rpms/curl
3
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
561 Commits 42 Branches 269 Tags 2.7 MiB
4ad1229e9d
Commit Graph

531 Commits

Author SHA1 Message Date
Kamil Dudka
3c950d5541 prevent upstream test 1451 from being skipped 2020-10-14 11:54:54 +02:00
Kamil Dudka
a15dd89aaa new upstream release - 7.73.0 2020-10-14 10:31:57 +02:00
Paul Howarth
89714e3b24 Fix bug reference in changelog 2020-09-20 11:49:49 +01:00
Jinoh Kang
4226c316c7 Resolves: #1877671O - fix multiarch conflicts in libcurl-minimal 2020-09-10 09:45:17 +02:00
Kamil Dudka
e7a12a6b7b new upstream release - 7.72.0 
Resolves: CVE-2020-8231 - libcurl: wrong connect-only connection
 2020-08-19 12:29:51 +02:00
Kamil Dudka
b740a1ecc6 setopt: unset NOBODY switches to GET if still HEAD 
Reported-by: Vít Ondruch
 2020-08-06 11:04:30 +02:00
Fedora Release Engineering
407d32e00a - Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild 
Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>
 2020-07-27 14:52:54 +00:00
Tom Stellard
df63713984 Use make macros 
https://fedoraproject.org/wiki/Changes/UseMakeBuildInstallMacro
 2020-07-13 19:00:01 +00:00
Kamil Dudka
87d774717a Resolves: #1833193 - curl: make the --krb option work again 2020-07-03 12:47:48 +02:00
Kamil Dudka
6071e0dd16 new upstream release - 7.71.1 2020-07-01 09:26:44 +02:00
Kamil Dudka
8c661bb9d7 new upstream release - 7.71.0 
Resolves: CVE-2020-8169 - curl: Partial password leak over DNS on HTTP redirect
Resolves: CVE-2020-8177 - curl: overwrite local file with -J
 2020-06-24 10:03:56 +02:00
Kamil Dudka
c74a58b095 Related: #1829180 - add BuildRequires for hostname 
It is used by the test-suite but it is missing in armv7hl buildroot.
 2020-05-02 10:08:32 +02:00
Kamil Dudka
ce4949188b Related: #1829180 - temporarily disable tests 702 703 716 on armv7hl 2020-05-02 09:52:39 +02:00
Kamil Dudka
c88a6aff30 new upstream release - 7.70.0 2020-04-29 14:59:25 +02:00
Kamil Dudka
6a752013d0 Resolves: #1824926 - SSH: use new ECDSA key types to check known hosts 2020-04-20 11:34:56 +02:00
Tom Stellard
53c8c93125 Prevent discarding of -g when compiling with clang 2020-04-17 16:06:52 +00:00
Kamil Dudka
ac5c236f18 new upstream release - 7.69.1 2020-03-11 10:23:53 +01:00
Kamil Dudka
fbcad9a3a0 Resolves: #1810989 - make Flatpak work again 2020-03-09 09:54:27 +01:00
Kamil Dudka
249d0aea51 new upstream release - 7.69.0 2020-03-04 11:41:43 +01:00
Fedora Release Engineering
83181bd6d3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild 
Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>
 2020-01-28 15:11:40 +00:00
Kamil Dudka
dfb411a0a2 new upstream release - 7.68.0 2020-01-08 09:52:29 +01:00
Kamil Dudka
13f70ceee2 fix upstream release number in last two change log items 2020-01-08 09:47:26 +01:00
Kamil Dudka
d1233ad4cd do not run test-suite through valgrind on i686 brew builds 
The architecture is being decommissioned in Fedora, which makes it
difficult to debug valgrind failures (usually not related to curl
anyway).
 2019-11-15 10:37:39 +01:00
Kamil Dudka
eeb37e29bd Related: #1771025 - fix date in the last change log entry 2019-11-14 16:25:25 +01:00
Kamil Dudka
2298078d54 Resolves: #1771025 - fix infinite loop on upload using a glob 2019-11-14 13:57:39 +01:00
Kamil Dudka
c667b141d6 new upstream release - 7.67.0 2019-11-06 09:26:57 +01:00
Kamil Dudka
e0bf66ef6c fix memory leaked by parse_metalink() 2019-09-13 10:18:24 +02:00
Kamil Dudka
da9af16256 new upstream release - 7.66.0 
Resolves: CVE-2019-5481 - double free due to subsequent call of realloc()
Resolves: CVE-2019-5482 - heap buffer overflow in function tftp_receive_packet()
 2019-09-12 15:20:21 +02:00
Kamil Dudka
91c50ee6d4 Resolves: #1690971 - avoid reporting spurious error in the HTTP2 framing layer 2019-08-27 18:11:29 +02:00
Kamil Dudka
8559ecc1d9 changelog: fix copy/paste error in the last entry 2019-08-01 16:41:42 +02:00
Kamil Dudka
863394fd95 improve handling of gss_init_sec_context() failures 2019-08-01 16:37:57 +02:00
Fedora Release Engineering
22186831fb - Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild 
Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>
 2019-07-24 21:21:56 +00:00
Paul Howarth
a5c984a590 new upstream release - 7.65.3 2019-07-20 12:02:57 +01:00
Kamil Dudka
6e794d5beb new upstream release - 7.65.2 2019-07-17 10:34:24 +02:00
Kamil Dudka
901da63160 new upstream release - 7.65.1 2019-06-05 09:33:30 +02:00
Kamil Dudka
b6ccff47ac Resolves: #1714893 - fix spurious timeout events with speed-limit 2019-05-30 15:27:58 +02:00
Kamil Dudka
3c7950da77 new upstream release - 7.65.0 
Resolves: CVE-2019-5436 - TFTP receive buffer overflow
Resolves: CVE-2019-5435 - integer overflows in curl_url_set()
 2019-05-22 10:42:26 +02:00
Kamil Dudka
9dd5d73f3b do not treat failure of gss_init_sec_context() with --negotiate as fatal 
This commit fixes a major incompatibility introduced in curl-7.64.1.

