rpms
/
curl
2
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
572 Commits 42 Branches 269 Tags 2.7 MiB
Commit Graph

130 Commits

Author SHA1 Message Date
Kamil Dudka c8f5ee33a6 new upstream release - 7.82.0 2022-03-05 15:40:16 +01:00
Kamil Dudka 3e801a6f9f new upstream release - 7.81.0 2022-01-05 09:35:58 +01:00
Kamil Dudka ef0743b641 new upstream release - 7.80.0 2021-11-10 09:03:50 +01:00
Kamil Dudka 407e3960e4 new upstream release - 7.79.1 2021-09-22 09:16:36 +02:00
Kamil Dudka d02617d325 new upstream release - 7.79.0 
Resolves: CVE-2021-22947 - STARTTLS protocol injection via MITM
Resolves: CVE-2021-22946 - protocol downgrade required TLS bypassed
Resolves: CVE-2021-22945 - use-after-free and double-free in MQTT sending
 2021-09-15 09:09:11 +02:00
Kamil Dudka 64bcb4bcc1 new upstream release - 7.78.0 
Resolves: CVE-2021-22925 - TELNET stack contents disclosure again
Resolves: CVE-2021-22924 - bad connection reuse due to flawed path name checks
Resolves: CVE-2021-22923 - metalink download sends credentials
Resolves: CVE-2021-22922 - wrong content via metalink not discarded
 2021-07-21 10:22:33 +02:00
Kamil Dudka 4c89d92ee7 new upstream release - 7.77.0 
Resolves: CVE-2021-22901 - TLS session caching disaster
Resolves: CVE-2021-22898 - TELNET stack contents disclosure
 2021-05-26 09:20:35 +02:00
Kamil Dudka bf8bb4b5b4 new upstream release - 7.76.1 2021-04-14 09:54:33 +02:00
Kamil Dudka a0d250c162 new upstream release - 7.76.0 
Resolves: CVE-2021-22890 - TLS 1.3 session ticket proxy host mixup
Resolves: CVE-2021-22876 - Automatic referer leaks credentials
 2021-03-31 10:47:25 +02:00
Kamil Dudka 7dada590f2 new upstream release - 7.75.0 2021-02-03 09:07:33 +01:00
Kamil Dudka c829072f9f new upstream release - 7.74.0 
Resolves: CVE-2020-8286 - curl: Inferior OCSP verification
Resolves: CVE-2020-8285 - libcurl: FTP wildcard stack overflow
Resolves: CVE-2020-8284 - curl: trusting FTP PASV responses
 2020-12-09 11:13:15 +01:00
Kamil Dudka a15dd89aaa new upstream release - 7.73.0 2020-10-14 10:31:57 +02:00
Kamil Dudka e7a12a6b7b new upstream release - 7.72.0 
Resolves: CVE-2020-8231 - libcurl: wrong connect-only connection
 2020-08-19 12:29:51 +02:00
Kamil Dudka 6071e0dd16 new upstream release - 7.71.1 2020-07-01 09:26:44 +02:00
Kamil Dudka 8c661bb9d7 new upstream release - 7.71.0 
Resolves: CVE-2020-8169 - curl: Partial password leak over DNS on HTTP redirect
Resolves: CVE-2020-8177 - curl: overwrite local file with -J
 2020-06-24 10:03:56 +02:00
Kamil Dudka c88a6aff30 new upstream release - 7.70.0 2020-04-29 14:59:25 +02:00
Kamil Dudka ac5c236f18 new upstream release - 7.69.1 2020-03-11 10:23:53 +01:00
Kamil Dudka 249d0aea51 new upstream release - 7.69.0 2020-03-04 11:41:43 +01:00
Kamil Dudka dfb411a0a2 new upstream release - 7.68.0 2020-01-08 09:52:29 +01:00
Kamil Dudka c667b141d6 new upstream release - 7.67.0 2019-11-06 09:26:57 +01:00
Kamil Dudka da9af16256 new upstream release - 7.66.0 
Resolves: CVE-2019-5481 - double free due to subsequent call of realloc()
Resolves: CVE-2019-5482 - heap buffer overflow in function tftp_receive_packet()
 2019-09-12 15:20:21 +02:00
Paul Howarth a5c984a590 new upstream release - 7.65.3 2019-07-20 12:02:57 +01:00
Kamil Dudka 6e794d5beb new upstream release - 7.65.2 2019-07-17 10:34:24 +02:00
Kamil Dudka 901da63160 new upstream release - 7.65.1 2019-06-05 09:33:30 +02:00
Kamil Dudka 3c7950da77 new upstream release - 7.65.0 
Resolves: CVE-2019-5436 - TFTP receive buffer overflow
Resolves: CVE-2019-5435 - integer overflows in curl_url_set()
 2019-05-22 10:42:26 +02:00
Kamil Dudka bbad3e0a62 new upstream release - 7.64.1 2019-03-27 12:45:46 +01:00
Kamil Dudka 2bdb624139 new upstream release - 7.64.0 
Resolves: CVE-2019-3823 - SMTP end-of-response out-of-bounds read
Resolves: CVE-2019-3822 - NTLMv2 type-3 header stack buffer overflow
Resolves: CVE-2018-16890 - NTLM type-2 out-of-bounds buffer read
 2019-02-06 09:56:05 +01:00
