Fri, 22 Nov 2024 20:24:39 UTC | login

Information for build curl-8.4.0-1.fc40

ID263519
Package Namecurl
Version8.4.0
Release1.fc40
Epoch
Sourcegit+https://src.fedoraproject.org/rpms/curl.git#cb17cbc66ada184c1016dc88d4573a91f9ce3481
SummaryA utility for getting files from remote servers (FTP, HTTP, and others)
Descriptioncurl is a command line tool for transferring data with URL syntax, supporting FTP, FTPS, HTTP, HTTPS, SCP, SFTP, TFTP, TELNET, DICT, LDAP, LDAPS, FILE, IMAP, SMTP, POP3 and RTSP. curl supports SSL certificates, HTTP POST, HTTP PUT, FTP uploading, HTTP form based upload, proxies, cookies, user+password authentication (Basic, Digest, NTLM, Negotiate, kerberos...), file transfer resume, proxy tunneling and a busload of other useful tricks.
Built bydavidlt
State complete
Volume DEFAULT
StartedSun, 03 Dec 2023 13:48:21 UTC
CompletedSun, 03 Dec 2023 16:08:29 UTC
Taskbuild (f40, /rpms/curl.git:cb17cbc66ada184c1016dc88d4573a91f9ce3481)
Extra{'source': {'original_url': 'git+https://src.fedoraproject.org/rpms/curl.git#cb17cbc66ada184c1016dc88d4573a91f9ce3481'}}
Tags
f40
RPMs
src
curl-8.4.0-1.fc40.src.rpm (info) (download)
riscv64
curl-8.4.0-1.fc40.riscv64.rpm (info) (download)
curl-minimal-8.4.0-1.fc40.riscv64.rpm (info) (download)
libcurl-8.4.0-1.fc40.riscv64.rpm (info) (download)
libcurl-devel-8.4.0-1.fc40.riscv64.rpm (info) (download)
libcurl-minimal-8.4.0-1.fc40.riscv64.rpm (info) (download)
curl-debuginfo-8.4.0-1.fc40.riscv64.rpm (info) (download)
curl-debugsource-8.4.0-1.fc40.riscv64.rpm (info) (download)
curl-minimal-debuginfo-8.4.0-1.fc40.riscv64.rpm (info) (download)
libcurl-debuginfo-8.4.0-1.fc40.riscv64.rpm (info) (download)
libcurl-minimal-debuginfo-8.4.0-1.fc40.riscv64.rpm (info) (download)
Logs
riscv64
hw_info.log
state.log
build.log
root.log
mock_output.log
Changelog * Wed Oct 11 2023 Jan Macku <jamacku@redhat.com> - 8.4.0-1 - new upstream release, which fixes the following vulnerabilities CVE-2023-38545 - SOCKS5 heap buffer overflow CVE-2023-38546 - cookie injection with none file * Wed Sep 13 2023 Jan Macku <jamacku@redhat.com> - 8.3.0-1 - new upstream release, which fixes the following vulnerabilities CVE-2023-38039 - HTTP headers eat all memory * Wed Aug 02 2023 Jan Macku <jamacku@redhat.com> - 8.2.1-2 - enable websockets (#2224651) * Wed Jul 26 2023 Lukáš Zaoral <lzaoral@redhat.com> - 8.2.1-1 - new upstream release (rhbz#2226659) * Wed Jul 19 2023 Jan Macku <jamacku@redhat.com> - 8.2.0-1 - new upstream release, which fixes the following vulnerabilities CVE-2023-32001 - fopen race condition * Tue May 30 2023 Jan Macku <jamacku@redhat.com> - 8.1.2-1 - new upstream release, with small bugfixes and improvements * Tue May 23 2023 Jan Macku <jamacku@redhat.com> - 8.1.1-1 - new upstream release, with small bugfixes and improvements * Wed May 17 2023 Kamil Dudka <kdudka@redhat.com> - 8.1.0-1 - new upstream release, which fixes the following vulnerabilities CVE-2023-28321 - IDN wildcard match CVE-2023-28322 - more POST-after-PUT confusion * Fri Apr 21 2023 Kamil Dudka <kdudka@redhat.com> - 8.0.1-3 - tests: re-enable temporarily disabled test-cases - tests: attempt to fix a conflict on port numbers - apply patches automatically * Tue Mar 21 2023 Lukáš Zaoral <lzaoral@redhat.com> - 8.0.1-2 - migrated to SPDX license * Mon Mar 20 2023 Kamil Dudka <kdudka@redhat.com> - 8.0.1-1 - new upstream release * Mon Mar 20 2023 Kamil Dudka <kdudka@redhat.com> - 8.0.0-1 - new upstream release, which fixes the following vulnerabilities CVE-2023-27538 - SSH connection too eager reuse still CVE-2023-27537 - HSTS double-free CVE-2023-27536 - GSS delegation too eager connection re-use CVE-2023-27535 - FTP too eager connection reuse CVE-2023-27534 - SFTP path ~ resolving discrepancy CVE-2023-27533 - TELNET option IAC injection * Mon Feb 20 2023 Kamil Dudka <kdudka@redhat.com> - 7.88.1-1 - new upstream release * Fri Feb 17 2023 Kamil Dudka <kdudka@redhat.com> - 7.88.0-2 - http2: set drain on stream end * Wed Feb 15 2023 Kamil Dudka <kdudka@redhat.com> - 7.88.0-1 - new upstream