rpms
/
curl
2
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
569 Commits 42 Branches 269 Tags 2.7 MiB
Commit Graph

569 Commits

Author SHA1 Message Date
Kamil Dudka 0ed971f14f fix last but one change log entry 2019-03-25 12:39:00 +01:00
Kamil Dudka 7594f15bce Related: #1690971 - remove verbose "Expire in" ... messages 2019-03-25 12:35:52 +01:00
Kamil Dudka 902ddefeb5 avoid spurious "Could not resolve host: [host name]" error messages 2019-03-21 09:39:30 +01:00
Kamil Dudka 95008127cf Resolves: #1683676 - fix NULL dereference if flushing cookies with no CookieInfo set 2019-02-27 18:02:05 +01:00
Kamil Dudka e97fdf9b7f Resolves: #1680198 - prevent NetworkManager from leaking file descriptors 2019-02-25 14:24:32 +01:00
Kamil Dudka 9ace613273 make zsh completion work again 2019-02-11 13:22:07 +01:00
Kamil Dudka 2bdb624139 new upstream release - 7.64.0 
Resolves: CVE-2019-3823 - SMTP end-of-response out-of-bounds read
Resolves: CVE-2019-3822 - NTLMv2 type-3 header stack buffer overflow
Resolves: CVE-2018-16890 - NTLM type-2 out-of-bounds buffer read
 2019-02-06 09:56:05 +01:00
Kamil Dudka 3c5dec6602 prevent valgrind from reporting false positives on x86_64 2019-02-04 17:45:12 +01:00
Fedora Release Engineering 9221f774a1 - Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild 
Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>
 2019-01-31 16:37:02 +00:00
Kamil Dudka 1a6a3b20a6 Resolves: CVE-2018-20483 - xattr: strip credentials from any URL that is stored 2019-01-21 10:13:55 +01:00
Kamil Dudka da8449decd replace 0001-curl-7.62.0-http-post-negotiate.patch by upstream patch 2019-01-07 12:42:06 +01:00
Kamil Dudka 32b0144f20 replace 0105-curl-7.63.0-libstubgss-ldadd.patch by upstream patch 2019-01-04 14:18:53 +01:00
Kamil Dudka 49f5a42f96 Resolves: #1658574 - curl -J: do not append to the destination file 2018-12-19 13:43:28 +01:00
Kamil Dudka c30a9c7fdb Resolves: #1659329 - revert an upstream commit that broke `fedpkg new-sources` 2018-12-14 11:21:54 +01:00
Kamil Dudka c91c27bce9 libtest: avoid symbol lookup error in libstubgss.so 2018-12-12 14:39:00 +01:00
Kamil Dudka a94ce82de0 new upstream release - 7.63.0 2018-12-12 09:51:10 +01:00
Kamil Dudka 34a4d8f848 new upstream release - 7.62.0 
Resolves: CVE-2018-16839 - SASL password overflow via integer overflow
Resolves: CVE-2018-16840 - use-after-free in handle close
Resolves: CVE-2018-16842 - warning message out-of-buffer read
 2018-10-31 12:47:56 +01:00
Kamil Dudka 9be316eea1 enable TLS 1.3 post-handshake auth in OpenSSL 
Bug: https://github.com/curl/curl/pull/3027
 2018-10-11 16:16:32 +02:00
Kamil Dudka 2346b66a23 update the documentation of --tlsv1.0 in curl(1) man page 2018-10-11 16:16:18 +02:00
Kamil Dudka 800bb58ef3 Resolves: #1631804 - enforce versioned libpsl dependency for libcurl 2018-10-05 13:59:35 +02:00
Kamil Dudka 84125cbefe test320: update expected output for gnutls-3.6.4 2018-10-05 13:41:48 +02:00
Kamil Dudka ece57c4aa4 Related: #1622594 - drop 0105-curl-7.61.0-tests-ssh-keygen.patch no longer needed 2018-10-04 15:37:53 +02:00
Kamil Dudka 20b63790e4 new upstream release - 7.61.1 
Resolves: CVE-2018-14618 - NTLM password overflow via integer overflow
 2018-09-05 10:03:29 +02:00
Kamil Dudka e7b6b91818 make the --tls13-ciphers option work 2018-09-04 15:48:11 +02:00
Kamil Dudka 8bff7e0d6b Related: #1622594 - tests: make ssh-keygen always produce PEM format 
The default format produced by openssh-7.8p1 cannot be consumed
by currently available versions of libssh and libssh2.
 2018-08-27 16:55:32 +02:00
Kamil Dudka 023b327acc Resolves: #1595135 - scp/sftp: fix infinite connect loop on invalid private key 2018-08-15 13:57:06 +02:00
Kamil Dudka 178b0fc823 Resolves: #1219544 - ssl: set engine implicitly when a PKCS#11 URI is provided 2018-08-09 15:35:59 +02:00
Kamil Dudka 35134a4aee Related: #1610888 - relax crypto policy for the test-suite to make it pass again 2018-08-07 16:56:26 +02:00
Kamil Dudka 3fb6e23557 disable flaky test 1900, which covers deprecated HTTP pipelining 
See https://github.com/curl/curl/pull/2705 for details.
 2018-07-31 10:42:03 +02:00
Kamil Dudka 85286dc2b3 adapt test 323 for updated OpenSSL 2018-07-31 10:33:53 +02:00
Kamil Dudka bcdea58703 temporarily disable test 582 on s390x (client times out) 2018-07-13 13:47:08 +02:00
Fedora Release Engineering 072eac2fb6 - Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild 
Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>
 2018-07-12 22:28:24 +00:00
Kamil Dudka a89a46eca8 new upstream release - 7.61.0 
Resolves: CVE-2018-0500 - SMTP send heap buffer overflow
 2018-07-11 14:19:28 +02:00
Kamil Dudka d41d215108 disable test 1455, which occasionally fails in Koji 
... with 'bind failed with errno 98: Address already in use'
 2018-07-10 15:16:40 +02:00
Kamil Dudka 9f5f0d1189 enable support for brotli compression in libcurl-full 2018-07-10 13:51:08 +02:00
Kamil Dudka befa5428f0 do not hard-wire path of the Python 3 interpreter 2018-07-04 15:20:51 +02:00
Kamil Dudka 4f55f71cfe Related: #1570246 - enable vlagrind again 
This reverts commit e51a34d6cc.
 2018-07-04 15:15:24 +02:00
Kamil Dudka e51a34d6cc Related: #1570246 - temporarily disable valgrind completely 
... and revert the previous workaround, which does not work on Koji
 2018-05-16 15:58:58 +02:00
Kamil Dudka 09c874db53 require glibc-debuginfo for valgrind-enabled build 
... as suggested by valgrind itself:

