The debdiff looked fine, but needed fixing. Curl is a particular package as the last two patches get unapplied during the build to accommodate for different library backends. New patches need to get added earlier in the series file.
I've fixed the debdiff, made sure it builds properly, and have uploaded the package for processing by the SRU team. Thanks! ** Changed in: curl (Ubuntu Trusty) Status: Triaged => In Progress -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to curl in Ubuntu. https://bugs.launchpad.net/bugs/1556330 Title: upstream curl bug #1371: p12 client certificates code is broken Status in curl package in Ubuntu: Fix Released Status in curl source package in Trusty: In Progress Bug description: [Impact] The bug makes it impossible to use PKCS#12 secure storage of client certificates and private keys with any affected Ubuntu releases. The fix is one line fixing a broken switch statement and was already tested against Ubuntu 14.04 LTS with a rebuilt curl package. This was fixed in upstream libcurl in the following bug: https://sourceforge.net/p/curl/bugs/1371/ The bug fix consists of one missing break statement at the end of a case in a switch statement. I personally patched the bug using source code release curl_7.35.0-1ubuntu2.6.dsc, used in Ubuntu 14.04 LTS, and verified it does indeed fix the bug and all of the package's tests still pass afterwards. [Test Case] The bug can be reproduced using the following libcurl parameters (even via CLI, pycurl, etc.). CURLOPT_SSLCERTTYPE == "P12" CURLOPT_SSLCERT = path to PKCS#12 CURLOPT_SSLKEY = path to PKCS#12 CURLOPT_SSLKEYPASSWD = key for PKCS#12 if needed Basically, just use a PKCS#12 format client certificate and private key against some certificate protected web server. [Regression Potential] If it could possibly break anything, which is extraordinarily unlikely, it would break one of the three client certificate formats (most likely PKCS#12 but also PEM or DER). Note 1/3 formats is already broken due to the bug. Client certificates of all three types could be checked to prevent this. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/curl/+bug/1556330/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp