[Pkg-mpd-maintainers] Bug#1120262: curl 8.14.1-2+deb13u1 flagged for acceptance
Paul Gevers
elbrus at debian.org
Sun Nov 9 10:56:19 GMT 2025
Hi,
On 11/7/25 20:36, Adam D Barratt wrote:
> Package: curl
> Version: 8.14.1-2+deb13u1
>
> Explanation: fix buffer over-read issue [CVE-2025-9086]; fix cache poisoning issue [CVE-2025-10148]; fix path traversal issue [CVE-2025-10148]; allow --output to be overridden by --curl-options; fix manpage example for "continue-at"
https://release.debian.org/proposed-updates/stable.html shows a
regression (4 tries, the test doesn't seem to have a flaky history) in
mpd on s390x. Now I'm not really worried that people use mpd on s390x,
but it might indicate a subtle issue with curl on s390x. Care to have a
look? I've CC'd the mpd maintainers as they might be able to tell what
failure they are observing in their test. I also CC'd the s390x porters
as they might care about curl behavior on s390x.
Paul
PS: the other "regressions" will go away when the page is refreshed as
they all passed on retry or are flaky tests.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature.asc
Type: application/pgp-signature
Size: 585 bytes
Desc: OpenPGP digital signature
URL: <http://alioth-lists.debian.net/pipermail/pkg-mpd-maintainers/attachments/20251109/9864d808/attachment.sig>
More information about the Pkg-mpd-maintainers
mailing list