SEARCH
NEW RPMS
DIRECTORIES
ABOUT
FAQ
VARIOUS
BLOG

 
 
Changelog for libcurl-minimal-7.61.1-2.fc29.i686.rpm :

* Thu Oct 04 2018 Kamil Dudka - 7.61.1-2- enforce versioned libpsl dependency for libcurl (#1631804)- test320: update expected output for gnutls-3.6.4- drop 0105-curl-7.61.0-tests-ssh-keygen.patch no longer needed (#1622594)
* Wed Sep 05 2018 Kamil Dudka - 7.61.1-1- new upstream release, which fixes the following vulnerability CVE-2018-14618 - NTLM password overflow via integer overflow
* Tue Sep 04 2018 Kamil Dudka - 7.61.0-8- make the --tls13-ciphers option work
* Mon Aug 27 2018 Kamil Dudka - 7.61.0-7- tests: make ssh-keygen always produce PEM format (#1622594)
* Wed Aug 15 2018 Kamil Dudka - 7.61.0-6- scp/sftp: fix infinite connect loop on invalid private key (#1595135)
* Thu Aug 09 2018 Kamil Dudka - 7.61.0-5- ssl: set engine implicitly when a PKCS#11 URI is provided (#1219544)
* Tue Aug 07 2018 Kamil Dudka - 7.61.0-4- relax crypto policy for the test-suite to make it pass again (#1610888)
* Tue Jul 31 2018 Kamil Dudka - 7.61.0-3- disable flaky test 1900, which covers deprecated HTTP pipelining- adapt test 323 for updated OpenSSL
* Thu Jul 12 2018 Fedora Release Engineering - 7.61.0-2- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
* Wed Jul 11 2018 Kamil Dudka - 7.61.0-1- new upstream release, which fixes the following vulnerability CVE-2018-0500 - SMTP send heap buffer overflow
* Tue Jul 10 2018 Kamil Dudka - 7.60.0-3- enable support for brotli compression in libcurl-full
* Wed Jul 04 2018 Kamil Dudka - 7.60.0-2- do not hard-wire path of the Python 3 interpreter
* Wed May 16 2018 Kamil Dudka - 7.60.0-1- new upstream release, which fixes the following vulnerabilities CVE-2018-1000300 - FTP shutdown response buffer overflow CVE-2018-1000301 - RTSP bad headers buffer over-read
* Thu Mar 15 2018 Kamil Dudka - 7.59.0-3- make the test-suite use Python 3
* Wed Mar 14 2018 Kamil Dudka - 7.59.0-2- ftp: fix typo in recursive callback detection for seeking
* Wed Mar 14 2018 Kamil Dudka - 7.59.0-1- new upstream release, which fixes the following vulnerabilities CVE-2018-1000120 - FTP path trickery leads to NIL byte out of bounds write CVE-2018-1000121 - LDAP NULL pointer dereference CVE-2018-1000122 - RTSP RTP buffer over-read
* Mon Mar 12 2018 Kamil Dudka - 7.58.0-8- http2: mark the connection for close on GOAWAY
* Mon Feb 19 2018 Paul Howarth - 7.58.0-7- Add explicity-used build requirements- Fix libcurl soname version number in %files list to avoid accidental soname bumps
* Thu Feb 15 2018 Paul Howarth - 7.58.0-6- switch to %ldconfig_scriptlets- drop legacy BuildRoot: and Group: tags- enforce versioned libssh dependency for libcurl
* Tue Feb 13 2018 Kamil Dudka - 7.58.0-5- drop temporary workaround for #1540549
* Wed Feb 07 2018 Fedora Release Engineering - 7.58.0-4- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild
* Wed Jan 31 2018 Kamil Dudka - 7.58.0-3- temporarily work around internal compiler error on x86_64 (#1540549)- disable brp-ldconfig to make RemovePathPostfixes work with shared libs again
* Wed Jan 24 2018 Andreas Schneider - 7.58.0-2- use libssh (instead of libssh2) to implement SCP/SFTP in libcurl (#1531483)
* Wed Jan 24 2018 Kamil Dudka - 7.58.0-1- new upstream release, which fixes the following vulnerabilities CVE-2018-1000005 - curl: HTTP/2 trailer out-of-bounds read CVE-2018-1000007 - curl: HTTP authentication leak in redirects
* Wed Nov 29 2017 Kamil Dudka - 7.57.0-1- new upstream release, which fixes the following vulnerabilities CVE-2017-8816 - curl: NTLM buffer overflow via integer overflow CVE-2017-8817 - curl: FTP wildcard out of bounds read CVE-2017-8818 - curl: SSL out of buffer access
* Mon Oct 23 2017 Kamil Dudka - 7.56.1-1- new upstream release (fixes CVE-2017-1000257)
* Wed Oct 04 2017 Kamil Dudka - 7.56.0-1- new upstream release (fixes CVE-2017-1000254)
* Mon Aug 28 2017 Kamil Dudka - 7.55.1-5- apply the patch for the previous commit and fix its name (#1485702)
* Mon Aug 28 2017 Bastien Nocera - 7.55.1-4- Fix NetworkManager connectivity check not working (#1485702)
* Tue Aug 22 2017 Kamil Dudka 7.55.1-3- utilize system wide crypto policies for TLS (#1483972)
* Tue Aug 15 2017 Kamil Dudka 7.55.1-2- make zsh completion work again
* Mon Aug 14 2017 Kamil Dudka 7.55.1-1- new upstream release
* Wed Aug 09 2017 Kamil Dudka 7.55.0-1- drop multilib fix for libcurl header files no longer needed- new upstream release, which fixes the following vulnerabilities CVE-2017-1000099 - FILE buffer read out of bounds CVE-2017-1000100 - TFTP sends more than buffer size CVE-2017-1000101 - URL globbing out of bounds read
* Wed Aug 02 2017 Fedora Release Engineering - 7.54.1-8- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild
* Fri Jul 28 2017 Florian Weimer - 7.54.1-7- Rebuild with fixed binutils (#1475636)
* Fri Jul 28 2017 Igor Gnatenko - 7.54.1-6- Enable separate debuginfo back
* Thu Jul 27 2017 Kamil Dudka 7.54.1-5- rebuild to fix broken linkage of cmake on ppc64le
* Wed Jul 26 2017 Kamil Dudka 7.54.1-4- avoid build failure caused broken RPM code that produces debuginfo packages
* Wed Jul 26 2017 Fedora Release Engineering - 7.54.1-3- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild
* Mon Jun 19 2017 Kamil Dudka 7.54.1-2- enforce versioned openssl-libs dependency for libcurl (#1462184)
* Wed Jun 14 2017 Kamil Dudka 7.54.1-1- new upstream release
* Tue May 16 2017 Kamil Dudka 7.54.0-5- add
*-full provides for curl and libcurl to make them explicitly installable
* Thu May 04 2017 Kamil Dudka 7.54.0-4- make curl-minimal require a new enough version of libcurl
* Thu Apr 27 2017 Kamil Dudka 7.54.0-3- switch the TLS backend back to OpenSSL (#1445153)
* Tue Apr 25 2017 Kamil Dudka 7.54.0-2- nss: use libnssckbi.so as the default source of trust- nss: do not leak PKCS #11 slot while loading a key (#1444860)
* Thu Apr 20 2017 Kamil Dudka 7.54.0-1- new upstream release (fixes CVE-2017-7468)
* Thu Apr 13 2017 Paul Howarth 7.53.1-7- add %post and %postun scriptlets for libcurl-minimal- libcurl-minimal provides both libcurl and libcurl%{?_isa}- remove some legacy spec file cruft
* Wed Apr 12 2017 Kamil Dudka 7.53.1-6- provide (lib)curl-minimal subpackages with lightweight build of (lib)curl
* Mon Apr 10 2017 Kamil Dudka 7.53.1-5- disable upstream test 2033 (flaky test for HTTP/1 pipelining)
* Fri Apr 07 2017 Kamil Dudka 7.53.1-4- fix out of bounds read in curl --write-out (CVE-2017-7407)
* Mon Mar 06 2017 Kamil Dudka 7.53.1-3- make the dependency on nss-pem arch-specific (#1428550)
* Thu Mar 02 2017 Kamil Dudka 7.53.1-2- re-enable valgrind on ix86 because sqlite is fixed (#1428286)
* Fri Feb 24 2017 Kamil Dudka 7.53.1-1- new upstream release
* Wed Feb 22 2017 Kamil Dudka 7.53.0-1- do not use valgrind on ix86 until sqlite is rebuilt by patched GCC (#1423434)- new upstream release (fixes CVE-2017-2629)
* Fri Feb 10 2017 Fedora Release Engineering - 7.52.1-2- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild
* Fri Dec 23 2016 Kamil Dudka 7.52.1-1- new upstream release (fixes CVE-2016-9586)
* Mon Nov 21 2016 Kamil Dudka 7.51.0-3- map CURL_SSLVERSION_DEFAULT to NSS default, add support for TLS 1.3 (#1396719)
* Tue Nov 15 2016 Kamil Dudka 7.51.0-2- stricter host name checking for file:// URLs- ssh: check md5 fingerprints case insensitively
* Wed Nov 02 2016 Kamil Dudka 7.51.0-1- temporarily disable failing libidn2 test-cases- new upstream release, which fixes the following vulnerabilities CVE-2016-8615 - Cookie injection for other servers CVE-2016-8616 - Case insensitive password comparison CVE-2016-8617 - Out-of-bounds write via unchecked multiplication CVE-2016-8618 - Double-free in curl_maprintf CVE-2016-8619 - Double-free in krb5 code CVE-2016-8620 - Glob parser write/read out of bounds CVE-2016-8621 - curl_getdate out-of-bounds read CVE-2016-8622 - URL unescape heap overflow via integer truncation CVE-2016-8623 - Use-after-free via shared cookies CVE-2016-8624 - Invalid URL parsing with \'#\' CVE-2016-8625 - IDNA 2003 makes curl use wrong host
* Thu Oct 20 2016 Kamil Dudka 7.50.3-3- drop 0103-curl-7.50.0-stunnel.patch no longer needed
* Fri Oct 07 2016 Kamil Dudka 7.50.3-2- use the just built version of libcurl while generating zsh completion
  
ICM