rpms
/
curl
2
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
365 Commits 42 Branches 269 Tags 2.7 MiB
Commit Graph

338 Commits

Author SHA1 Message Date
Kamil Dudka a612826260 Resolves: CVE-2016-9586 - fix floating point buffer overflow issues 2016-12-23 12:45:36 +01:00
Kamil Dudka 3226149d73 Resolves: CVE-2016-8615 - fix cookie injection for other servers 2016-11-02 18:10:51 +01:00
Kamil Dudka b9022e2512 Resolves: CVE-2016-8616 - compare user/passwd case-sensitively while reusing connections 2016-11-02 18:10:51 +01:00
Kamil Dudka aab38786d3 Resolves: CVE-2016-8617 - base64: check for integer overflow on large input 2016-11-02 18:10:50 +01:00
Kamil Dudka 48891bfbad Resolves: CVE-2016-8619 - fix double-free in krb5 code 2016-11-02 18:10:50 +01:00
Kamil Dudka a9c0e68d9c Resolves: CVE-2016-8618 - fix double-free in curl_maprintf() 2016-11-02 18:10:49 +01:00
Kamil Dudka b8f34f331c Resolves: CVE-2016-8620 - fix glob parser write/read out of bounds 2016-11-02 18:10:21 +01:00
Kamil Dudka f4a6154810 Resolves: CVE-2016-8621 - fix out-of-bounds read in curl_getdate() 2016-11-02 17:21:38 +01:00
Kamil Dudka 7c7cf92ea9 Resolves: CVE-2016-8622 - fix URL unescape heap overflow via integer truncation 2016-11-02 17:16:59 +01:00
Kamil Dudka 6e32112b9a Resolves: CVE-2016-8623 - fix use-after-free via shared cookies 2016-11-02 16:56:45 +01:00
Kamil Dudka 8cc82f17a1 Resolves: CVE-2016-8624 - urlparse: accept '#' as end of host name 2016-11-02 16:50:01 +01:00
Kamil Dudka 6c0c913605 run autoreconf in %prep to avoid patching Makefile.in files from now on 2016-11-02 16:47:42 +01:00
Kamil Dudka d178d238e4 Resolves: CVE-2016-7167 - reject negative string lengths in curl_easy_[un]escape() 2016-09-14 11:59:13 +02:00
Kamil Dudka c1383a09aa work around race condition in PK11_FindSlotByName() 
Bug: https://bugzilla.mozilla.org/1297397
 2016-08-26 15:46:58 +02:00
Kamil Dudka 4207564392 Related: CVE-2016-5420 - fix incorrect use of a previously loaded certificate from file 2016-08-26 15:43:09 +02:00
Kamil Dudka 8ef834caac Resolves: CVE-2016-5420 - fix re-using connections with wrong client cert 2016-08-03 17:01:07 +02:00
Kamil Dudka 22a15a2535 Resolves: CVE-2016-5419 - fix TLS session resumption client cert bypass 2016-08-03 17:00:57 +02:00
Kamil Dudka 8288db1fc2 Resolves: CVE-2016-5421 - fix use of connection struct after free 2016-08-03 17:00:44 +02:00
Kamil Dudka fb0bc4b8e6 Resolves: #1340757 - fix SIGSEGV of the curl tool 
... while parsing URL with too many globs
 2016-06-03 13:34:39 +02:00
Kamil Dudka e2daf98253 Resolves: #1308791 - do not refuse cookies for localhost 2016-03-03 00:42:56 +01:00
Kamil Dudka e57a741556 make SCP and SFTP test-cases work with up2date OpenSSH 2016-02-17 13:08:22 +01:00
Kamil Dudka 1e7ba88548 Resolves: #1305701 - enable support for Public Suffix List 2016-02-10 18:54:34 +01:00
Kamil Dudka 127274be95 new upstream release - 7.47.1 2016-02-08 12:30:15 +01:00
