency=low

  * Fixed debian/rules (closes: #78232, #93837).

 -- Domenico Andreoli <cavok@debian.org>  Tue, 17 Apr 2001 17:12:19 +0200

curl (7.7.1-1) unstable; urgency=low

  * New upstream release.

 -- Domenico Andreoli <cavok@debian.org>  Tue, 10 Apr 2001 13:26:09 +0200

curl (7.7-1) unstable; urgency=low

  * New upstream release.
  * Fixed formatting errors in curl.1 (closes: #90281).

 -- Domenico Andreoli <cavok@debian.org>  Fri, 23 Mar 2001 18:25:26 +0100

curl (7.6.1-5) unstable; urgency=low

  * Fixed debian/libcurl1.shlibs in order to solve any problem for those
    packages which should depend on either libcurl1 or libcurl1-ssl.
    I should have done it long time ago.

 -- Domenico Andreoli <cavok@debian.org>  Tue, 13 Mar 2001 18:29:06 +0100

curl (7.6.1-4) unstable; urgency=low

  * Added versioned Build-Depend for debhelper.

 -- Domenico Andreoli <cavok@debian.org>  Tue,  6 Mar 2001 15:16:02 +0100

curl (7.6.1-3) unstable; urgency=low

  * Refining the transition to debhelper compatibility 2. I forgot the
    executable in the curl package (closes: #87886).

 -- Domenico Andreoli <cavok@debian.org>  Wed, 28 Feb 2001 14:31:43 +0100

curl (7.6.1-2) unstable; urgency=low

  * Switched to debhelper compatibility version 2.

 -- Domenico Andreoli <cavok@debian.org>  Fri, 23 Feb 2001 18:24:02 +0100

curl (7.6.1-1) unstable; urgency=low

  * New upstream release.

 -- Domenico Andreoli <cavok@libero.it>  Tue, 13 Feb 2001 18:04:04 +0100

curl (7.6-2) unstable; urgency=low

  * Adjusted dependencies in order to let curl-ssl package manage a
    smooth upgrade from potato.

 -- Domenico Andreoli <cavok@libero.it>  Fri,  9 Feb 2001 13:36:11 +0100

curl (7.6-1) unstable; urgency=low

  * New upstream release.

 -- Domenico Andreoli <cavok@libero.it>  Mon, 29 Jan 2001 16:00:59 +0100

curl (7.5.2-2) unstable; urgency=low

  * This is a service upload in order to fix dependencies problems arose
    for a ill-formed upload of 7.5.2-1.

 -- Domenico Andreoli <cavok@libero.it>  Mon, 29 Jan 2001 14:54:57 +0100

curl (7.5.2-1) unstable; urgency=low

  * New upstream release.
  * It needed to be recompiled against the new libc (closes: #80256).

 -- Domenico Andreoli <cavok@libero.it>  Mon, 15 Jan 2001 13:08:15 +0100

curl (7.5-1) unstable; urgency=low

  * New upstream release.

 -- Domenico Andreoli <cavok@libero.it>  Mon,  4 Dec 2000 13:15:33 +0100

curl (7.4.2-2) unstable; urgency=low

  * curl replaces curl-ssl. curl is only a frontend for libcurl and is not
    aware of any protocol, libcurl is. so what is really different whether
    ssl is enable or not is only libcurl.
  * curl now depends on (libcurl0 | libcurl0-ssl).
  * The workaround for libtool -rpath parameter is not required, so
    it has been removed from configure.in.
  * Removed "Suggests: " field in control file for libcurl0. It suggested
    to install curl and libcurl-dev too but it really doesn't make sense
    (this change was really applied in -1).

 -- Domenico Andreoli <cavok@libero.it>  Tue, 28 Nov 2000 14:27:29 +0100

curl (7.4.2-1) unstable; urgency=low

  * New upstream release.

 -- Domenico Andreoli <cavok@libero.it>  Fri, 17 Nov 2000 16:19:23 +0100

curl (7.2.1-1) unstable; urgency=low

  * New upstream release.

