SEARCH
NEW RPMS
DIRECTORIES
ABOUT
FAQ
VARIOUS
BLOG

 
 
Changelog for libcurl-devel-7.38.0-8.1.x86_64.rpm :
Wed Sep 10 14:00:00 2014 vcizekAATTsuse.com
- update to 7.38.0

* fixes CVE-2014-3613 (bnc#894575) and CVE-2014-3620 (bnc#895991)

* cookie leaks with IP address as domain and TLDs respectively
Changes:
supports HTTP/2 draft-14
CURLE_HTTP2 is a new error code
CURLAUTH_NEGOTIATE is a new auth define
CURL_VERSION_GSSAPI is a new capability bit
no longer use fbopenssl for anything
schannel: use CryptGenRandom for random numbers
axtls: define curlssl_random using axTLS\'s PRNG
cyassl: use RNG_GenerateBlock to generate a good random number
findprotocol: show unsupported protocol within quotes
version: detect and show LibreSSL
version: detect and show BoringSSL
imap/pop3/smtp: Kerberos (SASL GSSAPI) authentication via Windows SSPI
http2: requires nghttp2 0.6.0 or later
Bugfixes:
SECURITY ADVISORY: cookie leak with IP address as domain
SECURITY ADVISORY: cookie leak for TLDs
And many other fixes

Thu Aug 28 14:00:00 2014 andreas.stiegerAATTgmx.de
- curl 7.37.1:
This release includes many bugfixes and the following changes:

* bits.close: introduce connection close tracking

* darwinssl: Add support for --cacert

* polarssl: add ALPN support

* docs: Added new option man pages

Thu Jun 12 14:00:00 2014 vcizekAATTsuse.com
- update to 7.37.0
This release includes many bugfixes and the following changes:

* URL parser: IPv6 zone identifiers are now supported

* CURLOPT_PROXYHEADER: set headers for proxy-only

* CURLOPT_HEADEROPT: added

* curl: add --proxy-header

* sasl: Added support for DIGEST-MD5 via Windows SSPI

* sasl: Added DIGEST-MD5 qop-option validation in native challange handling

* imap: Expanded mailbox SEARCH support to use URL query strings [7]

* imap: Extended FETCH support to include PARTIAL URL specifier [7]

* nss: implement non-blocking SSL handshake

* build: Reworked Visual Studio project files

* poll: enable poll on darwin13

* mk-ca-bundle: added -p

* libtests: add a wait_ms() function
- dropped patches:

* curl-mkhelp.patch (upstream)

* curl-test815.patch (upstream)

Fri Apr 11 14:00:00 2014 vcizekAATTsuse.com
- remove the useless BuildRequires that were meant for debugging only

Wed Apr 9 14:00:00 2014 vcizekAATTsuse.com
- update to 7.36

* fixes CVE-2014-0138 (bnc#868627) and CVE-2014-0139 (bnc#868629)

* NEW FEATURES:
ntlm: Added support for NTLMv2
tool: Added support for URL specific options
openssl: add ALPN support
gtls: add ALPN support
nss: add ALPN and NPN support
added CURLOPT_EXPECT_100_TIMEOUT_MS
tool: add --no-alpn and --no-npn
added CURLOPT_SSL_ENABLE_NPN and CURLOPT_SSL_ENABLE_ALPN
http2: build with current nghttp2 version
openssl: info message with SSL version used

* dropped curl-test172_cookie_expiration.patch (upstream)

* added patches to make it build:
- curl-mkhelp.patch
- curl-test815.patch

Thu Mar 13 13:00:00 2014 kukukAATTsuse.de
- Disable BuildRequires for openssh, only needed for test suite,
but the test suite isn\'t able to start sshd anyways.
Solves the problem that openssh checkins triggers a nearly full
rebuild, too.

