SEARCH
NEW RPMS
DIRECTORIES
ABOUT
FAQ
VARIOUS
BLOG

 
 
Changelog for libcurl4-32bit-7.21.2-10.13.1.x86_64.rpm :
Thu Jan 26 13:00:00 2012 vcizekAATTsuse.com
- workaround to CVE-2011-2192 by disabling GSSAPI (bnc#698796)

Sun Jan 22 13:00:00 2012 mmarekAATTsuse.cz
- Fix IMAP, POP3 and SMTP URL sanitization (bnc#740452,
CVE-2012-0036)
- Disable SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG option when built
against an older OpenSSL version (CVE-2010-4180).
- Don\'t enable SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS (bnc#742306,
CVE-2011-3389).

Fri Oct 22 14:00:00 2010 cristian.rodriguezAATTopensuse.org
- Update to version 7.21.2

* curl -T: ignore file size of special files

* Added GOPHER protocol support

* Added mk-ca-bundle.vbs script

* c-ares build now requires c-ares >= 1.6.0

* --remote-header-name security vulnerability fixed

* multi: support the timeouts correctly, fixes known bug #62

* multi: use timeouts properly for MAX_RECV/SEND_SPEED

* negotiation: Wrong proxy authorization

* multi: avoid sending multiple complete messages

* cmdline: make -F type= accept ;charset=

* RESUME_FROM: clarify what ftp uploads do

* http: handle trailer headers in all chunked responses

* Curl_is_connected: use correct errno

* progress: callback for POSTs less than MAX_INITIAL_POST_SIZE

* Link curl and the test apps with -lrt explicitly when necessary

* chunky parser: only rewind stream internally if needed

* remote-header-name: don\'t output filename when NULL

* Curl_timeleft: avoid returning \"no timeout\" by mistake

* timeout: use the correct start value as offset

* FTP: fix wrong timeout trigger

* rtsp: avoid SIGSEGV on malformed header

* LDAP: Support for tunnelling queries through HTTP proxy

* curl_easy_duphandle: clone the c-ares handle correctly

* support URL containing colon without trailing port number

* parsedate: allow time specified without seconds

* curl_easy_escape: don\'t escape \"unreserved\" characters

* SFTP: avoid downloading negative sizes

* Lots of GSS/KRB FTP fixes

* TFTP: Work around tftpd-hpa upload bug

* libcurl.m4: several fixes

* HTTP: remove special case for 416

* globbing: fix crash on unballanced open brace

Wed Jun 2 14:00:00 2010 lnusselAATTsuse.de
- allowing switching to nss instead of openssl via bcond

Mon May 10 14:00:00 2010 crrodriguezAATTopensuse.org
- disable c-ares support while bnc598574 is fixed.

Sat Apr 24 14:00:00 2010 cooloAATTnovell.com
- buildrequire pkg-config to fix provides

Fri Apr 23 14:00:00 2010 crrodriguezAATTopensuse.org
- Update to libcurl 7.20.1

* off-by-one in the chunked encoding trailer parser

* CURLOPT_CERTINFO memory leak

* threaded resolver double free when closing curl handle

* url_multi_remove_handle() caused use after free

* SSL possible double free when reusing curl handle

* alarm()-based DNS timeout bug

Wed Mar 24 13:00:00 2010 crrodriguezAATTopensuse.org
- enable libssh2 support unconditionally.

Wed Mar 10 13:00:00 2010 crrodriguezAATTopensuse.org
- enable libcares support unconditionally.

Sat Feb 13 13:00:00 2010 dimstarAATTopensuse.org
- Update to version 7.20.0:

