b989ec64dd
Resolves: CVE-2019-5481 - double free due to subsequent call of realloc()
2019-09-12 16:30:21 +02:00
b57697f5e7
Resolves: CVE-2019-5482 - fix heap buffer overflow in function tftp_receive_packet()
2019-09-12 16:22:48 +02:00
1d25e0a73d
Related: CVE-2019-5436 - improve the change log entry
2019-05-22 16:46:56 +02:00
41c348c5d6
Resolves: CVE-2019-5436 - TFTP receive buffer overflow
2019-05-22 14:21:49 +02:00
363f2e4047
Resolves: CVE-2019-5435 - fix integer overflows in curl_url_set()
2019-05-22 14:21:02 +02:00
70232dde43
Resolves : #1669156 - do not let libssh create a new socket for SCP/SFTP
2019-02-18 18:42:01 +01:00
999ed7944f
make zsh completion work again
2019-02-11 13:41:22 +01:00
dac11f1d10
Resolves: CVE-2019-3823 - fix SMTP end-of-response out-of-bounds read
2019-02-06 13:30:41 +01:00
8df27a6217
Resolves: CVE-2019-3822 - fix NTLMv2 type-3 header stack buffer overflow
2019-02-06 13:30:24 +01:00
9de001fb26
Resolves: CVE-2018-16890 - fix NTLM type-2 out-of-bounds buffer read
2019-02-06 13:30:10 +01:00
b3c6d97e26
Resolves: CVE-2018-20483 - xattr: strip credentials from any URL that is stored
2019-01-21 12:22:27 +01:00
51f07044e3
Resolves : #1658574 - curl -J: do not append to the destination file
2018-12-19 13:51:52 +01:00
3a4404c668
Resolves: CVE-2018-16842 - make the patch for CVE-2018-16842 apply properly
...
`git apply` fails silently unless `git init` is invoked first.
2018-11-15 15:35:02 +01:00
81eb511a57
Resolves: CVE-2018-16839 - SASL password overflow via integer overflow
2018-11-01 10:07:35 +01:00
2bcb05aea4
Resolves: CVE-2018-16840 - fix use-after-free in handle close
2018-11-01 09:59:22 +01:00
7576775e08
Resolves: CVE-2018-16842 - fix bad arethmetic when outputting warnings to stderr
...
Use `git apply` to apply the patch because `patch` would fail with:
File tests/data/test2080: git binary diffs are not supported.
2018-11-01 09:50:46 +01:00
9be316eea1
enable TLS 1.3 post-handshake auth in OpenSSL
...
Bug: https://github.com/curl/curl/pull/3027
2018-10-11 16:16:32 +02:00
2346b66a23
update the documentation of --tlsv1.0 in curl(1) man page
2018-10-11 16:16:18 +02:00
800bb58ef3
Resolves : #1631804 - enforce versioned libpsl dependency for libcurl
2018-10-05 13:59:35 +02:00
84125cbefe
test320: update expected output for gnutls-3.6.4
2018-10-05 13:41:48 +02:00
ece57c4aa4
Related: #1622594 - drop 0105-curl-7.61.0-tests-ssh-keygen.patch no longer needed
2018-10-04 15:37:53 +02:00
20b63790e4
new upstream release - 7.61.1
...
Resolves: CVE-2018-14618 - NTLM password overflow via integer overflow
2018-09-05 10:03:29 +02:00
e7b6b91818
make the --tls13-ciphers option work
2018-09-04 15:48:11 +02:00
8bff7e0d6b
Related: #1622594 - tests: make ssh-keygen always produce PEM format
...
The default format produced by openssh-7.8p1 cannot be consumed
by currently available versions of libssh and libssh2.
2018-08-27 16:55:32 +02:00
023b327acc
Resolves : #1595135 - scp/sftp: fix infinite connect loop on invalid private key
2018-08-15 13:57:06 +02:00
178b0fc823
Resolves : #1219544 - ssl: set engine implicitly when a PKCS#11 URI is provided
2018-08-09 15:35:59 +02:00
35134a4aee
Related: #1610888 - relax crypto policy for the test-suite to make it pass again
2018-08-07 16:56:26 +02:00
3fb6e23557
disable flaky test 1900, which covers deprecated HTTP pipelining
...
See https://github.com/curl/curl/pull/2705 for details.
2018-07-31 10:42:03 +02:00
85286dc2b3
adapt test 323 for updated OpenSSL
2018-07-31 10:33:53 +02:00
bcdea58703
temporarily disable test 582 on s390x (client times out)
2018-07-13 13:47:08 +02:00
072eac2fb6
- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
...
Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>
2018-07-12 22:28:24 +00:00
a89a46eca8
new upstream release - 7.61.0
...