Tue Feb 4 13:00:00 2014 vcizekAATTsuse.com
- update to 7.35.0

* security fix:
CVE-2014-0015: re-use of wrong HTTP NTLM connection (bnc#858673)

* changes:
imap/pop3/smtp: Added support for SASL authentication downgrades
imap/pop3/smtp: Extended the login options to support multiple auth mechanisms
TheArtOfHttpScripting: major update, converted layout and more
mprintf: Added support for I, I32 and I64 size specifiers
makefile: Added support for VC7, VC11 and VC12
SSL: protocol version can be specified more precisely
imap/pop3/smtp: Added graceful cancellation of SASL authentication
Add \"Happy Eyeballs\" for IPv4/IPv6 dual connect attempts
base64: Added validation of base64 input strings when decoding
curl_easy_setopt: Added the ability to set the login options separately
smtp: Added support for additional SMTP commands
curl_easy_getinfo: Added CURLINFO_TLS_SESSION for accessing TLS internals
nss: allow to use TLS > 1.0 if built against recent NSS
SECURITY: added this document to describe our security processes
parseconfig: warn if unquoted white spaces are detected

* and many bugfixes
- fix test failure because of an expired cookie (bnc#862144)

* added curl-test172_cookie_expiration.patch
- refresh libcurl-ocloexec.patch

Fri Nov 29 13:00:00 2013 vcizekAATTsuse.com
- update to 7.33.0

* fixes CVE-2013-4545 (bnc#849596)
= curl: ssl cert checks unclear behaviour
o test code for testing the event based API
o CURLM_ADDED_ALREADY: new error code
o test TFTP server: support \"writedelay\" within
o krb4 support has been removed
o imap/pop3/smtp: added basic SASL XOAUTH2 support
o Pass password to OpenSSL engine by user interface
o c-ares: Add support for various DNS binding options
o cookies: add expiration
o curl: added --oauth2-bearer option

Mon Aug 12 14:00:00 2013 crrodriguezAATTopensuse.org
- curl 7.32.0

* curl: allow timeouts to accept decimal values

* CURLOPT_XFERINFOFUNCTION: introducing a new progress callback

* SIGPIPE: ignored while inside the library

* OpenSSL: check for read errors

* configure: automake 1.14 compatibility tweak

* curl_multi_wait: set revents for extra fds

* global dns cache: didn\'t work (regression)

* mk-ca-bundle.1: don\'t install on make install

Mon Jul 1 14:00:00 2013 cooloAATTsuse.com
- avoid cycle between curl and krb5 by using krb5-mini-devel

Mon Jun 24 14:00:00 2013 vcizekAATTsuse.com
- update to 7.31.0

* includes fix for CVE-2013-2174 (bnc#824517)

* SECURITY VULNERABILITY: curl_easy_unescape() may parse data
beyond the end of the input buffer [26]

* Changes:
darwinssl: add TLS session resumption
darwinssl: add TLS crypto authentication
imap/pop3/smtp: Added support for ;auth= in the URL
imap/pop3/smtp: Added support for ;auth= to CURLOPT_USERPWD
usercertinmem.c: add example showing user cert in memory
url: Added smtp and pop3 hostnames to the protocol detection list
imap/pop3/smtp: Added support for enabling the SASL initial response
curl -E: allow to use \':\' in certificate nicknames

