SEARCH
NEW RPMS
DIRECTORIES
ABOUT
FAQ
VARIOUS
BLOG

 
 
Changelog for libcurl-7.61.1-12.fc29.x86_64.rpm :

* Wed Sep 11 2019 Kamil Dudka - 7.61.1-12- double free due to subsequent call of realloc() (CVE-2019-5481)- fix heap buffer overflow in function tftp_receive_packet() (CVE-2019-5482)
* Wed May 22 2019 Kamil Dudka - 7.61.1-11- fix TFTP receive buffer overflow (CVE-2019-5436)- fix integer overflows in curl_url_set() (CVE-2019-5435)
* Mon Feb 18 2019 Kamil Dudka - 7.61.1-10- do not let libssh create a new socket for SCP/SFTP (#1669156)
* Mon Feb 11 2019 Kamil Dudka - 7.61.1-9- make zsh completion work again
* Wed Feb 06 2019 Kamil Dudka - 7.61.1-8- fix SMTP end-of-response out-of-bounds read (CVE-2019-3823)- fix NTLMv2 type-3 header stack buffer overflow (CVE-2019-3822)- fix NTLM type-2 out-of-bounds buffer read (CVE-2018-16890)
* Mon Jan 21 2019 Kamil Dudka - 7.61.1-7- xattr: strip credentials from any URL that is stored (CVE-2018-20483)
* Wed Dec 19 2018 Kamil Dudka - 7.61.1-6- curl -J: do not append to the destination file (#1658574)
* Thu Nov 15 2018 Kamil Dudka - 7.61.1-5- make the patch for CVE-2018-16842 apply properly (CVE-2018-16842)
* Thu Nov 01 2018 Kamil Dudka - 7.61.1-4- SASL password overflow via integer overflow (CVE-2018-16839)- fix use-after-free in handle close (CVE-2018-16840)- fix bad arethmetic when outputting warnings to stderr (CVE-2018-16842)
* Thu Oct 11 2018 Kamil Dudka - 7.61.1-3- enable TLS 1.3 post-handshake auth in OpenSSL- update the documentation of --tlsv1.0 in curl(1) man page
* Thu Oct 04 2018 Kamil Dudka - 7.61.1-2- enforce versioned libpsl dependency for libcurl (#1631804)- test320: update expected output for gnutls-3.6.4- drop 0105-curl-7.61.0-tests-ssh-keygen.patch no longer needed (#1622594)
* Wed Sep 05 2018 Kamil Dudka - 7.61.1-1- new upstream release, which fixes the following vulnerability CVE-2018-14618 - NTLM password overflow via integer overflow
* Tue Sep 04 2018 Kamil Dudka - 7.61.0-8- make the --tls13-ciphers option work
* Mon Aug 27 2018 Kamil Dudka - 7.61.0-7- tests: make ssh-keygen always produce PEM format (#1622594)
* Wed Aug 15 2018 Kamil Dudka - 7.61.0-6- scp/sftp: fix infinite connect loop on invalid private key (#1595135)
* Thu Aug 09 2018 Kamil Dudka - 7.61.0-5- ssl: set engine implicitly when a PKCS#11 URI is provided (#1219544)
* Tue Aug 07 2018 Kamil Dudka - 7.61.0-4- relax crypto policy for the test-suite to make it pass again (#1610888)
* Tue Jul 31 2018 Kamil Dudka - 7.61.0-3- disable flaky test 1900, which covers deprecated HTTP pipelining- adapt test 323 for updated OpenSSL
* Thu Jul 12 2018 Fedora Release Engineering - 7.61.0-2- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
* Wed Jul 11 2018 Kamil Dudka - 7.61.0-1- new upstream release, which fixes the following vulnerability CVE-2018-0500 - SMTP send heap buffer overflow
* Tue Jul 10 2018 Kamil Dudka - 7.60.0-3- enable support for brotli compression in libcurl-full
* Wed Jul 04 2018 Kamil Dudka - 7.60.0-2- do not hard-wire path of the Python 3 interpreter
* Wed May 16 2018 Kamil Dudka - 7.60.0-1- new upstream release, which fixes the following vulnerabilities CVE-2018-1000300 - FTP shutdown response buffer overflow CVE-2018-1000301 - RTSP bad headers buffer over-read
* Thu Mar 15 2018 Kamil Dudka - 7.59.0-3- make the test-suite use Python 3
* Wed Mar 14 2018 Kamil Dudka - 7.59.0-2- ftp: fix typo in recursive callback detection for seeking
* Wed Mar 14 2018 Kamil Dudka - 7.59.0-1- new upstream release, which fixes the following vulnerabilities CVE-2018-1000120 - FTP path trickery leads to NIL byte out of bounds write CVE-2018-1000121 - LDAP NULL pointer dereference CVE-2018-1000122 - RTSP RTP buffer over-read
* Mon Mar 12 2018 Kamil Dudka - 7.58.0-8- http2: mark the connection for close on GOAWAY
* Mon Feb 19 2018 Paul Howarth - 7.58.0-7- Add explicity-used build requirements- Fix libcurl soname version number in %files list to avoid accidental soname bumps
* Thu Feb 15 2018 Paul Howarth - 7.58.0-6- switch to %ldconfig_scriptlets- drop legacy BuildRoot: and Group: tags- enforce versioned libssh dependency for libcurl
* Tue Feb 13 2018 Kamil Dudka - 7.58.0-5- drop temporary workaround for #1540549
* Wed Feb 07 2018 Fedora Release Engineering - 7.58.0-4- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild
* Wed Jan 31 2018 Kamil Dudka - 7.58.0-3- temporarily work around internal compiler error on x86_64 (#1540549)- disable brp-ldconfig to make RemovePathPostfixes work with shared libs again
* Wed Jan 24 2018 Andreas Schneider - 7.58.0-2- use libssh (instead of libssh2) to implement SCP/SFTP in libcurl (#1531483)
* Wed Jan 24 2018 Kamil Dudka - 7.58.0-1- new upstream release, which fixes the following vulnerabilities CVE-2018-1000005 - curl: HTTP/2 trailer out-of-bounds read CVE-2018-1000007 - curl: HTTP authentication leak in redirects
* Wed Nov 29 2017 Kamil Dudka - 7.57.0-1- new upstream release, which fixes the following vulnerabilities CVE-2017-8816 - curl: NTLM buffer overflow via integer overflow CVE-2017-8817 - curl: FTP wildcard out of bounds read CVE-2017-8818 - curl: SSL out of buffer access
* Mon Oct 23 2017 Kamil Dudka - 7.56.1-1- new upstream release (fixes CVE-2017-1000257)
* Wed Oct 04 2017 Kamil Dudka - 7.56.0-1- new upstream release (fixes CVE-2017-1000254)
  
ICM