rpms/curl
3
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
441 Commits 42 Branches 269 Tags 2.7 MiB
58646f29cc
Commit Graph

413 Commits

Author SHA1 Message Date
Kamil Dudka
58646f29cc Resolves: CVE-2018-16842 - make the patch for CVE-2018-16842 apply properly 
`git apply` fails silently unless `git init` is invoked first.
 2018-11-15 15:37:02 +01:00
Kamil Dudka
a1bd4f84de Resolves: CVE-2018-16839 - SASL password overflow via integer overflow 2018-11-01 11:50:08 +01:00
Kamil Dudka
00c5d944d9 Resolves: CVE-2018-16840 - fix use-after-free in handle close 2018-11-01 11:49:16 +01:00
Kamil Dudka
796d905297 Resolves: CVE-2018-16842 - fix bad arethmetic when outputting warnings to stderr 
Use `git apply` to apply the patch because `patch` would fail with:

File tests/data/test2080: git binary diffs are not supported.
 2018-11-01 11:07:08 +01:00
Kamil Dudka
6c95600fed test320: update expected output for gnutls-3.6.4 2018-11-01 11:05:08 +01:00
Kamil Dudka
5f4e92def3 Resolves: CVE-2018-14618 - fix NTLM password overflow via integer overflow 2018-09-05 14:14:59 +02:00
Kamil Dudka
503408095b Related: #1622594 - tests: make ssh-keygen always produce PEM format 
The default format produced by openssh-7.8p1 cannot be consumed
by currently available versions of libssh and libssh2.
 2018-09-05 14:13:36 +02:00
Kamil Dudka
964e6fe0a3 Resolves: #1595135 - scp/sftp: fix infinite connect loop on invalid private key 2018-09-05 14:09:46 +02:00
Kamil Dudka
ab86f69980 Resolves: #1219544 - ssl: set engine implicitly when a PKCS#11 URI is provided 2018-08-09 15:45:04 +02:00
Kamil Dudka
c79dff9b8b Resolves: CVE-2018-0500 - fix heap buffer overflow in SMTP send 2018-07-11 17:51:58 +02:00
Kamil Dudka
67e93f67b8 Resolves: #1585797 - http2: handle GOAWAY properly 2018-06-05 15:10:20 +02:00
Kamil Dudka
73d6b73380 Resolves: CVE-2018-1000300 - fix FTP shutdown response buffer overflow 2018-05-18 16:20:36 +02:00
Kamil Dudka
5dee6fb8b3 Resolves: CVE-2018-1000301 - http: restore buffer ptr when bad response-line is parsed 2018-05-18 16:19:28 +02:00
Kamil Dudka
6402b496fc ftp: fix typo in recursive callback detection for seeking 2018-03-14 14:43:54 +01:00
Kamil Dudka
bdef0a1bf6 new upstream release - 7.59.0 
Resolves: CVE-2018-1000120 - FTP path trickery leads to NIL byte out of bounds write
Resolves: CVE-2018-1000121 - LDAP NULL pointer dereference
Resolves: CVE-2018-1000122 - RTSP RTP buffer over-read
 2018-03-14 10:28:05 +01:00
Kamil Dudka
43b81665b0 http2: mark the connection for close on GOAWAY 2018-03-12 10:28:21 +01:00
Paul Howarth
bdc6ab544b Robustness improvements to spec file 
- Add explicity-used build requirements
- Fix libcurl soname version number in %files list to avoid accidental soname
  bumps
 2018-02-19 10:10:12 +00:00
Paul Howarth
a16f4de7a2 Update scriptlets, enforce versioned libssh dependency 
- switch to %ldconfig_scriptlets
- drop legacy BuildRoot: and Group: tags
- enforce versioned libssh dependency for libcurl
 2018-02-15 09:57:54 +00:00
Igor Gnatenko
5012445aca Remove BuildRoot definition 
None of currently supported distributions need that.
It was needed last for EL5 which is EOL now

Signed-off-by: Igor Gnatenko <ignatenkobrain@fedoraproject.org>
 2018-02-13 23:11:49 +01:00
Kamil Dudka
960515d8a1 Related: #1540549 - drop temporary workaround for the GCC bug 2018-02-13 10:33:16 +01:00
Fedora Release Engineering
1bbb30f4f6 - Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild 
Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>
 2018-02-07 06:08:47 +00:00
Kamil Dudka
b76e2f2c65 Related: #1540549 - use the workaround for f28 only 
... so that it does not break the build with old versions of GCC
 2018-02-01 14:05:00 +01:00
Kamil Dudka
bf966a954e Related: #1540549 - temporarily work around internal compiler error on x86_64 2018-02-01 12:55:07 +01:00
Kamil Dudka
3ad2894efb disable brp-ldconfig to make RemovePathPostfixes work 
... with shared libraries again

