rpms
/
curl
2
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
380 Commits 42 Branches 269 Tags 2.7 MiB
Commit Graph

380 Commits

Author SHA1 Message Date
Kamil Dudka 2fc0fbf615 Resolves: CVE-2017-1000100 - tftp: reject file name lengths that do not fit buffer 2017-08-09 15:49:56 +02:00
Kamil Dudka d0ba002000 Resolves: CVE-2017-1000101 - do not continue parsing of glob after range overflow 2017-08-09 15:48:51 +02:00
Kamil Dudka b2b5c8f5f1 Resolves: #1436158 - nss: fix a possible use-after-free in SelectClientCert() 2017-07-20 08:57:41 +02:00
Kamil Dudka f7a237e96a Resolves: #1463532 - fix links to documentation of TLS cipher-suites 2017-06-21 15:51:05 +02:00
Kamil Dudka 944a671273 Resolves: CVE-2017-7407 - fix out of bounds read in curl --write-out 2017-04-07 12:51:56 +02:00
Kamil Dudka afa73a568f Resolves: #1428550 - make the dependency on nss-pem arch-specific 2017-04-04 10:05:25 +02:00
Kamil Dudka d1f798c07e Resolves: CVE-2016-9586 - fix floating point buffer overflow issues 2016-12-23 10:54:34 +01:00
Kamil Dudka c38149da81 Resolves: #1396719 - map CURL_SSLVERSION_DEFAULT to NSS default, add support for TLS 1.3 2016-11-21 09:54:16 +01:00
Kamil Dudka 40b1d9916f stricter host name checking for file:// URLs 2016-11-15 18:40:23 +01:00
Kamil Dudka 2856bdf841 ssh: check md5 fingerprints case insensitively 2016-11-15 18:34:21 +01:00
Kamil Dudka c8e1922952 temporarily disable failing libidn2 test-cases 2016-11-02 11:14:11 +01:00
Kamil Dudka 5169cd3899 new upstream release - 7.51.0 
Resolves: CVE-2016-8615 - Cookie injection for other servers
Resolves: CVE-2016-8616 - Case insensitive password comparison
Resolves: CVE-2016-8617 - Out-of-bounds write via unchecked multiplication
Resolves: CVE-2016-8618 - Double-free in curl_maprintf
Resolves: CVE-2016-8619 - Double-free in krb5 code
Resolves: CVE-2016-8620 - Glob parser write/read out of bounds
Resolves: CVE-2016-8621 - curl_getdate out-of-bounds read
Resolves: CVE-2016-8622 - URL unescape heap overflow via integer truncation
Resolves: CVE-2016-8623 - Use-after-free via shared cookies
Resolves: CVE-2016-8624 - Invalid URL parsing with '#'
Resolves: CVE-2016-8625 - IDNA 2003 makes curl use wrong host
 2016-11-02 11:12:40 +01:00
Kamil Dudka 837f1f0f4e drop 0103-curl-7.50.0-stunnel.patch no longer needed 
It paralyzes the test-suite on systems with ancient versions of stunnel.
 2016-10-20 13:39:29 +02:00
Kamil Dudka 6aadc8e2a0 use the just built version of libcurl while generating zsh completion 2016-10-07 12:23:18 +02:00
Kamil Dudka b552e5528d new upstream release - 7.50.3 (fixes CVE-2016-7167) 2016-09-14 10:50:47 +02:00
Kamil Dudka 1db8ad8d42 new upstream release - 7.50.2 2016-09-07 10:33:38 +02:00
Kamil Dudka 165cb33f0a work around race condition in PK11_FindSlotByName() 
Bug: https://bugzilla.mozilla.org/1297397
 2016-08-26 15:48:18 +02:00
Kamil Dudka 0f6a97db34 Related: CVE-2016-5420 - fix incorrect use of a previously loaded certificate from file 2016-08-26 15:48:07 +02:00
Kamil Dudka 2fd0a39aee new upstream release - 7.50.1 
Resolves: CVE-2016-5419 CVE-2016-5420 CVE-2016-5421
 2016-08-03 10:10:39 +02:00
Kamil Dudka 1b9369d1bf run HTTP/2 tests on all arches (#1360319 worked around in nghttp2) 
Revert "run HTTP/2 tests only on Intel for now"

