curl-7.87.0-8.fc38 | Build Info

Information for build curl-7.87.0-8.fc38

245237

Package Name

curl

Version

7.87.0

Release

8.fc38

Epoch

Source

git+https://src.fedoraproject.org/rpms/curl.git#7a1d94d30cbb5b05d30659355ea407955b49905b

Summary

A utility for getting files from remote servers (FTP, HTTP, and others)

Description

curl is a command line tool for transferring data with URL syntax, supporting FTP, FTPS, HTTP, HTTPS, SCP, SFTP, TFTP, TELNET, DICT, LDAP, LDAPS, FILE, IMAP, SMTP, POP3 and RTSP. curl supports SSL certificates, HTTP POST, HTTP PUT, FTP uploading, HTTP form based upload, proxies, cookies, user+password authentication (Basic, Digest, NTLM, Negotiate, kerberos...), file transfer resume, proxy tunneling and a busload of other useful tricks.

Built by

davidlt

State

complete

Volume

DEFAULT

Started

Fri, 28 Apr 2023 16:37:54 UTC

Completed

Fri, 28 Apr 2023 18:22:13 UTC

Task

build (f38, /rpms/curl.git:7a1d94d30cbb5b05d30659355ea407955b49905b)

Extra

{'source': {'original_url': 'git+https://src.fedoraproject.org/rpms/curl.git#7a1d94d30cbb5b05d30659355ea407955b49905b'}}

Tags

f38

RPMs

src
	curl-7.87.0-8.fc38.src.rpm (info) (download)
riscv64
	curl-7.87.0-8.fc38.riscv64.rpm (info) (download)
	curl-minimal-7.87.0-8.fc38.riscv64.rpm (info) (download)
	libcurl-7.87.0-8.fc38.riscv64.rpm (info) (download)
	libcurl-devel-7.87.0-8.fc38.riscv64.rpm (info) (download)
	libcurl-minimal-7.87.0-8.fc38.riscv64.rpm (info) (download)
	curl-debuginfo-7.87.0-8.fc38.riscv64.rpm (info) (download)
	curl-debugsource-7.87.0-8.fc38.riscv64.rpm (info) (download)
	curl-minimal-debuginfo-7.87.0-8.fc38.riscv64.rpm (info) (download)
	libcurl-debuginfo-7.87.0-8.fc38.riscv64.rpm (info) (download)
	libcurl-minimal-debuginfo-7.87.0-8.fc38.riscv64.rpm (info) (download)

