Comment 0 for bug 1003049

 curl (7.25.0-1ubuntu1) quantal; urgency=low
 .
   * Merge from Debian testing. Remaining changes:
     - Drop dependencies not in main:
       + Build-Depends: Drop stunnel4 and libssh2-1-dev.
       + Drop libssh2-1-dev from libcurl4-openssl-dev's Depends.
     - Add new libcurl3-udeb and curl-udeb package.
   * debian/patches/CVE-2012-0036.patch: Dropped. No longer needed.
 .
 curl (7.25.0-1) unstable; urgency=low
 .
   * New upstream release
     - Add --ssl-allow-beast and CURLOPT_SSL_OPTIONS (Closes: #658276)
     - Allow negative numbers as option value (Closes: #659591)
   * Add libssh2-1-dev to libcurl4-gnutls-dev and libcurl4-nss-dev Depends
   * Bump debhelper compat level to 9
     - Make *.links files executable to simplify rules file
   * Pass --as-needed ld flag to avoid unneeded dependencies
     - Add workaround_as_needed_bug to workaround a libtool bug
     - Drop dont_link_to_krb5 (not needed because of --as-needed)
   * Do some clean-up in debian/rules
   * Update debian/copyright format as in Debian Policy 3.9.3
   * Bump Standards-Version to 3.9.3
   * Explicit Conflicts in -dev packages (fixes binaries-have-file-conflict)
   * Add openssh-server to build depends to enable some more tests
   * Update upstream copyright years
   * Refresh patches
 .
 curl (7.24.0-1) unstable; urgency=high
 .
   * New upstream release
     - Improve documentation for the --capath option (Closes: #628697)
     - Fix URL sanitization vulnerability as per CVE-2012-0036
       http://curl.haxx.se/docs/adv_20120124.html
     - Fix SSL CBC IV vulnerability as per CVE-2011-3389
       http://curl.haxx.se/docs/adv_20120124B.html
     - Set urgency=high accordingly
   * Remove curl_links_with_rt patch (curl links to librt anyway)
   * Improve descriptions of -dev and -dbg packages
   * Drop fix_manpage_spelling and versioned patches (merged upstream)
   * Refresh patches
   * Add keep_symbols_compat patch to not break backwards ABI compatibility
   * Enable libssh2 support for GnuTLS and NSS flavours too
     (libssh2 now uses libgcrypt instead of libssl)
 .
 curl (7.23.1-3) unstable; urgency=low
 .
   * Enable security hardening flags
   * Remove libdb-dev from B-D (not used)
   * Improve short and long descriptions
   * Provide proper *.symbols files (Closes: #651619)
   * Do not version Curl_* symbols (for internal use only)
   * Do not override dh_makeshlibs version anymore
 .
 curl (7.23.1-2) unstable; urgency=low
 .
   * Bump shlibs version for libcurl3-nss (Closes: #650498)
 .
 curl (7.23.1-1) unstable; urgency=low
 .
   * New upstream release
     - Do not use gnutls_priority_set_direct and
       gnutls_certificate_type_set_priority anymore (Closes: #624024)
   * Refresh patches
   * Add --enable-debug flag to configure (Closes: #648902)
   * One Provides/Replaces per line
   * libcurl4-openssl-dev Provides libcurl4-dev too (Closes: #644126)
   * Specify only 3 components for Standards-Version
     (the fourth is not really needed)
   * Move ca-certificates to Recommends in lib* packages (Closes: #546607)
   * Add NSS flavour to versioned symbols