Fri Apr 12 14:00:00 2013 vcizekAATTsuse.com
- update to 7.30.0
includes security fixes for CVE-2013-0249 and CVE-2013-1944
(bugs bnc#814655 and bnc#802411 respectively)
(dropped curl-CVE-2013-0249.patch)
- Changes:
imap: Changed response tag generation to be completely unique
imap: Added support for SASL-IR extension
imap: Added support for the list command
imap: Added support for the append command
imap: Added custom request parsing
imap: Added support to the fetch command for UID and SECTION properties
imap: Added parsing and verification of the UIDVALIDITY mailbox attribute
imap/pop3/smtp: Added support for the STARTTLS capability
checksrc: ban use of sprintf, vsprintf, strcat, strncat and gets
curl_global_init() now accepts the CURL_GLOBAL_ACK_EINTR flag
Added CURLMOPT_MAX_HOST_CONNECTIONS, CURLMOPT_MAX_TOTAL_CONNECTIONS
for new multi interface connection handling
Added CURLMOPT_MAX_PIPELINE_LENGTH, CURLMOPT_CONTENT_LENGTH_PENALTY_SIZE,
CURLMOPT_CHUNK_LENGTH_PENALTY_SIZE, CURLMOPT_PIPELINING_SITE_BL
and CURLMOPT_PIPELI NING_SERVER_BL for new pipelining control
test: offer \"automake\" output and check for perl better
always-multi: always use non-blocking internals
imap: Added support for sasl digest-md5 authentication
imap: Added support for sasl cram-md5 authentication
imap: Added support for sasl ntlm authentication
imap: Added support for sasl login authentication
imap: Added support for sasl plain text authentication
imap: Added support for login disabled server capability
mk-ca-bundle: add -f, support passing to stdout and more
writeout: -w now supports remote_ip/port and local_ip/port
- refreshed patches

Sun Feb 17 13:00:00 2013 crrodriguezAATTopensuse.org
- Add curl-secure-getenv.patch: Use secure_getenv if available.
libcurl might be linked to a program where \"secure execution\" is
required.

Thu Feb 7 13:00:00 2013 vcizekAATTsuse.com
- fixed CVE-2013-0249 (bnc#802411)
- refreshed patches

Fri Jan 11 13:00:00 2013 sbrabecAATTsuse.cz
- Break build loop and make GPG signature verification optional.

Tue Nov 27 13:00:00 2012 sbrabecAATTsuse.cz
- Verify GPG signature.

Tue Nov 20 13:00:00 2012 crrodriguezAATTopensuse.org
- Curl 7.28.1

* FTP: prevent the multi interface from blocking Obsoletes
curl-ftp-prevent-the-multi-interface-from-blocking.patch

* don\'t send \'#\' fragments when using proxy

* OpenSSL: Disable SSL/TLS compression - avoid the \"CRIME\" attack

* TFTP: handle resend

* memory leak: CURLOPT_RESOLVE with multi interface

* SSL: Several SSL-backend related fixes

Sun Nov 4 13:00:00 2012 gberAATTopensuse.org
- added curl-ftp-prevent-the-multi-interface-from-blocking.patch in
order to prevent the multi interface from blocking when using ftp
and the remote end responds very slowly (sf#3579064)

Sun Jul 29 14:00:00 2012 crrodriguezAATTopensuse.org
- Curl 7.27.0

* support metalinks

* Add sasl authentication support

* various bugfixes
- Fix previous change, _GNU_SOURCE --> AC_USE_SYSTEM_EXTENSIONS

Mon Jul 9 14:00:00 2012 dnhAATTopensuse.org
- define _GNU_SOURCE for oS/SLES <= 11.4, as O_CLOEXEC is
defined inside a ifdef __USE_GNU

Sat May 12 14:00:00 2012 jengelhAATTinai.de
- Update to new upstream release 7.25.0

* Added CURLOPT_TCP_KEEPALIVE, CURLOPT_TCP_KEEPIDLE,
CURLOPT_TCP_KEEPINTVL

* use new library-side TCP_KEEPALIVE options

* Added a new CURLOPT_MAIL_AUTH option

* Added support for --mail-auth

* (for more see the shipped CHANGES file)

Wed Feb 8 13:00:00 2012 crrodriguezAATTopensuse.org
- Problem with the c-ares backend, workaround for [bnc#745534]

Thu Feb 2 13:00:00 2012 crrodriguezAATTopensuse.org
- Update to version curl 7.24.0
- refresh patches to fix broken build

Wed Jan 18 13:00:00 2012 dmuellerAATTsuse.de
- use the rpmoptflags unconditionally, don\'t do own compiler flag
magic. Fixes debuginfo package built

Wed Dec 28 13:00:00 2011 mmarekAATTsuse.cz
- Package /usr/share/aclocal to avoid build dependency on automake.

