| ID | 105572 |
| Package Name | curl |
| Version | 7.65.3 |
| Release | 1.fc31 |
| Epoch | |
| Source | git+https://src.fedoraproject.org/rpms/curl.git#a5c984a5907b2ccf14e4d1524b6135244a607b51 |
| Summary |
| Description |
| Built by | davidlt |
| State |
complete
|
| Volume |
DEFAULT |
| Started | Sat, 27 Jul 2019 16:53:27 UTC |
| Completed | Sat, 27 Jul 2019 19:27:22 UTC |
| Task | build (f31-candidate, /rpms/curl.git:a5c984a5907b2ccf14e4d1524b6135244a607b51) |
| Extra | {'source': {'original_url': 'git+https://src.fedoraproject.org/rpms/curl.git#a5c984a5907b2ccf14e4d1524b6135244a607b51'}} |
| Tags |
|
| RPMs |
|
| Logs |
|
| Changelog |
* Sat Jul 20 2019 Paul Howarth <paul@city-fan.org> - 7.65.3-1
- new upstream release
* Wed Jul 17 2019 Kamil Dudka <kdudka@redhat.com> - 7.65.2-1
- new upstream release
* Wed Jun 05 2019 Kamil Dudka <kdudka@redhat.com> - 7.65.1-1
- new upstream release
* Thu May 30 2019 Kamil Dudka <kdudka@redhat.com> - 7.65.0-2
- fix spurious timeout events with speed-limit (#1714893)
* Wed May 22 2019 Kamil Dudka <kdudka@redhat.com> - 7.65.0-1
- new upstream release, which fixes the following vulnerabilities
CVE-2019-5436 - TFTP receive buffer overflow
CVE-2019-5435 - integer overflows in curl_url_set()
* Thu May 09 2019 Kamil Dudka <kdudka@redhat.com> - 7.64.1-2
- do not treat failure of gss_init_sec_context() with --negotiate as fatal
* Wed Mar 27 2019 Kamil Dudka <kdudka@redhat.com> - 7.64.1-1
- new upstream release
* Mon Mar 25 2019 Kamil Dudka <kdudka@redhat.com> - 7.64.0-6
- remove verbose "Expire in" ... messages (#1690971)
* Thu Mar 21 2019 Kamil Dudka <kdudka@redhat.com> - 7.64.0-5
- avoid spurious "Could not resolve host: [host name]" error messages
* Wed Feb 27 2019 Kamil Dudka <kdudka@redhat.com> - 7.64.0-4
- fix NULL dereference if flushing cookies with no CookieInfo set (#1683676)
* Mon Feb 25 2019 Kamil Dudka <kdudka@redhat.com> - 7.64.0-3
- prevent NetworkManager from leaking file descriptors (#1680198)
* Mon Feb 11 2019 Kamil Dudka <kdudka@redhat.com> - 7.64.0-2
- make zsh completion work again
* Wed Feb 06 2019 Kamil Dudka <kdudka@redhat.com> - 7.64.0-1
- new upstream release, which fixes the following vulnerabilities
CVE-2019-3823 - SMTP end-of-response out-of-bounds read
CVE-2019-3822 - NTLMv2 type-3 header stack buffer overflow
CVE-2018-16890 - NTLM type-2 out-of-bounds buffer read
* Mon Feb 04 2019 Kamil Dudka <kdudka@redhat.com> - 7.63.0-7
- prevent valgrind from reporting false positives on x86_64
* Thu Jan 31 2019 Fedora Release Engineering <releng@fedoraproject.org> - 7.63.0-6
- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
* Mon Jan 21 2019 Kamil Dudka <kdudka@redhat.com> - 7.63.0-5
- xattr: strip credentials from any URL that is stored (CVE-2018-20483)
* Fri Jan 04 2019 Kamil Dudka <kdudka@redhat.com> - 7.63.0-4
- replace 0105-curl-7.63.0-libstubgss-ldadd.patch by upstream patch
* Wed Dec 19 2018 Kamil Dudka <kdudka@redhat.com> - 7.63.0-3
- curl -J: do not append to the destination file (#1658574)
* Fri Dec 14 2018 Kamil Dudka <kdudka@redhat.com> - 7.63.0-2
- revert an upstream commit that broke `fedpkg new-sources` (#1659329)