This reverts commit 99b64f5ec2.
 2016-07-26 17:12:54 +02:00
Kamil Dudka 99b64f5ec2 run HTTP/2 tests only on Intel for now 
... to work around #1358845
 2016-07-21 17:21:41 +02:00
Kamil Dudka 9b1375c118 require nss-pem no longer included in the nss package (#1347336) 2016-07-21 16:36:33 +02:00
Kamil Dudka 518559f4a0 fix HTTPS and FTPS tests (work around stunnel bug #1358810) 2016-07-21 16:33:22 +02:00
Kamil Dudka f4e76c10cd add BR for nghttp2 used by the upstream test-suite 2016-07-21 14:09:11 +02:00
Kamil Dudka 90cc80745a import needed files missing in the upstream tarball 2016-07-21 14:08:30 +02:00
Kamil Dudka bed70046cf new upstream release - 7.50.0 2016-07-21 11:32:21 +02:00
Kamil Dudka 83e65ab057 use multilib-rpm-config to install arch-dependent header files 2016-06-17 17:49:49 +02:00
Kamil Dudka 81483e8ea1 drop a test-suite quirk already applied upstream 
https://github.com/curl/curl/commit/effa575f
 2016-06-15 14:50:58 +02:00
Kamil Dudka ed398dec4b Resolves: #1340757 - fix SIGSEGV of the curl tool 
... while parsing URL with too many globs
 2016-06-03 13:27:18 +02:00
Kamil Dudka baeb46456e new upstream release - 7.49.1 2016-05-30 09:28:06 +02:00
Kamil Dudka 84382c927b prevent test1140 from failing 
... by locally creating docs/libcurl/curl_multi_socket_all.3
 2016-05-18 19:29:28 +02:00
Kamil Dudka 1e7c2958aa include manpage-scan.pl nroff-scan.pl to fix tests 1139 and 1140 
Upstream-commit: 54e4c6c396a9987f4232c73b5b4d31c01b16f8ae
 2016-05-18 19:29:28 +02:00
Kamil Dudka 9a03eb6087 new upstream release - 7.49.0 2016-05-18 19:29:26 +02:00
Kamil Dudka b041400317 new upstream release - 7.48.0 2016-03-23 13:11:48 +01:00
Kamil Dudka e2daf98253 Resolves: #1308791 - do not refuse cookies for localhost 2016-03-03 00:42:56 +01:00
Kamil Dudka e57a741556 make SCP and SFTP test-cases work with up2date OpenSSH 2016-02-17 13:08:22 +01:00
Kamil Dudka 1e7ba88548 Resolves: #1305701 - enable support for Public Suffix List 2016-02-10 18:54:34 +01:00
Kamil Dudka 127274be95 new upstream release - 7.47.1 2016-02-08 12:30:15 +01:00
Dennis Gilmore 5af23e27ef - Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild 2016-02-03 18:21:15 +00:00
Paul Howarth ec00e90a49 Prefer %global over %define 2016-02-02 11:32:20 +00:00
Kamil Dudka 40933f3c05 new upstream release - 7.47.0 (fixes CVE-2016-0755) 2016-01-27 09:20:36 +01:00
Kamil Dudka 92a4396c47 Resolves: #1288529 - own /usr/share/zsh/site-functions 
... instead of requiring zsh
 2015-12-04 15:41:44 +01:00
Kamil Dudka 7c41b922e3 disable silent builds 
Suggested-by: Paul Howarth
 2015-12-02 13:37:59 +01:00
Kamil Dudka 7ee26673d3 use default port numbers when running the upstream test-suite 2015-12-02 13:17:27 +01:00
Kamil Dudka 638c8f1abc install zsh completion script 2015-12-02 12:43:14 +01:00
Kamil Dudka 62fef86fa4 new upstream release - 7.46.0 2015-12-02 10:51:11 +01:00
Paul Howarth b1cf0d53ef new upstream release - 7.45.0 2015-10-07 14:43:06 +01:00
Kamil Dudka 1dcbbd628a Resolves: #1104597 - prevent NSS from incorrectly re-using a session 2015-09-18 18:13:13 +02:00
Kamil Dudka 8b89049610 better explain the conditional BR on valgrind 2015-08-27 16:06:46 +02:00
Kamil Dudka bfaeb9dd10 new upstream release - 7.44.0 2015-08-12 12:05:13 +02:00