1b982b367e
Migrate tests to tmt
...
Signed-off-by: Miroslav Vadkerti <mvadkert@redhat.com>
2021-10-05 06:26:42 +00:00
a0acb0cc77
Related: #2005874 - use correct bug ID in the change log
2021-10-04 12:29:42 +02:00
d4c5b54bf3
run upstream tests for both curl-minimal and curl-full
...
As we made libcurl-minimal more minimal, it differs more from
libcurl-full and it should be tested separately. On the other
hand, the test-suite for libcurl-minimal runs faster now because
more tests are skipped.
2021-10-04 09:55:13 +02:00
5ebead952b
Resolves : #1994521 - disable more protocols and features in libcurl-minimal
...
... to limit vulnerability exposure in case there is a CVE in curl
in some of the rarer protocols
2021-10-04 09:55:11 +02:00
54117120e4
explicitly disable zstd while configuring curl
...
... in order to make local builds closer to what we get from Koji
2021-10-04 09:54:25 +02:00
c2f61abc1c
curl.spec: align the lists of configure options
...
... to make it easier to extend the lists
2021-10-04 09:54:25 +02:00
407e3960e4
new upstream release - 7.79.1
2021-09-22 09:16:36 +02:00
e2155b2695
fix regression in http2 implementation
...
... introduced in the last release
2021-09-16 12:26:16 +02:00
f97c73e9d7
Rebuilt with OpenSSL 3.0.0
2021-09-16 12:23:37 +02:00
31329d9443
forgot to bump release in the previous commit
2021-09-16 08:51:26 +02:00
25f443ae12
make SCP/SFTP tests work with openssh-8.7p1
2021-09-16 08:45:33 +02:00
287da1ceec
temporarily disable test 1184
...
... which occasionally fails on aarch64/armv7hl Koji builders
for no apparent reason
2021-09-15 10:55:21 +02:00
d02617d325
new upstream release - 7.79.0
...
Resolves: CVE-2021-22947 - STARTTLS protocol injection via MITM
Resolves: CVE-2021-22946 - protocol downgrade required TLS bypassed
Resolves: CVE-2021-22945 - use-after-free and double-free in MQTT sending
2021-09-15 09:09:11 +02:00
62e2b8d564
Rebuilt with OpenSSL 3.0.0
2021-09-14 19:00:02 +02:00
f964aefff3
make explicit dependency on openssl work with alpha/beta builds of openssl
...
Reported-by: Daniel Rusek
2021-07-23 17:15:57 +02:00
adeb2cb476
- Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild
...
Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>
2021-07-21 20:15:37 +00:00
85619bdba3
disable tests 320..322 on ppc64le where it started to hang/fail
...
... in Koji environment only. I was not able to reproduce the issues
with the fedora-rawhide-ppc64le buildroot in mock on a ppc64le machine.
2021-07-21 15:53:36 +02:00
0ac0b6fbd1
prevent valgrind from being extremely slow
2021-07-21 12:39:45 +02:00
c921b2c69d
remove a valgrind-related patch no longer needed
2021-07-21 12:38:15 +02:00
ef5a5be78e
temporarily disable test 1452 on s390x
...
... where the client times out
2021-07-21 12:06:57 +02:00
64bcb4bcc1
new upstream release - 7.78.0
...
Resolves: CVE-2021-22925 - TELNET stack contents disclosure again
Resolves: CVE-2021-22924 - bad connection reuse due to flawed path name checks
Resolves: CVE-2021-22923 - metalink download sends credentials
Resolves: CVE-2021-22922 - wrong content via metalink not discarded
2021-07-21 10:22:33 +02:00
ece67bdd2f
gpgverify source tarball
...
Signed-off-by: Stewart Smith <trawets@amazon.com>
2021-07-09 18:42:11 +00:00
ddaf41062c
Resolves : #1967213 - build the curl tool without metalink support
...
Today curl upstream announced that they are going to completely remove
support for metalink from curl already in the next release of curl due
to a number of difficult to fix security issues:
https://curl.se/mail/archive-2021-06/0006.html
https://github.com/curl/curl/pull/7176
2021-06-02 19:55:01 +02:00
4c89d92ee7
new upstream release - 7.77.0
...