valgrind:  Fatal error at startup: a function redirection
valgrind:  which is mandatory for this platform-tool combination
valgrind:  cannot be set up.  Details of the redirection are:
valgrind:
valgrind:  A must-be-redirected function
valgrind:  whose name matches the pattern:      strlen
valgrind:  in an object with soname matching:   ld-linux-x86-64.so.2
valgrind:  was not found whilst processing
valgrind:  symbols from the object with soname: ld-linux-x86-64.so.2
valgrind:
valgrind:  Possible fixes: (1, short term): install glibc's debuginfo
valgrind:  package on this machine.  (2, longer term): ask the packagers
valgrind:  for your Linux distribution to please in future ship a non-
valgrind:  stripped ld.so (or whatever the dynamic linker .so is called)
valgrind:  that exports the above-named function using the standard
valgrind:  calling conventions for this platform.  The package you need
valgrind:  to install for fix (1) is called
valgrind:
valgrind:    On Debian, Ubuntu:                 libc6-dbg
valgrind:    On SuSE, openSuSE, Fedora, RHEL:   glibc-debuginfo
valgrind:
valgrind:  Note that if you are debugging a 32 bit process on a
valgrind:  64 bit system, you will need a corresponding 32 bit debuginfo
valgrind:  package (e.g. libc6-dbg:i386).
valgrind:
valgrind:  Cannot continue -- exiting now.  Sorry.
 2018-05-16 15:23:55 +02:00
Kamil Dudka 5a0fa9250b new upstream release, which fixes the following vulnerabilities 
Resolves: CVE-2018-1000300 - FTP shutdown response buffer overflow
Resolves: CVE-2018-1000301 - RTSP bad headers buffer over-read
 2018-05-16 15:02:28 +02:00
Kamil Dudka a1b38730ce make the test-suite use Python 3 
Unfortunately, smbserver.py does not work with Python 3 because
there is no 'impacket' module available for Python 3:

https://github.com/CoreSecurity/impacket/issues/61
 2018-03-15 15:43:07 +01:00
Kamil Dudka 6402b496fc ftp: fix typo in recursive callback detection for seeking 2018-03-14 14:43:54 +01:00
Kamil Dudka bdef0a1bf6 new upstream release - 7.59.0 
Resolves: CVE-2018-1000120 - FTP path trickery leads to NIL byte out of bounds write
Resolves: CVE-2018-1000121 - LDAP NULL pointer dereference
Resolves: CVE-2018-1000122 - RTSP RTP buffer over-read
 2018-03-14 10:28:05 +01:00
Kamil Dudka 43b81665b0 http2: mark the connection for close on GOAWAY 2018-03-12 10:28:21 +01:00
Paul Howarth bdc6ab544b Robustness improvements to spec file 
- Add explicity-used build requirements
- Fix libcurl soname version number in %files list to avoid accidental soname
  bumps
 2018-02-19 10:10:12 +00:00
Paul Howarth a16f4de7a2 Update scriptlets, enforce versioned libssh dependency 
- switch to %ldconfig_scriptlets
- drop legacy BuildRoot: and Group: tags
- enforce versioned libssh dependency for libcurl
 2018-02-15 09:57:54 +00:00
Igor Gnatenko 5012445aca Remove BuildRoot definition 
None of currently supported distributions need that.
It was needed last for EL5 which is EOL now

Signed-off-by: Igor Gnatenko <ignatenkobrain@fedoraproject.org>
 2018-02-13 23:11:49 +01:00
Kamil Dudka 960515d8a1 Related: #1540549 - drop temporary workaround for the GCC bug 2018-02-13 10:33:16 +01:00
Fedora Release Engineering 1bbb30f4f6 - Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild 
Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>
 2018-02-07 06:08:47 +00:00
Kamil Dudka b76e2f2c65 Related: #1540549 - use the workaround for f28 only 
... so that it does not break the build with old versions of GCC
 2018-02-01 14:05:00 +01:00