Bug: https://github.com/curl/curl/issues/3726
 2019-05-09 10:08:03 +02:00
Paul Howarth
8fd906c559 generation of shell completions now needs more perl stuff 2019-04-05 13:38:27 +01:00
Kamil Dudka
bbad3e0a62 new upstream release - 7.64.1 2019-03-27 12:45:46 +01:00
Kamil Dudka
0ed971f14f fix last but one change log entry 2019-03-25 12:39:00 +01:00
Kamil Dudka
7594f15bce Related: #1690971 - remove verbose "Expire in" ... messages 2019-03-25 12:35:52 +01:00
Kamil Dudka
902ddefeb5 avoid spurious "Could not resolve host: [host name]" error messages 2019-03-21 09:39:30 +01:00
Kamil Dudka
95008127cf Resolves: #1683676 - fix NULL dereference if flushing cookies with no CookieInfo set 2019-02-27 18:02:05 +01:00
Kamil Dudka
e97fdf9b7f Resolves: #1680198 - prevent NetworkManager from leaking file descriptors 2019-02-25 14:24:32 +01:00
Kamil Dudka
9ace613273 make zsh completion work again 2019-02-11 13:22:07 +01:00
Kamil Dudka
2bdb624139 new upstream release - 7.64.0 
Resolves: CVE-2019-3823 - SMTP end-of-response out-of-bounds read
Resolves: CVE-2019-3822 - NTLMv2 type-3 header stack buffer overflow
Resolves: CVE-2018-16890 - NTLM type-2 out-of-bounds buffer read
 2019-02-06 09:56:05 +01:00
Kamil Dudka
3c5dec6602 prevent valgrind from reporting false positives on x86_64 2019-02-04 17:45:12 +01:00
Fedora Release Engineering
9221f774a1 - Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild 
Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>
 2019-01-31 16:37:02 +00:00
Kamil Dudka
1a6a3b20a6 Resolves: CVE-2018-20483 - xattr: strip credentials from any URL that is stored 2019-01-21 10:13:55 +01:00
Kamil Dudka
da8449decd replace 0001-curl-7.62.0-http-post-negotiate.patch by upstream patch 2019-01-07 12:42:06 +01:00
Kamil Dudka
32b0144f20 replace 0105-curl-7.63.0-libstubgss-ldadd.patch by upstream patch 2019-01-04 14:18:53 +01:00
Kamil Dudka
49f5a42f96 Resolves: #1658574 - curl -J: do not append to the destination file 2018-12-19 13:43:28 +01:00
Kamil Dudka
c30a9c7fdb Resolves: #1659329 - revert an upstream commit that broke fedpkg new-sources 2018-12-14 11:21:54 +01:00
Kamil Dudka
c91c27bce9 libtest: avoid symbol lookup error in libstubgss.so 2018-12-12 14:39:00 +01:00
Kamil Dudka
a94ce82de0 new upstream release - 7.63.0 2018-12-12 09:51:10 +01:00
Kamil Dudka
34a4d8f848 new upstream release - 7.62.0 
Resolves: CVE-2018-16839 - SASL password overflow via integer overflow
Resolves: CVE-2018-16840 - use-after-free in handle close
Resolves: CVE-2018-16842 - warning message out-of-buffer read
 2018-10-31 12:47:56 +01:00
Kamil Dudka
9be316eea1 enable TLS 1.3 post-handshake auth in OpenSSL 
Bug: https://github.com/curl/curl/pull/3027
 2018-10-11 16:16:32 +02:00
Kamil Dudka
2346b66a23 update the documentation of --tlsv1.0 in curl(1) man page 2018-10-11 16:16:18 +02:00
Kamil Dudka
800bb58ef3 Resolves: #1631804 - enforce versioned libpsl dependency for libcurl 2018-10-05 13:59:35 +02:00
Kamil Dudka
84125cbefe test320: update expected output for gnutls-3.6.4 2018-10-05 13:41:48 +02:00
Kamil Dudka
ece57c4aa4 Related: #1622594 - drop 0105-curl-7.61.0-tests-ssh-keygen.patch no longer needed 2018-10-04 15:37:53 +02:00
Kamil Dudka
20b63790e4 new upstream release - 7.61.1 
Resolves: CVE-2018-14618 - NTLM password overflow via integer overflow
 2018-09-05 10:03:29 +02:00
Kamil Dudka
e7b6b91818 make the --tls13-ciphers option work 2018-09-04 15:48:11 +02:00
Kamil Dudka
8bff7e0d6b Related: #1622594 - tests: make ssh-keygen always produce PEM format 
The default format produced by openssh-7.8p1 cannot be consumed
by currently available versions of libssh and libssh2.
 2018-08-27 16:55:32 +02:00
Kamil Dudka
023b327acc Resolves: #1595135 - scp/sftp: fix infinite connect loop on invalid private key 2018-08-15 13:57:06 +02:00
Kamil Dudka
178b0fc823 Resolves: #1219544 - ssl: set engine implicitly when a PKCS#11 URI is provided 2018-08-09 15:35:59 +02:00
Kamil Dudka
35134a4aee Related: #1610888 - relax crypto policy for the test-suite to make it pass again 2018-08-07 16:56:26 +02:00
Kamil Dudka
3fb6e23557 disable flaky test 1900, which covers deprecated HTTP pipelining 
See https://github.com/curl/curl/pull/2705 for details.
 2018-07-31 10:42:03 +02:00
Kamil Dudka
85286dc2b3 adapt test 323 for updated OpenSSL 2018-07-31 10:33:53 +02:00
Kamil Dudka
bcdea58703 temporarily disable test 582 on s390x (client times out) 2018-07-13 13:47:08 +02:00
Fedora Release Engineering
072eac2fb6 - Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild 
Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>
 2018-07-12 22:28:24 +00:00
Kamil Dudka
a89a46eca8 new upstream release - 7.61.0 
Resolves: CVE-2018-0500 - SMTP send heap buffer overflow
 2018-07-11 14:19:28 +02:00
Kamil Dudka
d41d215108 disable test 1455, which occasionally fails in Koji 
... with 'bind failed with errno 98: Address already in use'
 2018-07-10 15:16:40 +02:00
Kamil Dudka
9f5f0d1189 enable support for brotli compression in libcurl-full 2018-07-10 13:51:08 +02:00
Kamil Dudka
befa5428f0 do not hard-wire path of the Python 3 interpreter 2018-07-04 15:20:51 +02:00
Kamil Dudka
4f55f71cfe Related: #1570246 - enable vlagrind again 
This reverts commit e51a34d6cc.
 2018-07-04 15:15:24 +02:00
Kamil Dudka
e51a34d6cc Related: #1570246 - temporarily disable valgrind completely 
... and revert the previous workaround, which does not work on Koji
 2018-05-16 15:58:58 +02:00
Kamil Dudka
09c874db53 require glibc-debuginfo for valgrind-enabled build 
... as suggested by valgrind itself:

valgrind:  Fatal error at startup: a function redirection
valgrind:  which is mandatory for this platform-tool combination
valgrind:  cannot be set up.  Details of the redirection are:
valgrind:
valgrind:  A must-be-redirected function
valgrind:  whose name matches the pattern:      strlen
valgrind:  in an object with soname matching:   ld-linux-x86-64.so.2
valgrind:  was not found whilst processing
valgrind:  symbols from the object with soname: ld-linux-x86-64.so.2
valgrind:
valgrind:  Possible fixes: (1, short term): install glibc's debuginfo
valgrind:  package on this machine.  (2, longer term): ask the packagers
valgrind:  for your Linux distribution to please in future ship a non-
valgrind:  stripped ld.so (or whatever the dynamic linker .so is called)
valgrind:  that exports the above-named function using the standard
valgrind:  calling conventions for this platform.  The package you need
valgrind:  to install for fix (1) is called
valgrind:
valgrind:    On Debian, Ubuntu:                 libc6-dbg
valgrind:    On SuSE, openSuSE, Fedora, RHEL:   glibc-debuginfo
valgrind:
valgrind:  Note that if you are debugging a 32 bit process on a
valgrind:  64 bit system, you will need a corresponding 32 bit debuginfo
valgrind:  package (e.g. libc6-dbg:i386).
valgrind:
valgrind:  Cannot continue -- exiting now.  Sorry.
 2018-05-16 15:23:55 +02:00
Kamil Dudka
5a0fa9250b new upstream release, which fixes the following vulnerabilities 
Resolves: CVE-2018-1000300 - FTP shutdown response buffer overflow
Resolves: CVE-2018-1000301 - RTSP bad headers buffer over-read
 2018-05-16 15:02:28 +02:00
Kamil Dudka
a1b38730ce make the test-suite use Python 3 
Unfortunately, smbserver.py does not work with Python 3 because
there is no 'impacket' module available for Python 3:

https://github.com/CoreSecurity/impacket/issues/61
 2018-03-15 15:43:07 +01:00
Kamil Dudka
6402b496fc ftp: fix typo in recursive callback detection for seeking 2018-03-14 14:43:54 +01:00
Kamil Dudka
bdef0a1bf6 new upstream release - 7.59.0 
Resolves: CVE-2018-1000120 - FTP path trickery leads to NIL byte out of bounds write
Resolves: CVE-2018-1000121 - LDAP NULL pointer dereference
Resolves: CVE-2018-1000122 - RTSP RTP buffer over-read
 2018-03-14 10:28:05 +01:00
Kamil Dudka
43b81665b0 http2: mark the connection for close on GOAWAY 2018-03-12 10:28:21 +01:00
Paul Howarth
bdc6ab544b Robustness improvements to spec file 
- Add explicity-used build requirements
- Fix libcurl soname version number in %files list to avoid accidental soname
  bumps
 2018-02-19 10:10:12 +00:00
Paul Howarth
a16f4de7a2 Update scriptlets, enforce versioned libssh dependency 
- switch to %ldconfig_scriptlets
- drop legacy BuildRoot: and Group: tags
- enforce versioned libssh dependency for libcurl
 2018-02-15 09:57:54 +00:00
Igor Gnatenko
5012445aca Remove BuildRoot definition 
None of currently supported distributions need that.
It was needed last for EL5 which is EOL now

Signed-off-by: Igor Gnatenko <ignatenkobrain@fedoraproject.org>
 2018-02-13 23:11:49 +01:00
Kamil Dudka
960515d8a1 Related: #1540549 - drop temporary workaround for the GCC bug 2018-02-13 10:33:16 +01:00
Fedora Release Engineering
1bbb30f4f6 - Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild 
Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>
 2018-02-07 06:08:47 +00:00
Kamil Dudka
b76e2f2c65 Related: #1540549 - use the workaround for f28 only 
... so that it does not break the build with old versions of GCC
 2018-02-01 14:05:00 +01:00
Kamil Dudka
bf966a954e Related: #1540549 - temporarily work around internal compiler error on x86_64 2018-02-01 12:55:07 +01:00
Kamil Dudka
3ad2894efb disable brp-ldconfig to make RemovePathPostfixes work 
... with shared libraries again

Suggested at:
https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org/message/54Y4DZXHYSDXJDHJTBTBYLXC7OJ73JDU/
 2018-01-31 14:44:06 +01:00
Andreas Schneider
cbbefe6fb9 Resolves: #1531483 - use libssh (instead of libssh2) 
... to implement SCP/SFTP in libcurl
 2018-01-24 18:06:50 +01:00
Kamil Dudka
93c55561d3 new upstream release - 7.58.0 
Resolves: CVE-2018-1000005 - curl: HTTP/2 trailer out-of-bounds read
Resolves: CVE-2018-1000007 - curl: HTTP authentication leak in redirects
 2018-01-24 11:55:14 +01:00
Kamil Dudka
ed352e927e new upstream release - 7.57.0 
Resolves: CVE-2017-8816 - curl: NTLM buffer overflow via integer overflow
Resolves: CVE-2017-8817 - curl: FTP wildcard out of bounds read
Resolves: CVE-2017-8818 - curl: SSL out of buffer access
 2017-11-29 14:03:21 +01:00
Kamil Dudka
5d4a9257c3 new upstream release - 7.56.1 (fixes CVE-2017-1000257) 2017-10-23 10:13:16 +02:00
Kamil Dudka
c4a2596b22 re-enable temporarily disabled IDN2 test-cases 
test2033 is now marked flaky by upstream, so it does not need
to explicitly disabled any more
 2017-10-04 10:00:50 +02:00
Kamil Dudka
46c8abb050 new upstream release - 7.56.0 (fixes CVE-2017-1000254) 2017-10-04 09:36:05 +02:00
Kamil Dudka
b2dab7f315 Resolves: #1485702 - apply the patch for the previous commit and fix its name 2017-08-28 13:40:42 +02:00
Bastien Nocera
57a73689a9 + curl-7.55.1-4 
Fix NetworkManager connectivity check not working (#1485702)
 2017-08-28 13:26:23 +02:00