* support SSL_FILETYPE_ENGINE for client certificate

* curl-config can now show the arguments used when building curl

* non-blocking TFTP

* send Expect: 100-continue for POSTs with unknown sizes

* added support for IMAP(S), POP3(S), SMTP(S) and RTSP

* added new curl_easy_setopt() options for SMTP and RTSP

* added --mail-from and --mail-rcpt for SMTP

* VMS build system enhancements

* added support for the PRET ftp command

* curl supports --ssl and --ssl-reqd

* added -J/--remote-header-name for using server-provided
filename with -O

* enhanced asynchronous DNS lookups

* symbol CURL_FORMAT_OFF_T is obsoleted

* many bugfixes

Tue Jan 26 13:00:00 2010 mmarekAATTsuse.cz
- updated to 7.19.7

* -T. is now for non-blocking uploading from stdin

* SYST handling on FTP for OS/400 FTP server cases

* libcurl refuses to read a single HTTP header longer than 100K

* added the --crlfile option to curl

* many bugfixes

Mon Jan 11 13:00:00 2010 meissnerAATTsuse.de
- add baselibs.conf as source

Thu Aug 13 14:00:00 2009 mmarekAATTsuse.cz
- updated to 7.19.6

* CURLOPT_FTPPORT (and curl\'s -P/--ftpport) support port ranges

* Added CURLOPT_SSH_KNOWNHOSTS, CURLOPT_SSH_KEYFUNCTION,
CURLOPT_SSH_KEYDATA

* CURLOPT_QUOTE, CURLOPT_POSTQUOTE and CURLOPT_PREQUOTE can be
told to ignore error responses when used with FTP

* fixed CVE-2009-2417 (matching certificates with embedded NUL
bytes)

* many other bugfixes

Tue May 19 14:00:00 2009 mmarekAATTsuse.cz
- remove the Obsoletes: curl-ca-bundle, it breaks parallel
installation of older libcurl packages (bnc#484044).

Tue May 19 14:00:00 2009 mmarekAATTsuse.cz
- updated to 7.19.5

* libcurl now closes all dead connections whenever you attempt to
open a new connection

* libssh2\'s version number can now be figured out run-time
instead of using the build-time fixed number

* CURLOPT_SEEKFUNCTION may now return CURL_SEEKFUNC_CANTSEEK

* curl can now upload with resume even when reading from a pipe

* a build-time configured curl_socklen_t is now used instead of
socklen_t
- by default, don\'t abort if the testsuite fails.

Thu Mar 5 13:00:00 2009 mmarekAATTsuse.cz
- don\'t run autoreconf -fi as it breaks on older distros and
upstream uses recent autotools already.

Mon Mar 2 13:00:00 2009 mmarekAATTsuse.cz
- updated to 7.19.4

* don\'t follow redirects to file:// and scp:// by default; add
new curl_easy_setopt options CURLOPT_PROTOCOLS and
CURLOPT_REDIR_PROTOCOLS to specify which protocols are allowed
and which protocols are allowed to redirect to (bnc#475103,
CVE-2009-0037)

* Added CURLOPT_NOPROXY and the corresponding --noproxy

* the OpenSSL-specific code disables TICKET (rfc5077) which is
enabled by default in openssl 0.9.8j

* Added CURLOPT_TFTP_BLKSIZE

* Added CURLOPT_SOCKS5_GSSAPI_SERVICE and
CURLOPT_SOCKS5_GSSAPI_NEC - with the corresponding curl options
- -socks5-gssapi-service and --socks5-gssapi-nec

* Improved IPv6 support when built with with c-ares >= 1.6.1

* Added CURLPROXY_HTTP_1_0 and --proxy1.0

* Added docs/libcurl/symbols-in-versions

* Added CURLINFO_CONDITION_UNMET

* Added support for Digest and NTLM authentication using GnuTLS

* CURLOPT_FTP_CREATE_MISSING_DIRS can now be set to 2 to retry
the CWD even when MKD fails

* GnuTLS initing moved to curl_global_init()

* CURLAUTH_DIGEST_IE bit added for CURLOPT_HTTPAUTH and
CURLOPT_PROXYAUTH

* pkg-config can now show supported_protocols and
supported_features

* Added CURLOPT_CERTINFO and CURLINFO_CERTINFO

* Added CURLOPT_POSTREDIR

* Better detect HTTP 1.0 servers and don\'t do HTTP 1.1 requests
on them

* configure --disable-proxy disables proxy support

* Added CURLOPT_USERNAME and CURLOPT_PASSWORD

* --interface now works with IPv6 connections on glibc systems

* Added CURLOPT_PROXYUSERNAME and CURLOPT_PROXYPASSWORD

Wed Dec 10 13:00:00 2008 olhAATTsuse.de
- use Obsoletes: -XXbit only for ppc64 to help solver during distupgrade
(bnc#437293)