Suggested at:
https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org/message/54Y4DZXHYSDXJDHJTBTBYLXC7OJ73JDU/
 2018-01-31 14:44:06 +01:00
Andreas Schneider
cbbefe6fb9 Resolves: #1531483 - use libssh (instead of libssh2) 
... to implement SCP/SFTP in libcurl
 2018-01-24 18:06:50 +01:00
Kamil Dudka
93c55561d3 new upstream release - 7.58.0 
Resolves: CVE-2018-1000005 - curl: HTTP/2 trailer out-of-bounds read
Resolves: CVE-2018-1000007 - curl: HTTP authentication leak in redirects
 2018-01-24 11:55:14 +01:00
Kamil Dudka
ed352e927e new upstream release - 7.57.0 
Resolves: CVE-2017-8816 - curl: NTLM buffer overflow via integer overflow
Resolves: CVE-2017-8817 - curl: FTP wildcard out of bounds read
Resolves: CVE-2017-8818 - curl: SSL out of buffer access
 2017-11-29 14:03:21 +01:00
Kamil Dudka
5d4a9257c3 new upstream release - 7.56.1 (fixes CVE-2017-1000257) 2017-10-23 10:13:16 +02:00
Kamil Dudka
c4a2596b22 re-enable temporarily disabled IDN2 test-cases 
test2033 is now marked flaky by upstream, so it does not need
to explicitly disabled any more
 2017-10-04 10:00:50 +02:00
Kamil Dudka
46c8abb050 new upstream release - 7.56.0 (fixes CVE-2017-1000254) 2017-10-04 09:36:05 +02:00
Kamil Dudka
b2dab7f315 Resolves: #1485702 - apply the patch for the previous commit and fix its name 2017-08-28 13:40:42 +02:00
Bastien Nocera
57a73689a9 + curl-7.55.1-4 
Fix NetworkManager connectivity check not working (#1485702)
 2017-08-28 13:26:23 +02:00
Kamil Dudka
0480ac07c5 Resolves: #1483972 - utilize system wide crypto policies for TLS 2017-08-22 17:39:58 +02:00
Kamil Dudka
8eae4647c3 make zsh completion work again 2017-08-15 12:34:08 +02:00
Kamil Dudka
019e1c424c new upstream release - 7.55.1 2017-08-14 09:39:22 +02:00
Kamil Dudka
a12eed4ad5 avoid int overflow on arches with 32bit long 
Bug: https://github.com/curl/curl/pull/1748
 2017-08-09 14:34:27 +02:00
Kamil Dudka
46ef14b039 add BR for gnutls-utils to increase test coverage 2017-08-09 13:48:21 +02:00
Kamil Dudka
8e0d8e3815 add tests/{dictserver,negtelnetserver}.py 
... not included in EXTRA_DIST: https://github.com/curl/curl/pull/1744
 2017-08-09 12:36:41 +02:00
Kamil Dudka
ffdd721180 explicitly install libcurl man pages 2017-08-09 11:47:30 +02:00
Kamil Dudka
574639b8f6 drop multilib fix for libcurl header files no longer needed 2017-08-09 11:34:32 +02:00
Kamil Dudka
46042daf78 new upstream release - 7.55.0 
Resolves: CVE-2017-1000099 - FILE buffer read out of bounds
Resolves: CVE-2017-1000100 - TFTP sends more than buffer size
Resolves: CVE-2017-1000101 - URL globbing out of bounds read
 2017-08-09 10:52:10 +02:00
Fedora Release Engineering
0aa4c628e2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild 2017-08-02 19:22:27 +00:00
Florian Weimer
4af228aa7a Rebuild with fixed binutils (#1475636) 2017-07-28 21:15:25 +02:00
Igor Gnatenko
6ec12398a3 Enable separate debuginfo back 
Signed-off-by: Igor Gnatenko <ignatenkobrain@fedoraproject.org>
 2017-07-28 19:43:57 +02:00
Kamil Dudka
a042788c8a rebuild to fix broken linkage of cmake on ppc64le 2017-07-27 10:02:53 +02:00
Kamil Dudka
03b8614ff6 avoid build failure caused broken RPM code 
... that produces debuginfo packages

Bug: https://github.com/rpm-software-management/rpm/issues/280
 2017-07-26 16:48:08 +02:00
Fedora Release Engineering
44f7d8692a - Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild 2017-07-26 05:48:14 +00:00
Kamil Dudka
18e7a55066 Resolves: #1462184 - enforce versioned openssl-libs dependency for libcurl 2017-06-19 14:28:19 +02:00
Kamil Dudka
0aa20e6c92 new upstream release - 7.54.1 2017-06-14 10:50:24 +02:00
Kamil Dudka
e4d662f774 add *-full provides for curl and libcurl 
... to make them explicitly installable
 2017-05-16 13:28:03 +02:00