Sun, 05 May 2024 01:58:21 UTC | login

Information for build curl-7.85.0-2.fc37

ID221186
Package Namecurl
Version7.85.0
Release2.fc37
Epoch
Sourcegit+https://src.fedoraproject.org/rpms/curl.git#be756f3365ad749974618579dfd32dfbf644a53b
SummaryA utility for getting files from remote servers (FTP, HTTP, and others)
Descriptioncurl is a command line tool for transferring data with URL syntax, supporting FTP, FTPS, HTTP, HTTPS, SCP, SFTP, TFTP, TELNET, DICT, LDAP, LDAPS, FILE, IMAP, SMTP, POP3 and RTSP. curl supports SSL certificates, HTTP POST, HTTP PUT, FTP uploading, HTTP form based upload, proxies, cookies, user+password authentication (Basic, Digest, NTLM, Negotiate, kerberos...), file transfer resume, proxy tunneling and a busload of other useful tricks.
Built bydavidlt
State complete
Volume DEFAULT
StartedTue, 15 Nov 2022 15:14:57 UTC
CompletedTue, 15 Nov 2022 18:02:23 UTC
Taskbuild (f37, /rpms/curl.git:be756f3365ad749974618579dfd32dfbf644a53b)
Extra{'source': {'original_url': 'git+https://src.fedoraproject.org/rpms/curl.git#be756f3365ad749974618579dfd32dfbf644a53b'}}
Tags
f37
RPMs
src
curl-7.85.0-2.fc37.src.rpm (info) (download)
riscv64
curl-7.85.0-2.fc37.riscv64.rpm (info) (download)
curl-minimal-7.85.0-2.fc37.riscv64.rpm (info) (download)
libcurl-7.85.0-2.fc37.riscv64.rpm (info) (download)
libcurl-devel-7.85.0-2.fc37.riscv64.rpm (info) (download)
libcurl-minimal-7.85.0-2.fc37.riscv64.rpm (info) (download)
curl-debuginfo-7.85.0-2.fc37.riscv64.rpm (info) (download)
curl-debugsource-7.85.0-2.fc37.riscv64.rpm (info) (download)
curl-minimal-debuginfo-7.85.0-2.fc37.riscv64.rpm (info) (download)
libcurl-debuginfo-7.85.0-2.fc37.riscv64.rpm (info) (download)
libcurl-minimal-debuginfo-7.85.0-2.fc37.riscv64.rpm (info) (download)
Logs
riscv64
build.log
hw_info.log
mock_output.log
root.log
state.log
Changelog * Wed Oct 26 2022 Kamil Dudka <kdudka@redhat.com> - 7.85.0-2 - url: use IDN decoded names for HSTS checks (CVE-2022-42916) - http_proxy: restore the protocol pointer on error (CVE-2022-42915) - netrc: replace fgets with Curl_get_line (CVE-2022-35260) - fix POST following PUT confusion (CVE-2022-32221) * Thu Sep 01 2022 Kamil Dudka <kdudka@redhat.com> - 7.85.0-1 - new upstream release, which fixes the following vulnerability CVE-2022-35252 - control code in cookie denial of service * Thu Aug 25 2022 Kamil Dudka <kdudka@redhat.com> - 7.84.0-3 - tests: fix http2 tests to use CRLF headers to make it work with nghttp2-1.49.0 * Wed Jul 20 2022 Fedora Release Engineering <releng@fedoraproject.org> - 7.84.0-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild * Mon Jun 27 2022 Kamil Dudka <kdudka@redhat.com> - 7.84.0-1 - new upstream release, which fixes the following vulnerabilities CVE-2022-32207 - Unpreserved file permissions CVE-2022-32205 - Set-Cookie denial of service CVE-2022-32206 - HTTP compression denial of service CVE-2022-32208 - FTP-KRB bad message verification * Wed May 11 2022 Kamil Dudka <kdudka@redhat.com> - 7.83.1-1 - new upstream release, which fixes the following vulnerabilities CVE-2022-27782 - fix too eager reuse of TLS and SSH connections CVE-2022-27779 - do not accept cookies for TLD with trailing dot CVE-2022-27778 - do not remove wrong file on error CVE-2022-30115 - hsts: ignore trailing dots when comparing hosts names CVE-2022-27780 - reject percent-encoded path separator in URL host * Wed Apr 27 2022 Kamil Dudka <kdudka@redhat.com> - 7.83.0-1 - new upstream release, which fixes the following vulnerabilities CVE-2022-27774 - curl credential leak on redirect CVE-2022-27776 - curl auth/cookie leak on redirect CVE-2022-27775 - curl bad local IPv6 connection reuse CVE-2022-22576 - curl OAUTH2 bearer bypass in connection re-use * Tue Mar 15 2022 Kamil Dudka <kdudka@redhat.com> - 7.82.0-2 - openssl: fix incorrect CURLE_OUT_OF_MEMORY error on CN check failure * Sat Mar 05 2022 Kamil Dudka <kdudka@redhat.com> - 7.82.0-1 - new upstream release * Thu Feb 24 2022 Kamil Dudka <kdudka@redhat.com> - 7.81.0-4 - enable IDN support also in libcurl-minimal * Thu Feb 10 2022 Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl> - 7.81.0-3 - Suggest libcurl-minimal in curl-minimal * Thu Jan 20 2022 Fedora Release Engineering <releng@fedoraproject.org> - 7.81.0-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild * Wed Jan 05 2022 Kamil Dudka <kdudka@redhat.com> - 7.81.0-1 - new upstream release * Sun Nov 14 2021 Paul Howarth <paul@city-fan.org> - 7.80.0-2 - sshserver.pl (used in test suite) now requires the Digest::SHA perl module * Wed Nov 10 2021 Kamil Dudka <kdudka@redhat.com> - 7.80.0-1 - new upstream release * Tue Oct 26 2021 Kamil Dudka <kdudka@redhat.com> - 7.79.1-3 - re-enable HSTS in libcurl-minimal as a security feature (#2005874) * Mon Oct 04 2021 Kamil Dudka <kdudka@redhat.com> - 7.79.1-2 - disable more protocols and features in libcurl-minimal (#2005874) * Wed Sep 22 2021 Kamil Dudka <kdudka@redhat.com> - 7.79.1-1 - new upstream release * Thu Sep 16 2021 Kamil Dudka <kdudka@redhat.com> - 7.79.0-4 - fix regression in http2 implementation introduced in the last release * Thu Sep 16 2021 Sahana Prasad <sahana@redhat.com> - 7.79.0-3 - Rebuilt with OpenSSL 3.0.0 * Thu Sep 16 2021 Kamil Dudka <kdudka@redhat.com> - 7.79.0-2 - make SCP/SFTP tests work with openssh-8.7p1 * Wed Sep 15 2021 Kamil Dudka <kdudka@redhat.com> - 7.79.0-1 - new upstream release, which fixes the following vulnerabilities CVE-2021-22947 - STARTTLS protocol injection via MITM CVE-2021-22946 - protocol downgrade required TLS bypassed CVE-2021-22945 - use-after-free and double-free in MQTT sending * Tue Sep 14 2021 Sahana Prasad <sahana@redhat.com> - 7.78.0-4 - Rebuilt with OpenSSL 3.0.0 * Fri Jul 23 2021 Kamil Dudka <kdudka@redhat.com> - 7.78.0-3 - make explicit dependency on openssl work with alpha/beta builds of openssl * Wed Jul 21 2021 Fedora Release Engineering <releng@fedoraproject.org> - 7.78.0-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild * Wed Jul 21 2021 Kamil Dudka <kdudka@redhat.com> - 7.78.0-1 - new upstream release, which fixes the following vulnerabilities CVE-2021-22925 - TELNET stack contents disclosure again CVE-2021-22924 - bad connection reuse due to flawed path name checks CVE-2021-22923 - metalink download sends credentials CVE-2021-22922 - wrong content via metalink not discarded * Wed Jun 02 2021 Kamil Dudka <kdudka@redhat.com> - 7.77.0-2 - build the curl tool without metalink support (#1967213) * Wed May 26 2021 Kamil Dudka <kdudka@redhat.com> - 7.77.0-1 - new upstream release, which fixes the following vulnerabilities CVE-2021-22901 - TLS session caching disaster CVE-2021-22898 - TELNET stack contents disclosure * Mon May 03 2021 Kamil Dudka <kdudka@redhat.com> - 7.76.1-2 - http2: fix resource leaks detected by Coverity * Wed Apr 14 2021 Kamil Dudka <kdudka@redhat.com> - 7.76.1-1 - new upstream release * Wed Mar 31 2021 Kamil Dudka <kdudka@redhat.com> - 7.76.0-1 - new upstream release, which fixes the following vulnerabilities CVE-2021-22890 - TLS 1.3 session ticket proxy host mixup CVE-2021-22876 - Automatic referer leaks credentials * Wed Mar 24 2021 Kamil Dudka <kdudka@redhat.com> - 7.75.0-3 - fix SIGSEGV upon disconnect of a ldaps:// transfer * Tue Feb 23 2021 Kamil Dudka <kdudka@redhat.com> - 7.75.0-2 - build-require python3-impacket only on Fedora * Wed Feb 03 2021 Kamil Dudka <kdudka@redhat.com> - 7.75.0-1 - new upstream release * Tue Jan 26 2021 Kamil Dudka <kdudka@redhat.com> - 7.74.0-4 - do not use stunnel for tests on s390x builds to avoid spurious failures * Tue Jan 26 2021 Fedora Release Engineering <releng@fedoraproject.org> - 7.74.0-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild * Wed Dec 09 2020 Kamil Dudka <kdudka@redhat.com> - 7.74.0-2 - do not rewrite shebangs in test-suite to use python3 explicitly * Wed Dec 09 2020 Kamil Dudka <kdudka@redhat.com> - 7.74.0-1 - new upstream release, which fixes the following vulnerabilities CVE-2020-8286 - curl: Inferior OCSP verification CVE-2020-8285 - libcurl: FTP wildcard stack overflow CVE-2020-8284 - curl: trusting FTP PASV responses