Thu Oct 30 13:00:00 2008 olhAATTsuse.de
- obsolete old -XXbit packages (bnc#437293)

Mon Sep 15 14:00:00 2008 mmarekAATTsuse.cz
- only buildrequire stunnel when built --with stunnel

Thu Sep 11 14:00:00 2008 mmarekAATTsuse.cz
- test 279 no longer fails with runtests.pl -b

Tue Sep 2 14:00:00 2008 mmarekAATTsuse.cz
- updated to 7.19.0

* curl_off_t gets its size/typedef somewhat differently than
before. This _may_ cause an ABI change for you. See
/usr/share/doc/packages/curl/README.curl_off_t for a full
explanation. (Should not affect our package as it has LFS
enabled)

* Added CURLINFO_PRIMARY_IP

* Added CURLOPT_CRLFILE and CURLE_SSL_CRL_BADFILE

* Added CURLOPT_ISSUERCERT and CURLE_SSL_ISSUER_ERROR

* curl\'s option parser for boolean options reworked

* Added --remote-name-all

* Added CURLINFO_APPCONNECT_TIME

* Added test selection by key word in runtests.pl

* the curl tool\'s -w option support the %{ssl_verify_result}
variable

* Added CURLOPT_ADDRESS_SCOPE and scope parsing of the URL
according to RFC4007

* Support --append on SFTP uploads (not with OpenSSH, though)

* Added curlbuild.h and curlrules.h to the external library
interface

* lots of bugfixes

Wed Jun 4 14:00:00 2008 mmarekAATTsuse.cz
- updated to 7.18.2

* CURLFORM_STREAM was added

* CURLOPT_NOBODY is now supported over SFTP

* curl can now run on Symbian OS

* curl -w redirect_url and CURLINFO_REDIRECT_URL

* added curl_easy_send() and curl_easy_recv()

* some bugfixes

Sat May 17 14:00:00 2008 cooloAATTsuse.de
- fix renaming of xxbit packages

Mon Apr 28 14:00:00 2008 mmarekAATTsuse.cz
- disable c-ares support again until bnc#381709 is fixed
- build with libssh2 support in the devel:libraries:c_c++ project

Fri Apr 11 14:00:00 2008 mmarekAATTsuse.cz
- build with c-ares support
- fixed build for older dists

Thu Apr 10 14:00:00 2008 roAATTsuse.de
- added baselibs.conf file to build xxbit packages
for multilib support

Wed Apr 2 14:00:00 2008 mmarekAATTsuse.de
- obsolete curl-ca-bundle by the library package

Mon Mar 31 14:00:00 2008 mmarekAATTsuse.cz
- updated to 7.18.1

* minor fixes since last update

Fri Mar 21 13:00:00 2008 mmarekAATTsuse.cz
- updated to cvs snapshot 20080321

* added support for HttpOnly cookies

* we no longer distribute or install a ca cert bundle

* SSLv2 is now disabled by default for SSL operations

* the test509-style setting URL in callback is officially no
longer supported

* support a full chain of certificates in a given PKCS12
certificate

* resumed transfers work with SFTP

* added type checking macros for curl_easy_setopt() and
curl_easy_getinfo(), watch out for new warnings in code using
libcurl (needs gcc-4.3 and currently only works in C mode)

* curl_easy_setopt(), curl_easy_getinfo(), curl_share_setopt()
and curl_multi_setopt() uses are now checked to use exactly
three arguments

Mon Mar 10 13:00:00 2008 mmarekAATTsuse.cz
- clean up curl-config --libs output, thanks to Cristian Rodríguez
for pointing it out

Fri Mar 7 13:00:00 2008 mmarekAATTsuse.cz
- build with gssapi support (thanks to Michael Calmer)

Mon Feb 18 13:00:00 2008 mmarekAATTsuse.cz
- removed Requires: openssl-certs - doesn\'t exist on older dists
and is required by libopenssl otherwise
- allow to build the package even if the testsuite fails

Fri Feb 8 13:00:00 2008 mmarekAATTsuse.cz
- use /etc/ssl/certs instead of own curl-ca-bundle.crt

* more up-to-date ca cert collection (bnc#334690)