* Wed Dec 12 2018 Kamil Dudka <kdudka@redhat.com> - 7.63.0-1
- new upstream release
* Wed Oct 31 2018 Kamil Dudka <kdudka@redhat.com> - 7.62.0-1
- new upstream release, which fixes the following vulnerabilities
CVE-2018-16839 - SASL password overflow via integer overflow
CVE-2018-16840 - use-after-free in handle close
CVE-2018-16842 - warning message out-of-buffer read
* Thu Oct 11 2018 Kamil Dudka <kdudka@redhat.com> - 7.61.1-3
- enable TLS 1.3 post-handshake auth in OpenSSL
- update the documentation of --tlsv1.0 in curl(1) man page
* Thu Oct 04 2018 Kamil Dudka <kdudka@redhat.com> - 7.61.1-2
- enforce versioned libpsl dependency for libcurl (#1631804)
- test320: update expected output for gnutls-3.6.4
- drop 0105-curl-7.61.0-tests-ssh-keygen.patch no longer needed (#1622594)
* Wed Sep 05 2018 Kamil Dudka <kdudka@redhat.com> - 7.61.1-1
- new upstream release, which fixes the following vulnerability
CVE-2018-14618 - NTLM password overflow via integer overflow
* Tue Sep 04 2018 Kamil Dudka <kdudka@redhat.com> - 7.61.0-8
- make the --tls13-ciphers option work
* Mon Aug 27 2018 Kamil Dudka <kdudka@redhat.com> - 7.61.0-7
- tests: make ssh-keygen always produce PEM format (#1622594)
* Wed Aug 15 2018 Kamil Dudka <kdudka@redhat.com> - 7.61.0-6
- scp/sftp: fix infinite connect loop on invalid private key (#1595135)
* Thu Aug 09 2018 Kamil Dudka <kdudka@redhat.com> - 7.61.0-5
- ssl: set engine implicitly when a PKCS#11 URI is provided (#1219544)
* Tue Aug 07 2018 Kamil Dudka <kdudka@redhat.com> - 7.61.0-4
- relax crypto policy for the test-suite to make it pass again (#1610888)
* Tue Jul 31 2018 Kamil Dudka <kdudka@redhat.com> - 7.61.0-3
- disable flaky test 1900, which covers deprecated HTTP pipelining
- adapt test 323 for updated OpenSSL
* Thu Jul 12 2018 Fedora Release Engineering <releng@fedoraproject.org> - 7.61.0-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
* Wed Jul 11 2018 Kamil Dudka <kdudka@redhat.com> - 7.61.0-1
- new upstream release, which fixes the following vulnerability
CVE-2018-0500 - SMTP send heap buffer overflow
* Tue Jul 10 2018 Kamil Dudka <kdudka@redhat.com> - 7.60.0-3
- enable support for brotli compression in libcurl-full
* Wed Jul 04 2018 Kamil Dudka <kdudka@redhat.com> - 7.60.0-2
- do not hard-wire path of the Python 3 interpreter
* Wed May 16 2018 Kamil Dudka <kdudka@redhat.com> - 7.60.0-1
- new upstream release, which fixes the following vulnerabilities
CVE-2018-1000300 - FTP shutdown response buffer overflow
CVE-2018-1000301 - RTSP bad headers buffer over-read
* Thu Mar 15 2018 Kamil Dudka <kdudka@redhat.com> - 7.59.0-3
- make the test-suite use Python 3
* Wed Mar 14 2018 Kamil Dudka <kdudka@redhat.com> - 7.59.0-2
- ftp: fix typo in recursive callback detection for seeking
* Wed Mar 14 2018 Kamil Dudka <kdudka@redhat.com> - 7.59.0-1
- new upstream release, which fixes the following vulnerabilities
CVE-2018-1000120 - FTP path trickery leads to NIL byte out of bounds write
CVE-2018-1000121 - LDAP NULL pointer dereference
CVE-2018-1000122 - RTSP RTP buffer over-read
* Mon Mar 12 2018 Kamil Dudka <kdudka@redhat.com> - 7.58.0-8