Kamil Dudka a94ce82de0 new upstream release - 7.63.0 2018-12-12 09:51:10 +01:00
Kamil Dudka 34a4d8f848 new upstream release - 7.62.0 
Resolves: CVE-2018-16839 - SASL password overflow via integer overflow
Resolves: CVE-2018-16840 - use-after-free in handle close
Resolves: CVE-2018-16842 - warning message out-of-buffer read
 2018-10-31 12:47:56 +01:00
Kamil Dudka 20b63790e4 new upstream release - 7.61.1 
Resolves: CVE-2018-14618 - NTLM password overflow via integer overflow
 2018-09-05 10:03:29 +02:00
Kamil Dudka a89a46eca8 new upstream release - 7.61.0 
Resolves: CVE-2018-0500 - SMTP send heap buffer overflow
 2018-07-11 14:19:28 +02:00
Kamil Dudka 5a0fa9250b new upstream release, which fixes the following vulnerabilities 
Resolves: CVE-2018-1000300 - FTP shutdown response buffer overflow
Resolves: CVE-2018-1000301 - RTSP bad headers buffer over-read
 2018-05-16 15:02:28 +02:00
Kamil Dudka bdef0a1bf6 new upstream release - 7.59.0 
Resolves: CVE-2018-1000120 - FTP path trickery leads to NIL byte out of bounds write
Resolves: CVE-2018-1000121 - LDAP NULL pointer dereference
Resolves: CVE-2018-1000122 - RTSP RTP buffer over-read
 2018-03-14 10:28:05 +01:00
Kamil Dudka 93c55561d3 new upstream release - 7.58.0 
Resolves: CVE-2018-1000005 - curl: HTTP/2 trailer out-of-bounds read
Resolves: CVE-2018-1000007 - curl: HTTP authentication leak in redirects
 2018-01-24 11:55:14 +01:00
Kamil Dudka ed352e927e new upstream release - 7.57.0 
Resolves: CVE-2017-8816 - curl: NTLM buffer overflow via integer overflow
Resolves: CVE-2017-8817 - curl: FTP wildcard out of bounds read
Resolves: CVE-2017-8818 - curl: SSL out of buffer access
 2017-11-29 14:03:21 +01:00
Kamil Dudka 5d4a9257c3 new upstream release - 7.56.1 (fixes CVE-2017-1000257) 2017-10-23 10:13:16 +02:00
Kamil Dudka 46c8abb050 new upstream release - 7.56.0 (fixes CVE-2017-1000254) 2017-10-04 09:36:05 +02:00
Kamil Dudka 019e1c424c new upstream release - 7.55.1 2017-08-14 09:39:22 +02:00
Kamil Dudka 46042daf78 new upstream release - 7.55.0 
Resolves: CVE-2017-1000099 - FILE buffer read out of bounds
Resolves: CVE-2017-1000100 - TFTP sends more than buffer size
Resolves: CVE-2017-1000101 - URL globbing out of bounds read
 2017-08-09 10:52:10 +02:00
Kamil Dudka 0aa20e6c92 new upstream release - 7.54.1 2017-06-14 10:50:24 +02:00
Kamil Dudka 0f99fceebe new upstream release - 7.54.0 (fixes CVE-2017-7468) 2017-04-20 09:09:40 +02:00
Kamil Dudka c1fbf35cce new upstream release - 7.53.1 2017-02-24 10:51:31 +01:00
Kamil Dudka 8afeb9390f new upstream release - 7.53.0 (fixes CVE-2017-2629) 2017-02-22 10:32:55 +01:00
Kamil Dudka 00369df034 new upstream release - 7.52.1 (fixes CVE-2016-9586) 2016-12-23 10:06:25 +01:00
Kamil Dudka 5169cd3899 new upstream release - 7.51.0 
Resolves: CVE-2016-8615 - Cookie injection for other servers
Resolves: CVE-2016-8616 - Case insensitive password comparison
Resolves: CVE-2016-8617 - Out-of-bounds write via unchecked multiplication
Resolves: CVE-2016-8618 - Double-free in curl_maprintf
Resolves: CVE-2016-8619 - Double-free in krb5 code
Resolves: CVE-2016-8620 - Glob parser write/read out of bounds
Resolves: CVE-2016-8621 - curl_getdate out-of-bounds read
Resolves: CVE-2016-8622 - URL unescape heap overflow via integer truncation
Resolves: CVE-2016-8623 - Use-after-free via shared cookies
Resolves: CVE-2016-8624 - Invalid URL parsing with '#'
Resolves: CVE-2016-8625 - IDNA 2003 makes curl use wrong host
 2016-11-02 11:12:40 +01:00
Kamil Dudka b552e5528d new upstream release - 7.50.3 (fixes CVE-2016-7167) 2016-09-14 10:50:47 +02:00
Kamil Dudka 1db8ad8d42 new upstream release - 7.50.2 2016-09-07 10:33:38 +02:00
Kamil Dudka 2fd0a39aee new upstream release - 7.50.1 
Resolves: CVE-2016-5419 CVE-2016-5420 CVE-2016-5421
 2016-08-03 10:10:39 +02:00
Kamil Dudka bed70046cf new upstream release - 7.50.0 2016-07-21 11:32:21 +02:00
Kamil Dudka baeb46456e new upstream release - 7.49.1 2016-05-30 09:28:06 +02:00