* allows for easier updates of ca certs

Tue Jan 29 13:00:00 2008 mmarekAATTsuse.cz
- updated to 7.18.0

* --data-urlencode

* CURLOPT_PROXY_TRANSFER_MODE

* --no-keepalive - now curl does connections with keep-alive
enabled by default

* --socks4a added (proxy type CURLPROXY_SOCKS4A for libcurl)

* --socks5-hostname added (CURLPROXY_SOCKS5_HOSTNAME for libcurl)

* curl_easy_pause()

* CURLOPT_SEEKFUNCTION and CURLOPT_SEEKDATA

* --keepalive-time

* curl --help output was re-ordered

* bugfixes
- fixed test553 to work with different port number

Thu Jan 10 13:00:00 2008 mmarekAATTsuse.cz
- only print -lcurl in curl-config to reduce dependencies

Tue Dec 11 13:00:00 2007 mmarekAATTsuse.cz
- backported the CURLOPT_PROXY_TRANSFER_MODE patch [#306272#c26]

Fri Nov 16 13:00:00 2007 mmarekAATTsuse.cz
- fixed the testsuite on hosts that have no IPv6 support [#341994]
curl-testsuite-safely-skip-http-ipv6.patch
curl-testsuite-remember-broken-servers.patch
- added stunnel to BuildRequires to enable SSL tests

Tue Oct 30 13:00:00 2007 mmarekAATTsuse.cz
- updated to 7.17.1

* automatically append \";type=\" when using HTTP proxies for
FTP urls [#306272]

* improved NSS support

* added --proxy-negotiate

* added --post301 and CURLOPT_POST301

* builds with c-ares 1.5.0

* added CURLOPT_SSH_HOST_PUBLIC_KEY_MD5 and --hostpubmd5

* renamed CURLE_SSL_PEER_CERTIFICATE to
CURLE_PEER_FAILED_VERIFICATION

* added CURLOPT_OPENSOCKETFUNCTION and CURLOPT_OPENSOCKETDATA

* CULROPT_COOKIELIST supports \"FLUSH\"

* added CURLOPT_COPYPOSTFIELDS

* added --static-libs to curl-config

* many bugfixes, inc. fix for bug #332917

Thu Oct 11 14:00:00 2007 mszerediAATTsuse.de
- Add missing dependency (openldap2-devel) for libcurl-devel

Mon Oct 8 14:00:00 2007 mmarekAATTsuse.cz
- updated to 7.17.0

* curl_easy_setopt() now allocates strings passed to it

* LDAP libraries are now linked \"regularly\" and not with dlopen
(the strict-aliasing patch can go away)

* HTTP transfers have the download size info \"available\" earlier

* FTP transfers have the download size info \"available\" earlier

* several error codes and options were marked as obsolete and
subject to future removal (set CURL_NO_OLDIES to see if your
application is using them)

* some bugfixes (see /usr/share/doc/packages/curl/RELEASE-NOTES)
- added fixes for some post-7.17 bugs
- removed some less useful %%doc files

Fri Sep 14 14:00:00 2007 mmarekAATTsuse.cz
- set transfer mode (binary/ascii) when retrieving ftp:// urls via
an http proxy (curl-ftp-httpproxy.patch) [#306272]

Wed Aug 29 14:00:00 2007 mmarekAATTsuse.cz
- s/openssl-devel/libopenssl-devel/ [#305815]

Fri Aug 3 14:00:00 2007 mmarekAATTsuse.cz
- updated to 7.16.4

* added CURLOPT_NEW_FILE_PERMS and CURLOPT_NEW_DIRECTORY_PERMS

* improved hashing of sockets for the multi_socket API

* ftp kerberos5 support added

* some bugfixes (see /usr/share/doc/packages/curl/RELEASE-NOTES)
- fixed libcurl-devel Provides: [#293401]

Mon Jul 9 14:00:00 2007 mmarekAATTsuse.cz
- updated to 7.16.3

* many bugfixes

* support for running multiple testsuites in paralell
- removed lfs patch leftover

Mon Jun 4 14:00:00 2007 mmarekAATTsuse.cz
- install libcurl.m4 [#275462]

Fri Jun 1 14:00:00 2007 dmuellerAATTsuse.de
- fix obsoletes for alpha3 update
- fix ldconfig call