- http2: mark the connection for close on GOAWAY
* Mon Feb 19 2018 Paul Howarth <paul@city-fan.org> - 7.58.0-7
- Add explicity-used build requirements
- Fix libcurl soname version number in %files list to avoid accidental soname
bumps
* Thu Feb 15 2018 Paul Howarth <paul@city-fan.org> - 7.58.0-6
- switch to %ldconfig_scriptlets
- drop legacy BuildRoot: and Group: tags
- enforce versioned libssh dependency for libcurl
* Tue Feb 13 2018 Kamil Dudka <kdudka@redhat.com> - 7.58.0-5
- drop temporary workaround for #1540549
* Wed Feb 07 2018 Fedora Release Engineering <releng@fedoraproject.org> - 7.58.0-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild
* Wed Jan 31 2018 Kamil Dudka <kdudka@redhat.com> - 7.58.0-3
- temporarily work around internal compiler error on x86_64 (#1540549)
- disable brp-ldconfig to make RemovePathPostfixes work with shared libs again
* Wed Jan 24 2018 Andreas Schneider <asn@redhat.com> - 7.58.0-2
- use libssh (instead of libssh2) to implement SCP/SFTP in libcurl (#1531483)
* Wed Jan 24 2018 Kamil Dudka <kdudka@redhat.com> - 7.58.0-1
- new upstream release, which fixes the following vulnerabilities
CVE-2018-1000005 - curl: HTTP/2 trailer out-of-bounds read
CVE-2018-1000007 - curl: HTTP authentication leak in redirects
* Wed Nov 29 2017 Kamil Dudka <kdudka@redhat.com> - 7.57.0-1
- new upstream release, which fixes the following vulnerabilities
CVE-2017-8816 - curl: NTLM buffer overflow via integer overflow
CVE-2017-8817 - curl: FTP wildcard out of bounds read
CVE-2017-8818 - curl: SSL out of buffer access
* Mon Oct 23 2017 Kamil Dudka <kdudka@redhat.com> - 7.56.1-1
- new upstream release (fixes CVE-2017-1000257)
* Wed Oct 04 2017 Kamil Dudka <kdudka@redhat.com> - 7.56.0-1
- new upstream release (fixes CVE-2017-1000254)
* Mon Aug 28 2017 Kamil Dudka <kdudka@redhat.com> - 7.55.1-5
- apply the patch for the previous commit and fix its name (#1485702)
* Mon Aug 28 2017 Bastien Nocera <bnocera@redhat.com> - 7.55.1-4
- Fix NetworkManager connectivity check not working (#1485702)
* Tue Aug 22 2017 Kamil Dudka <kdudka@redhat.com> 7.55.1-3
- utilize system wide crypto policies for TLS (#1483972)
* Tue Aug 15 2017 Kamil Dudka <kdudka@redhat.com> 7.55.1-2
- make zsh completion work again
* Mon Aug 14 2017 Kamil Dudka <kdudka@redhat.com> 7.55.1-1
- new upstream release
* Wed Aug 09 2017 Kamil Dudka <kdudka@redhat.com> 7.55.0-1
- drop multilib fix for libcurl header files no longer needed
- new upstream release, which fixes the following vulnerabilities
CVE-2017-1000099 - FILE buffer read out of bounds
CVE-2017-1000100 - TFTP sends more than buffer size
CVE-2017-1000101 - URL globbing out of bounds read
* Wed Aug 02 2017 Fedora Release Engineering <releng@fedoraproject.org> - 7.54.1-8
- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild
* Fri Jul 28 2017 Florian Weimer <fweimer@redhat.com> - 7.54.1-7
- Rebuild with fixed binutils (#1475636)
* Fri Jul 28 2017 Igor Gnatenko <ignatenkobrain@fedoraproject.org> - 7.54.1-6
- Enable separate debuginfo back
* Thu Jul 27 2017 Kamil Dudka <kdudka@redhat.com> 7.54.1-5
- rebuild to fix broken linkage of cmake on ppc64le
|