Resolves: CVE-2018-0500 - SMTP send heap buffer overflow
2018-07-11 14:19:28 +02:00
d41d215108
disable test 1455, which occasionally fails in Koji
...
... with 'bind failed with errno 98: Address already in use'
2018-07-10 15:16:40 +02:00
9f5f0d1189
enable support for brotli compression in libcurl-full
2018-07-10 13:51:08 +02:00
befa5428f0
do not hard-wire path of the Python 3 interpreter
2018-07-04 15:20:51 +02:00
4f55f71cfe
Related: #1570246 - enable vlagrind again
...
This reverts commit e51a34d6cc
2018-07-04 15:15:24 +02:00
e51a34d6cc
Related: #1570246 - temporarily disable valgrind completely
...
... and revert the previous workaround, which does not work on Koji
2018-05-16 15:58:58 +02:00
09c874db53
require glibc-debuginfo for valgrind-enabled build
...
... as suggested by valgrind itself:
valgrind: Fatal error at startup: a function redirection
valgrind: which is mandatory for this platform-tool combination
valgrind: cannot be set up. Details of the redirection are:
valgrind:
valgrind: A must-be-redirected function
valgrind: whose name matches the pattern: strlen
valgrind: in an object with soname matching: ld-linux-x86-64.so.2
valgrind: was not found whilst processing
valgrind: symbols from the object with soname: ld-linux-x86-64.so.2
valgrind:
valgrind: Possible fixes: (1, short term): install glibc's debuginfo
valgrind: package on this machine. (2, longer term): ask the packagers
valgrind: for your Linux distribution to please in future ship a non-
valgrind: stripped ld.so (or whatever the dynamic linker .so is called)
valgrind: that exports the above-named function using the standard
valgrind: calling conventions for this platform. The package you need
valgrind: to install for fix (1) is called
valgrind:
valgrind: On Debian, Ubuntu: libc6-dbg
valgrind: On SuSE, openSuSE, Fedora, RHEL: glibc-debuginfo
valgrind:
valgrind: Note that if you are debugging a 32 bit process on a
valgrind: 64 bit system, you will need a corresponding 32 bit debuginfo
valgrind: package (e.g. libc6-dbg:i386).
valgrind:
valgrind: Cannot continue -- exiting now. Sorry.
2018-05-16 15:23:55 +02:00
5a0fa9250b
new upstream release, which fixes the following vulnerabilities
...
Resolves: CVE-2018-1000300 - FTP shutdown response buffer overflow
Resolves: CVE-2018-1000301 - RTSP bad headers buffer over-read
2018-05-16 15:02:28 +02:00
a1b38730ce
make the test-suite use Python 3
...
Unfortunately, smbserver.py does not work with Python 3 because
there is no 'impacket' module available for Python 3:
https://github.com/CoreSecurity/impacket/issues/61
2018-03-15 15:43:07 +01:00
6402b496fc
ftp: fix typo in recursive callback detection for seeking
2018-03-14 14:43:54 +01:00
bdef0a1bf6
new upstream release - 7.59.0
...
Resolves: CVE-2018-1000120 - FTP path trickery leads to NIL byte out of bounds write
Resolves: CVE-2018-1000121 - LDAP NULL pointer dereference
Resolves: CVE-2018-1000122 - RTSP RTP buffer over-read
2018-03-14 10:28:05 +01:00
43b81665b0
http2: mark the connection for close on GOAWAY
2018-03-12 10:28:21 +01:00
bdc6ab544b
Robustness improvements to spec file
...
- Add explicity-used build requirements
- Fix libcurl soname version number in %files list to avoid accidental soname
bumps
2018-02-19 10:10:12 +00:00
a16f4de7a2
Update scriptlets, enforce versioned libssh dependency
...
- switch to %ldconfig_scriptlets
- drop legacy BuildRoot: and Group: tags
- enforce versioned libssh dependency for libcurl
2018-02-15 09:57:54 +00:00
5012445aca
Remove BuildRoot definition
...
None of currently supported distributions need that.
It was needed last for EL5 which is EOL now
Signed-off-by: Igor Gnatenko <ignatenkobrain@fedoraproject.org>
2018-02-13 23:11:49 +01:00
960515d8a1
Related: #1540549 - drop temporary workaround for the GCC bug
2018-02-13 10:33:16 +01:00
1bbb30f4f6
- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild
...
Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>
2018-02-07 06:08:47 +00:00
b76e2f2c65
Related: #1540549 - use the workaround for f28 only
...
... so that it does not break the build with old versions of GCC
2018-02-01 14:05:00 +01:00
bf966a954e
Related: #1540549 - temporarily work around internal compiler error on x86_64
2018-02-01 12:55:07 +01:00
Kamil Dudka
Fedora Release Engineering
Paul Howarth
Igor Gnatenko