 -- Domenico Andreoli <cavok@libero.it>  Mon,  4 Sep 2000 01:22:44 +0200

curl (7.1-3) unstable; urgency=low

  * Added "Suggests: " field in control file for libcurl0. Now curl and
    libcurl-dev are suggested upon installation of libcurl0.

 -- Domenico Andreoli <cavok@libero.it>  Mon, 14 Aug 2000 15:01:08 +0200

curl (7.1-2) unstable; urgency=low

  * Fixed a line that did not install development manpages.

 -- Domenico Andreoli <cavok@libero.it>  Thu, 10 Aug 2000 14:32:23 +0200

curl (7.1-1) unstable; urgency=low

  * New upstream release.
  * libcurl is now a separate package, it provides shared libraries and
    includes to allow developing for other applications.

 -- Domenico Andreoli <cavok@libero.it>  Wed,  9 Aug 2000 01:21:25 +0200

curl (6.5.2-4) unstable; urgency=low

  * Some missing build dependencies (autoconf, automake, libtool) added.

 -- Domenico Andreoli <cavok@libero.it>  Sat,  8 Jul 2000 00:13:16 +0200

curl (6.5.2-3) unstable; urgency=low

  * Due to some policy and technical restrictions, curl's source package
    has been splitted again in two, one for main archive and one for non-US.

 -- Domenico Andreoli <cavok@libero.it>  Tue,  4 Jul 2000 15:52:14 +0200

curl (6.5.2-2) unstable; urgency=low

  * Added a Build-Depends in order to compile curl-ssl only if
    libssl09-dev is installed.
  * Documentation reflects the new location of curl debian packages
    home page (http://curl-deb.sourceforge.net).
  * Corrected minor spelling errors in README.Debian.

 -- Domenico Andreoli <cavok@libero.it>  Sat, 17 Jun 2000 01:13:19 +0200

curl (6.5.2-1) unstable; urgency=low

  * New upstream release.
  * Now curl and curl-ssl binary packages are generated from the same
    debian source package.
  * Uploads and downloads are now performed simultaneously (closes: #56627).

 -- Domenico Andreoli <cavok@libero.it>  Sat, 25 Mar 2000 01:06:35 +0100

curl (6.4-1) unstable; urgency=low

  * New upstream release.

 -- Domenico Andreoli <cavok@libero.it>  Sun, 30 Jan 2000 02:21:32 +0100

curl (6.3.1-1) unstable; urgency=low

  * New upstream release.

 -- Domenico Andreoli <cavok@libero.it>  Sat, 11 Dec 1999 17:38:13 +0100

curl (6.2-1) unstable; urgency=low

  * New upstream release.
  * No hack to compile without SSL is required anymore. Fixed by
    upstream maintainer.

 -- Domenico Andreoli <cavok@libero.it>  Mon,  1 Nov 1999 00:37:32 +0100

curl (6.0-1) unstable; urgency=low

  * New upstream release.

 -- Domenico Andreoli <cavok@freemail.it>  Mon, 27 Sep 1999 22:28:13 +0200

curl (5.11-1.1) unstable; urgency=low

  * Put sources into the right section.

 -- Domenico Andreoli <cavok@freemail.it>  Mon, 30 Aug 1999 03:14:21 +0200

curl (5.11-1) unstable; urgency=low

  * New upstream release.
  * New debian maintainer.

 -- Domenico Andreoli <cavok@freemail.it>  Fri, 27 Aug 1999 11:50:04 +0200

curl (5.9-2) unstable; urgency=low

  * Moved to non-US, and compiled against ssl (closes: #40099).

 -- Leon Breedt <ljb@debian.org>  Sat,  3 Jul 1999 15:46:54 +0200

curl (5.9-1) unstable; urgency=low

  * New upstream release.

 -- Leon Breedt <ljb@debian.org>  Sun, 23 May 1999 21:51:30 +0200

curl (5.8-1) unstable; urgency=low

  * Initial Release.

 -- Leon Breedt <ljb@debian.org>  Sun,  9 May 1999 18:55:48 +0200