Dennis Gilmore 5af23e27ef - Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild 2016-02-03 18:21:15 +00:00
Paul Howarth ec00e90a49 Prefer %global over %define 2016-02-02 11:32:20 +00:00
Kamil Dudka 40933f3c05 new upstream release - 7.47.0 (fixes CVE-2016-0755) 2016-01-27 09:20:36 +01:00
Kamil Dudka 92a4396c47 Resolves: #1288529 - own /usr/share/zsh/site-functions 
... instead of requiring zsh
 2015-12-04 15:41:44 +01:00
Kamil Dudka 7c41b922e3 disable silent builds 
Suggested-by: Paul Howarth
 2015-12-02 13:37:59 +01:00
Kamil Dudka 7ee26673d3 use default port numbers when running the upstream test-suite 2015-12-02 13:17:27 +01:00
Kamil Dudka 638c8f1abc install zsh completion script 2015-12-02 12:43:14 +01:00
Kamil Dudka 62fef86fa4 new upstream release - 7.46.0 2015-12-02 10:51:11 +01:00
Paul Howarth b1cf0d53ef new upstream release - 7.45.0 2015-10-07 14:43:06 +01:00
Kamil Dudka 1dcbbd628a Resolves: #1104597 - prevent NSS from incorrectly re-using a session 2015-09-18 18:13:13 +02:00
Kamil Dudka 8b89049610 better explain the conditional BR on valgrind 2015-08-27 16:06:46 +02:00
Kamil Dudka bfaeb9dd10 new upstream release - 7.44.0 2015-08-12 12:05:13 +02:00
Kamil Dudka c6f2e7c0fe Resolves: #1248389 - prevent dnf from crashing when using both FTP and HTTP 2015-07-30 15:27:33 +02:00
Kamil Dudka cdae22a40d test1801: completely disable the test-case 
Bug: https://github.com/bagder/curl/commit/21e82bd6#commitcomment-12226582
 2015-07-17 16:36:36 +02:00
Kamil Dudka ad3e87c230 test1801: temporarily disable failing data check 2015-07-17 14:48:53 +02:00
Kamil Dudka e40065e6ae build support for the HTTP/2 protocol 2015-07-16 13:31:08 +02:00
Kamil Dudka 712c550596 new upstream release - 7.43.0 (fixes CVE-2015-3236 and CVE-2015-3237) 2015-06-17 16:25:33 +02:00
Dennis Gilmore a21f0d7f44 - Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild 2015-06-17 03:33:56 +00:00
Kamil Dudka 88ed685bb7 Resolves: #1228363 - curl-config --libs now works on x86_64 
... without libcurl-devel.x86_64
 2015-06-05 13:23:20 +02:00
Kamil Dudka d60ef0c155 new upstream release - 7.42.1 (fixes CVE-2015-3153) 2015-04-29 09:51:18 +02:00
Kamil Dudka 1307476790 do not run flaky test-cases in %check 2015-04-22 15:45:07 +02:00
Kamil Dudka 54e48b0348 Resolves: #1195771 - implement public key pinning for NSS backend 2015-04-22 15:01:09 +02:00
Kamil Dudka 167643f9ce new upstream release - 7.42.0 
Fixes CVE-2015-3143, CVE-2015-3144, CVE-2015-3145, and CVE-2015-3148.
 2015-04-22 12:40:08 +02:00
Kamil Dudka 094e8186a4 drop 0106-curl-7.36.0-libssh2-valgrind.patch 
... which is already included upstream since curl-7_35_0-269-g02bba0c
 2015-02-25 14:00:41 +01:00
Kamil Dudka e286d38a5f include extern-scan.pl to make test1135 succeed 
Upstream-commit: 1514b718e3e5ea08acd1816464809de49a211f38
 2015-02-25 12:23:44 +01:00
Kamil Dudka 012235acc8 new upstream release - 7.41.0 2015-02-25 10:39:43 +01:00
Kamil Dudka 8357e0ea3e Resolves: #1187531 - fix a spurious connect failure on dual-stacked hosts 2015-02-23 13:46:07 +01:00