Logs

riscv64
	hw_info.log
	state.log
	build.log
	root.log
	mock_output.log

Changelog

* Fri Apr 21 2023 Kamil Dudka <kdudka@redhat.com> - 7.87.0-8 - cfilters: use the first non-connected filter (#2185433) * Fri Mar 24 2023 Kamil Dudka <kdudka@redhat.com> - 7.87.0-7 - fix SSH connection too eager reuse still (CVE-2023-27538) - fix HSTS double-free (CVE-2023-27537) - fix GSS delegation too eager connection re-use (CVE-2023-27536) - fix FTP too eager connection reuse (CVE-2023-27535) - fix SFTP path ~ resolving discrepancy (CVE-2023-27534) - fix TELNET option IAC injection (CVE-2023-27533) * Wed Mar 15 2023 Kamil Dudka <kdudka@redhat.com> - 7.87.0-6 - tests: make sure gnuserv-tls has SRP support before using it * Wed Feb 15 2023 Kamil Dudka <kdudka@redhat.com> - 7.87.0-5 - fix HTTP multi-header compression denial of service (CVE-2023-23916) - share HSTS between handles (CVE-2023-23915 CVE-2023-23914) * Fri Jan 20 2023 Kamil Dudka <kdudka@redhat.com> - 7.87.0-4 - fix regression in a public header file (#2162716) * Thu Jan 19 2023 Fedora Release Engineering <releng@fedoraproject.org> - 7.87.0-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild * Wed Jan 11 2023 Kamil Dudka <kdudka@redhat.com> - 7.87.0-2 - test3012: temporarily disable valgrind (#2143040) * Wed Dec 21 2022 Kamil Dudka <kdudka@redhat.com> - 7.87.0-1 - new upstream release, which fixes the following vulnerabilities CVE-2022-43552 - HTTP Proxy deny use-after-free CVE-2022-43551 - Another HSTS bypass via IDN * Tue Nov 29 2022 Kamil Dudka <kdudka@redhat.com> - 7.86.0-4 - noproxy: tailmatch like in 7.85.0 and earlier (#2149224) * Thu Nov 24 2022 Kamil Dudka <kdudka@redhat.com> - 7.86.0-3 - enforce versioned libnghttp2 dependency for libcurl (#2144277) * Mon Oct 31 2022 Kamil Dudka <kdudka@redhat.com> - 7.86.0-2 - fix regression in noproxy matching * Wed Oct 26 2022 Kamil Dudka <kdudka@redhat.com> - 7.86.0-1 - new upstream release, which fixes the following vulnerabilities CVE-2022-42916 - HSTS bypass via IDN CVE-2022-42915 - HTTP proxy double-free CVE-2022-35260 - .netrc parser out-of-bounds access CVE-2022-32221 - POST following PUT confusion * Thu Sep 01 2022 Kamil Dudka <kdudka@redhat.com> - 7.85.0-1 - new upstream release, which fixes the following vulnerability CVE-2022-35252 - control code in cookie denial of service * Thu Aug 25 2022 Kamil Dudka <kdudka@redhat.com> - 7.84.0-3 - tests: fix http2 tests to use CRLF headers to make it work with nghttp2-1.49.0 * Wed Jul 20 2022 Fedora Release Engineering <releng@fedoraproject.org> - 7.84.0-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild * Mon Jun 27 2022 Kamil Dudka <kdudka@redhat.com> - 7.84.0-1 - new upstream release, which fixes the following vulnerabilities CVE-2022-32207 - Unpreserved file permissions CVE-2022-32205 - Set-Cookie denial of service CVE-2022-32206 - HTTP compression denial of service CVE-2022-32208 - FTP-KRB bad message verification * Wed May 11 2022 Kamil Dudka <kdudka@redhat.com> - 7.83.1-1 - new upstream release, which fixes the following vulnerabilities CVE-2022-27782 - fix too eager reuse of TLS and SSH connections CVE-2022-27779 - do not accept cookies for TLD with trailing dot CVE-2022-27778 - do not remove wrong file on error CVE-2022-30115 - hsts: ignore trailing dots when comparing hosts names CVE-2022-27780 - reject percent-encoded path separator in URL host * Wed Apr 27 2022 Kamil Dudka <kdudka@redhat.com> - 7.83.0-1 - new upstream release, which fixes the following vulnerabilities CVE-2022-27774 - curl credential leak on redirect CVE-2022-27776 - curl auth/cookie leak on redirect CVE-2022-27775 - curl bad local IPv6 connection reuse CVE-2022-22576 - curl OAUTH2 bearer bypass in connection re-use * Tue Mar 15 2022 Kamil Dudka <kdudka@redhat.com> - 7.82.0-2 - openssl: fix incorrect CURLE_OUT_OF_MEMORY error on CN check failure * Sat Mar 05 2022 Kamil Dudka <kdudka@redhat.com> - 7.82.0-1 - new upstream release * Thu Feb 24 2022 Kamil Dudka <kdudka@redhat.com> - 7.81.0-4 - enable IDN support also in libcurl-minimal * Thu Feb 10 2022 Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl> - 7.81.0-3 - Suggest libcurl-minimal in curl-minimal * Thu Jan 20 2022 Fedora Release Engineering <releng@fedoraproject.org> - 7.81.0-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild * Wed Jan 05 2022 Kamil Dudka <kdudka@redhat.com> - 7.81.0-1 - new upstream release * Sun Nov 14 2021 Paul Howarth <paul@city-fan.org> - 7.80.0-2 - sshserver.pl (used in test suite) now requires the Digest::SHA perl module * Wed Nov 10 2021 Kamil Dudka <kdudka@redhat.com> - 7.80.0-1 - new upstream release * Tue Oct 26 2021 Kamil Dudka <kdudka@redhat.com> - 7.79.1-3 - re-enable HSTS in libcurl-minimal as a security feature (#2005874) * Mon Oct 04 2021 Kamil Dudka <kdudka@redhat.com> - 7.79.1-2 - disable more protocols and features in libcurl-minimal (#2005874) * Wed Sep 22 2021 Kamil Dudka <kdudka@redhat.com> - 7.79.1-1 - new upstream release * Thu Sep 16 2021 Kamil Dudka <kdudka@redhat.com> - 7.79.0-4 - fix regression in http2 implementation introduced in the last release * Thu Sep 16 2021 Sahana Prasad <sahana@redhat.com> - 7.79.0-3 - Rebuilt with OpenSSL 3.0.0 * Thu Sep 16 2021 Kamil Dudka <kdudka@redhat.com> - 7.79.0-2 - make SCP/SFTP tests work with openssh-8.7p1 * Wed Sep 15 2021 Kamil Dudka <kdudka@redhat.com> - 7.79.0-1 - new upstream release, which fixes the following vulnerabilities CVE-2021-22947 - STARTTLS protocol injection via MITM CVE-2021-22946 - protocol downgrade required TLS bypassed CVE-2021-22945 - use-after-free and double-free in MQTT sending * Tue Sep 14 2021 Sahana Prasad <sahana@redhat.com> - 7.78.0-4 - Rebuilt with OpenSSL 3.0.0 * Fri Jul 23 2021 Kamil Dudka <kdudka@redhat.com> - 7.78.0-3 - make explicit dependency on openssl work with alpha/beta builds of openssl * Wed Jul 21 2021 Fedora Release Engineering <releng@fedoraproject.org> - 7.78.0-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild * Wed Jul 21 2021 Kamil Dudka <kdudka@redhat.com> - 7.78.0-1 - new upstream release, which fixes the following vulnerabilities CVE-2021-22925 - TELNET stack contents disclosure again CVE-2021-22924 - bad connection reuse due to flawed path name checks CVE-2021-22923 - metalink download sends credentials CVE-2021-22922 - wrong content via metalink not discarded * Wed Jun 02 2021 Kamil Dudka <kdudka@redhat.com> - 7.77.0-2 - build the curl tool without metalink support (#1967213) * Wed May 26 2021 Kamil Dudka <kdudka@redhat.com> - 7.77.0-1 - new upstream release, which fixes the following vulnerabilities CVE-2021-22901 - TLS session caching disaster CVE-2021-22898 - TELNET stack contents disclosure * Mon May 03 2021 Kamil Dudka <kdudka@redhat.com> - 7.76.1-2 - http2: fix resource leaks detected by Coverity

Main Site Links:

Information for build curl-7.87.0-8.fc38