Wed May 23 14:00:00 2007 bkAATTsuse.de
- updated to 7.16.2 (lots of fixes, fixes a segfault in git-http)

Fri May 4 14:00:00 2007 mmarekAATTsuse.cz
- also avoid non-versioned obsoletes

Mon Apr 16 14:00:00 2007 mmarekAATTsuse.de
- avoid non-versioned provides
- removed old curl_ssl provides/obsoletes from 7.1 times

Mon Apr 2 14:00:00 2007 rguentherAATTsuse.de
- split off libcurl4 and curl-ca-bundle packages, rename curl-devel
to libcurl-devel

Sat Mar 31 14:00:00 2007 rguentherAATTsuse.de
- add zlib-devel BuildRequires

Fri Feb 16 13:00:00 2007 mmarekAATTsuse.cz
- better patch for #246179

Fri Feb 16 13:00:00 2007 mmarekAATTsuse.cz
- fix CURLOPT_RANGE reset for ftp transfers
[#246179] (ftp_range.patch)
- updated to 7.16.1 (other bugfixes)

Fri Jan 26 13:00:00 2007 mmarekAATTsuse.cz
- remove libcurl.a and libcurl.la (rationale: there are security
updates of curl from time to time, so statically linking it is
not acceptable)

Thu Jan 25 13:00:00 2007 mmarekAATTsuse.cz
- fixed strict aliasing warnings

Tue Dec 19 13:00:00 2006 mmarekAATTsuse.cz
- updated to 7.16.0

* removed CURLOPT_SOURCE_
* options and --3p
* command line option
(breaks python-curl atm)

* for a complete list of changes, see
/usr/share/doc/packages/curl/RELEASE-NOTES

Tue Aug 15 14:00:00 2006 mmarekAATTsuse.cz
- configure with --enable-hidden-symbols to compile libcurl with
- fvisibility=hidden, exporting only symbols from the API

Tue Aug 15 14:00:00 2006 mmarekAATTsuse.cz
- updated to version 7.15.5

* added --ftp-ssl-reqd

* modified the prototype for the socket callback set with
CURLMOPT_SOCKETFUNCTION

* added curl_multi_assign()

* added CURLOPT_FTP_ALTERNATIVE_TO_USER and --ftp-alternative-to-user

* added a vcproj file for building libcurl

* added curl_formget()

* added CURLOPT_MAX_SEND_SPEED_LARGE and CURLOPT_MAX_RECV_SPEED_LARGE

* Made -K on a file that couldn\'t be read cause a warning to be displayed

* some bugfixes
- dropped epsv-firewall.patch which was intergrated in 7.15.2

Sat Jul 1 14:00:00 2006 cthielAATTsuse.de
- update to version 7.15.4, changes & fixes for this version:

* NTLM2 session response support

* CURLOPT_COOKIELIST set to \"SESS\" clears all session cookies

* CURLINFO_LASTSOCKET returned sockets are now checked more before
returned

* curl-config got a --checkfor option to compare version numbers

* line end conversions for FTP ASCII transfers

* curl_multi_socket() API added (still mostly untested)

* conversion callback options for EBCDIC <=> ASCII conversions

* added CURLINFO_FTP_ENTRY_PATH

* less blocking for the multi interface during (Open)SSL connect
negotiation

* builds fine on cygwin

* md5-sess with Digest authentication

* dict with letters such as space in a word

* dict with url-encoded words in the URL

* libcurl.m4 when default=yes but no libcurl was found

* numerous bugs fixed in the TFTP code

* possible memory leak when adding easy handles to multi stack

* TFTP works in a more portable fashion (== on more platforms)

* WSAGetLastError() is now used (better) on Windows

* GnuTLS non-block case that could cause data trashing

* deflate code survives lack of zlib header

* CURLOPT_INTERFACE works with hostname

* configure runs fine with ICC

* closed control connection with FTP when easy handle was removed from
multi

* curl --trace crash when built with VS2005

* SSL connect time-out

* improved NTLM functionality

* following redirects with more than one question mark in source URL

* fixed debug build crash with -d

* generates a fine AIX Toolbox RPM spec

* treat FTP AUTH failures properly

* TFTP transfers could trash data

* -d + -G combo crash


  
ICM