release, which fixes the following vulnerabilities CVE-2023-23916 - HTTP multi-header compression denial of service CVE-2023-23915 - HSTS amnesia with --parallel CVE-2023-23914 - HSTS ignored on multiple requests * Fri Jan 20 2023 Kamil Dudka <kdudka@redhat.com> - 7.87.0-4 - fix regression in a public header file (#2162716) * Thu Jan 19 2023 Fedora Release Engineering <releng@fedoraproject.org> - 7.87.0-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild * Wed Jan 11 2023 Kamil Dudka <kdudka@redhat.com> - 7.87.0-2 - test3012: temporarily disable valgrind (#2143040) * Wed Dec 21 2022 Kamil Dudka <kdudka@redhat.com> - 7.87.0-1 - new upstream release, which fixes the following vulnerabilities CVE-2022-43552 - HTTP Proxy deny use-after-free CVE-2022-43551 - Another HSTS bypass via IDN * Tue Nov 29 2022 Kamil Dudka <kdudka@redhat.com> - 7.86.0-4 - noproxy: tailmatch like in 7.85.0 and earlier (#2149224) * Thu Nov 24 2022 Kamil Dudka <kdudka@redhat.com> - 7.86.0-3 - enforce versioned libnghttp2 dependency for libcurl (#2144277) * Mon Oct 31 2022 Kamil Dudka <kdudka@redhat.com> - 7.86.0-2 - fix regression in noproxy matching * Wed Oct 26 2022 Kamil Dudka <kdudka@redhat.com> - 7.86.0-1 - new upstream release, which fixes the following vulnerabilities CVE-2022-42916 - HSTS bypass via IDN CVE-2022-42915 - HTTP proxy double-free CVE-2022-35260 - .netrc parser out-of-bounds access CVE-2022-32221 - POST following PUT confusion * Thu Sep 01 2022 Kamil Dudka <kdudka@redhat.com> - 7.85.0-1 - new upstream release, which fixes the following vulnerability CVE-2022-35252 - control code in cookie denial of service * Thu Aug 25 2022 Kamil Dudka <kdudka@redhat.com> - 7.84.0-3 - tests: fix http2 tests to use CRLF headers to make it work with nghttp2-1.49.0 * Wed Jul 20 2022 Fedora Release Engineering <releng@fedoraproject.org> - 7.84.0-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild * Mon Jun 27 2022 Kamil Dudka <kdudka@redhat.com> - 7.84.0-1 - new upstream release, which fixes the following vulnerabilities CVE-2022-32207 - Unpreserved file permissions CVE-2022-32205 - Set-Cookie denial of service CVE-2022-32206 - HTTP compression denial of service CVE-2022-32208 - FTP-KRB bad message verification * Wed May 11 2022 Kamil Dudka <kdudka@redhat.com> - 7.83.1-1 - new upstream release, which fixes the following vulnerabilities CVE-2022-27782 - fix too eager reuse of TLS and SSH connections CVE-2022-27779 - do not accept cookies for TLD with trailing dot CVE-2022-27778 - do not remove wrong file on error CVE-2022-30115 - hsts: ignore trailing dots when comparing hosts names CVE-2022-27780 - reject percent-encoded path separator in URL host * Wed Apr 27 2022 Kamil Dudka <kdudka@redhat.com> - 7.83.0-1 - new upstream release, which fixes the following vulnerabilities CVE-2022-27774 - curl credential leak on redirect CVE-2022-27776 - curl auth/cookie leak on redirect CVE-2022-27775 - curl bad local IPv6 connection reuse CVE-2022-22576 - curl OAUTH2 bearer bypass in connection re-use * Tue Mar 15 2022 Kamil Dudka <kdudka@redhat.com> - 7.82.0-2 - openssl: fix incorrect CURLE_OUT_OF_MEMORY error on CN check failure * Sat Mar 05 2022 Kamil Dudka <kdudka@redhat.com> - 7.82.0-1 - new upstream release * Thu Feb 24 2022 Kamil Dudka <kdudka@redhat.com> - 7.81.0-4 - enable IDN support also in libcurl-minimal * Thu Feb 10 2022 Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl> - 7.81.0-3 - Suggest libcurl-minimal in curl-minimal * Thu Jan 20 2022 Fedora Release Engineering <releng@fedoraproject.org> - 7.81.0-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild * Wed Jan 05 2022 Kamil Dudka <kdudka@redhat.com> - 7.81.0-1 - new upstream release * Sun Nov 14 2021 Paul Howarth <paul@city-fan.org> - 7.80.0-2 - sshserver.pl (used in test suite) now requires the Digest::SHA perl module * Wed Nov 10 2021 Kamil Dudka <kdudka@redhat.com> - 7.80.0-1 - new upstream release * Tue Oct 26 2021 Kamil Dudka <kdudka@redhat.com> - 7.79.1-3 - re-enable HSTS in libcurl-minimal as a security feature (#2005874)