Resolves: CVE-2021-22901 - TLS session caching disaster
Resolves: CVE-2021-22898 - TELNET stack contents disclosure
2021-05-26 09:20:35 +02:00
4b7b124d75
Resolves : #1938699 - http2: fix resource leaks detected by Coverity
2021-05-03 17:54:40 +02:00
bf8bb4b5b4
new upstream release - 7.76.1
2021-04-14 09:54:33 +02:00
a0d250c162
new upstream release - 7.76.0
...
Resolves: CVE-2021-22890 - TLS 1.3 session ticket proxy host mixup
Resolves: CVE-2021-22876 - Automatic referer leaks credentials
2021-03-31 10:47:25 +02:00
25676e54ef
replace 0104-curl-7.73.0-localhost6.patch by sed invocation
...
... to avoid conflict resolution on new upstream releases
2021-03-31 10:47:24 +02:00
b57f5589af
fix misplaced comment in %prep from the previous commit
2021-03-24 11:17:40 +01:00
742526c048
Resolves : #1941925 - fix SIGSEGV upon disconnect of a ldaps:// transfer
2021-03-24 11:04:10 +01:00
bd924f90f2
build-require python3-impacket only on Fedora
...
It might not be available in RHEL or CentOS Stream build repos.
2021-02-23 22:03:03 +01:00
d781733304
%check: use unstripped library from the build dir
...
It results in more detailed backtraces in valgrind's output.
2021-02-11 11:51:32 +01:00
7dada590f2
new upstream release - 7.75.0
2021-02-03 09:07:33 +01:00
1cfc0aeb3b
do not use stunnel for tests on s390x builds
...
... to avoid spurious failures
2021-01-26 15:13:50 +01:00
3613691251
- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
...
Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>
2021-01-26 02:51:37 +00:00
182c2a8bbb
do not rewrite shebangs in test-suite to use python3 explicitly
2020-12-09 18:51:40 +01:00
c829072f9f
new upstream release - 7.74.0
...
Resolves: CVE-2020-8286 - curl: Inferior OCSP verification
Resolves: CVE-2020-8285 - libcurl: FTP wildcard stack overflow
Resolves: CVE-2020-8284 - curl: trusting FTP PASV responses
2020-12-09 11:13:15 +01:00
9ef73a22d0
Upstream moved from curl.haxx.se to curl.se
2020-11-09 12:31:52 +00:00
3c950d5541
prevent upstream test 1451 from being skipped
2020-10-14 11:54:54 +02:00
a15dd89aaa
new upstream release - 7.73.0
2020-10-14 10:31:57 +02:00
89714e3b24
Fix bug reference in changelog
2020-09-20 11:49:49 +01:00
4226c316c7
Resolves: #1877671O - fix multiarch conflicts in libcurl-minimal
2020-09-10 09:45:17 +02:00
e7a12a6b7b
new upstream release - 7.72.0
...
Resolves: CVE-2020-8231 - libcurl: wrong connect-only connection
2020-08-19 12:29:51 +02:00
840be82e6f
pick an upstream fix to make test 1140 pass again
2020-08-06 11:48:24 +02:00
b740a1ecc6
setopt: unset NOBODY switches to GET if still HEAD
...
Reported-by: Vít Ondruch
2020-08-06 11:04:30 +02:00
407d32e00a
- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
...
Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>
2020-07-27 14:52:54 +00:00
df63713984
Use make macros
...
https://fedoraproject.org/wiki/Changes/UseMakeBuildInstallMacro
2020-07-13 19:00:01 +00:00
87d774717a
Resolves : #1833193 - curl: make the --krb option work again
2020-07-03 12:47:48 +02:00
6071e0dd16
new upstream release - 7.71.1
2020-07-01 09:26:44 +02:00
8c661bb9d7
new upstream release - 7.71.0
...
Resolves: CVE-2020-8169 - curl: Partial password leak over DNS on HTTP redirect
Resolves: CVE-2020-8177 - curl: overwrite local file with -J
2020-06-24 10:03:56 +02:00
Miroslav Vadkerti
Kamil Dudka
Sahana Prasad
Fedora Release Engineering
Stewart Smith
Paul Howarth
Jinoh Kang
Tom Stellard