Wed Nov 30 13:00:00 2011 crrodriguezAATTopensuse.org
- Use O_CLOEXEC in library code.

Tue Nov 29 13:00:00 2011 jengelhAATTmedozas.de
- Remove redundant/unwanted tags/section (cf. specfile guidelines)

Tue Nov 29 13:00:00 2011 idoenmezAATTsuse.de
- Use original source tarball

Mon Nov 28 13:00:00 2011 opensuseAATTdstoecker.de
- Update to version 7.23.1:
+ Empty headers can be sent in HTTP requests by terminating with a semicolon
+ SSL session sharing support added to curl_share_setopt()
+ Added support to MAIL FROM for the optional SIZE parameter
+ smtp: Added support for NTLM authentication
+ curl tool: code split into tool_
*.[ch] files
+ lots of bugfixes

Mon Oct 3 14:00:00 2011 dimstarAATTopensuse.org
- Update to version 7.22.0:
+ Added CURLOPT_GSSAPI_DELEGATION
+ Added support for NTLM delegation to Samba\'s winbind daemon
helper ntlm_auth
+ Display notes from setup file in testcurl.pl
+ BSD-style lwIP TCP/IP stack experimental support on Windows
+ OpenSSL: Use SSL_MODE_RELEASE_BUFFERS if available
+ --delegation was added to set CURLOPT_GSSAPI_DELEGATION
+ nss: start with no database if the selected database is broken
+ telnet: allow programatic use on Windows
+ for a list of bugfixes, see
http://curl.haxx.se/changes.html#7_22_0
- Drop curl-openssl-release-buffers.patch: fixed upstream.
- Add curl-fix-m4.patch: Use \'x\' in configure scripts. Fixes issues
when configure is run with -Werror -Wall.

Sun Sep 18 14:00:00 2011 jengelhAATTmedozas.de
- Remove redundant tags/sections from specfile
- Use %_smp_mflags for parallel build

Fri Sep 16 14:00:00 2011 jengelhAATTmedozas.de
- Add curl-devel to baselibs

Mon Aug 15 14:00:00 2011 crrodriguezAATTopensuse.org
- Use SSL_MODE_RELEASE_BUFFERS if available, accepted
in upstream as commit 3d919440c80333c496fb

Tue Jul 12 14:00:00 2011 cooloAATTnovell.com
- remove support for old suse_versions

Mon Jul 11 14:00:00 2011 pthAATTsuse.de
- Update to 7.21.7:
- Fix libcurl inappropriate GSSAPI delegation. Full details at
http://curl.haxx.se/docs/adv_20110623.html
- Some other minor fixes.
- Use the lzma compressed tarball provided upstreams.

Fri May 20 14:00:00 2011 crrodriguezAATTopensuse.org
- remove unintented LDFLAGS from the spec file

Fri May 20 14:00:00 2011 crrodriguezAATTopensuse.org
- Update to 7.21.6

* curl-config: fix --version

* use HTTPS properly after CONNECT

* SFTP: close file before post quote operations

Thu Apr 14 14:00:00 2011 crrodriguezAATTopensuse.org
- bnc#598574 has been fixed in upstream commit 8ab137b2bc9630ce20f4
already, so enable c-ares support again.

Sat Apr 9 14:00:00 2011 crrodriguezAATTopensuse.org
- Support openSSL compiled without SSLv2 support
- Update to version 7.21.4

* SMTP: add brackets for MAIL FROM

* multi: connect fail => use next IP address

* pubkey_show: allocate buffer to fit any-size result

* Curl_do: avoid using stale conn pointer

* tftpd test server: avoid buffer overflow report from glibc

* OpenSSL get_cert_chain: support larger data sets

* SCP/SFTP transfers: acknowledge speedcheck

* connect problem: use UDP correctly

* OpenSSL: improved error message on SSL_CTX_new failures

* HTTP: memory leak on multiple Location:

* curl.1: typo in -v description

* CURLOPT_SOCKOPTFUNCTION: return proper error code --keepalive-time

* file: add support for CURLOPT_TIMECONDITION

* multi: fix CURLM_STATE_TOOFAST for multi_socket

Fri Oct 22 14:00:00 2010 cristian.rodriguezAATTopensuse.org
- Update to version 7.21.2

* curl -T: ignore file size of special files

* Added GOPHER protocol support

* Added mk-ca-bundle.vbs script

* c-ares build now requires c-ares >= 1.6.0

* --remote-header-name security vulnerability fixed

* multi: support the timeouts correctly, fixes known bug #62

* multi: use timeouts properly for MAX_RECV/SEND_SPEED

* negotiation: Wrong proxy authorization

* multi: avoid sending multiple complete messages

* cmdline: make -F type= accept ;charset=

* RESUME_FROM: clarify what ftp uploads do

* http: handle trailer headers in all chunked responses

* Curl_is_connected: use correct errno

* progress: callback for POSTs less than MAX_INITIAL_POST_SIZE

* Link curl and the test apps with -lrt explicitly when necessary

* chunky parser: only rewind stream internally if needed

* remote-header-name: don\'t output filename when NULL

* Curl_timeleft: avoid returning \"no timeout\" by mistake

* timeout: use the correct start value as offset

* FTP: fix wrong timeout trigger

* rtsp: avoid SIGSEGV on malformed header

* LDAP: Support for tunnelling queries through HTTP proxy

* curl_easy_duphandle: clone the c-ares handle correctly

* support URL containing colon without trailing port number

* parsedate: allow time specified without seconds

* curl_easy_escape: don\'t escape \"unreserved\" characters

* SFTP: avoid downloading negative sizes

* Lots of GSS/KRB FTP fixes

* TFTP: Work around tftpd-hpa upload bug

* libcurl.m4: several fixes

* HTTP: remove special case for 416

* globbing: fix crash on unballanced open brace

Wed Jun 2 14:00:00 2010 lnusselAATTsuse.de
- allowing switching to nss instead of openssl via bcond

Mon May 10 14:00:00 2010 crrodriguezAATTopensuse.org
- disable c-ares support while bnc598574 is fixed.

Sat Apr 24 14:00:00 2010 cooloAATTnovell.com
- buildrequire pkg-config to fix provides

Fri Apr 23 14:00:00 2010 crrodriguezAATTopensuse.org
- Update to libcurl 7.20.1

* off-by-one in the chunked encoding trailer parser

* CURLOPT_CERTINFO memory leak

* threaded resolver double free when closing curl handle

* url_multi_remove_handle() caused use after free

* SSL possible double free when reusing curl handle

* alarm()-based DNS timeout bug

Wed Mar 24 13:00:00 2010 crrodriguezAATTopensuse.org
- enable libssh2 support unconditionally.

Wed Mar 10 13:00:00 2010 crrodriguezAATTopensuse.org
- enable libcares support unconditionally.

Sat Feb 13 13:00:00 2010 dimstarAATTopensuse.org
- Update to version 7.20.0:

* support SSL_FILETYPE_ENGINE for client certificate

* curl-config can now show the arguments used when building curl

* non-blocking TFTP

* send Expect: 100-continue for POSTs with unknown sizes

* added support for IMAP(S), POP3(S), SMTP(S) and RTSP

* added new curl_easy_setopt() options for SMTP and RTSP

* added --mail-from and --mail-rcpt for SMTP

* VMS build system enhancements

* added support for the PRET ftp command

* curl supports --ssl and --ssl-reqd

* added -J/--remote-header-name for using server-provided
filename with -O

* enhanced asynchronous DNS lookups

* symbol CURL_FORMAT_OFF_T is obsoleted

* many bugfixes

Tue Jan 26 13:00:00 2010 mmarekAATTsuse.cz
- updated to 7.19.7

* -T. is now for non-blocking uploading from stdin

* SYST handling on FTP for OS/400 FTP server cases

* libcurl refuses to read a single HTTP header longer than 100K

* added the --crlfile option to curl

* many bugfixes

Mon Jan 11 13:00:00 2010 meissnerAATTsuse.de
- add baselibs.conf as source

Thu Aug 13 14:00:00 2009 mmarekAATTsuse.cz
- updated to 7.19.6

* CURLOPT_FTPPORT (and curl\'s -P/--ftpport) support port ranges

* Added CURLOPT_SSH_KNOWNHOSTS, CURLOPT_SSH_KEYFUNCTION,
CURLOPT_SSH_KEYDATA

* CURLOPT_QUOTE, CURLOPT_POSTQUOTE and CURLOPT_PREQUOTE can be
told to ignore error responses when used with FTP

* fixed CVE-2009-2417 (matching certificates with embedded NUL
bytes)

* many other bugfixes

Tue May 19 14:00:00 2009 mmarekAATTsuse.cz
- remove the Obsoletes: curl-ca-bundle, it breaks parallel
installation of older libcurl packages (bnc#484044).

Tue May 19 14:00:00 2009 mmarekAATTsuse.cz
- updated to 7.19.5

* libcurl now closes all dead connections whenever you attempt to
open a new connection

* libssh2\'s version number can now be figured out run-time
instead of using the build-time fixed number

* CURLOPT_SEEKFUNCTION may now return CURL_SEEKFUNC_CANTSEEK

* curl can now upload with resume even when reading from a pipe

* a build-time configured curl_socklen_t is now used instead of
socklen_t
- by default, don\'t abort if the testsuite fails.

Thu Mar 5 13:00:00 2009 mmarekAATTsuse.cz
- don\'t run autoreconf -fi as it breaks on older distros and
upstream uses recent autotools already.

Mon Mar 2 13:00:00 2009 mmarekAATTsuse.cz
- updated to 7.19.4

* don\'t follow redirects to file:// and scp:// by default; add
new curl_easy_setopt options CURLOPT_PROTOCOLS and
CURLOPT_REDIR_PROTOCOLS to specify which protocols are allowed
and which protocols are allowed to redirect to (bnc#475103,
CVE-2009-0037)

* Added CURLOPT_NOPROXY and the corresponding --noproxy

* the OpenSSL-specific code disables TICKET (rfc5077) which is
enabled by default in openssl 0.9.8j

* Added CURLOPT_TFTP_BLKSIZE

* Added CURLOPT_SOCKS5_GSSAPI_SERVICE and
CURLOPT_SOCKS5_GSSAPI_NEC - with the corresponding curl options
- -socks5-gssapi-service and --socks5-gssapi-nec

* Improved IPv6 support when built with with c-ares >= 1.6.1

* Added CURLPROXY_HTTP_1_0 and --proxy1.0

* Added docs/libcurl/symbols-in-versions

* Added CURLINFO_CONDITION_UNMET

* Added support for Digest and NTLM authentication using GnuTLS

* CURLOPT_FTP_CREATE_MISSING_DIRS can now be set to 2 to retry
the CWD even when MKD fails

* GnuTLS initing moved to curl_global_init()

* CURLAUTH_DIGEST_IE bit added for CURLOPT_HTTPAUTH and
CURLOPT_PROXYAUTH

* pkg-config can now show supported_protocols and
supported_features

* Added CURLOPT_CERTINFO and CURLINFO_CERTINFO

* Added CURLOPT_POSTREDIR

* Better detect HTTP 1.0 servers and don\'t do HTTP 1.1 requests
on them

* configure --disable-proxy disables proxy support

* Added CURLOPT_USERNAME and CURLOPT_PASSWORD

* --interface now works with IPv6 connections on glibc systems

* Added CURLOPT_PROXYUSERNAME and CURLOPT_PROXYPASSWORD


  
ICM