SEARCH
NEW RPMS
DIRECTORIES
ABOUT
FAQ
VARIOUS
BLOG

 
 
Changelog for libcurl-minimal-7.65.3-4.fc30.x86_64.rpm :

* Wed Sep 11 2019 Kamil Dudka - 7.65.3-4- double free due to subsequent call of realloc() (CVE-2019-5481)- fix heap buffer overflow in function tftp_receive_packet() (CVE-2019-5482)
* Tue Aug 27 2019 Kamil Dudka - 7.65.3-3- avoid reporting spurious error in the HTTP2 framing layer (#1690971)
* Thu Aug 01 2019 Kamil Dudka - 7.65.3-2- improve handling of gss_init_sec_context() failures
* Mon Jul 22 2019 Kamil Dudka - 7.65.3-1- rebase to 7.65.3 to fix crashes of gnome and flatpak (#1697566)
* Mon Jul 01 2019 Kamil Dudka - 7.64.0-8- prevent multi from crashing with many parallel transfers (#1697566, #1723242)
* Wed May 22 2019 Kamil Dudka - 7.64.0-7- fix TFTP receive buffer overflow (CVE-2019-5436)- fix integer overflows in curl_url_set() (CVE-2019-5435)
* Mon Mar 25 2019 Kamil Dudka - 7.64.0-6- remove verbose \"Expire in\" ... messages (#1690971)
* Thu Mar 21 2019 Kamil Dudka - 7.64.0-5- avoid spurious \"Could not resolve host: [host name]\" error messages
* Wed Feb 27 2019 Kamil Dudka - 7.64.0-4- fix NULL dereference if flushing cookies with no CookieInfo set (#1683676)
* Mon Feb 25 2019 Kamil Dudka - 7.64.0-3- prevent NetworkManager from leaking file descriptors (#1680198)
* Mon Feb 11 2019 Kamil Dudka - 7.64.0-2- make zsh completion work again
* Wed Feb 06 2019 Kamil Dudka - 7.64.0-1- new upstream release, which fixes the following vulnerabilities CVE-2019-3823 - SMTP end-of-response out-of-bounds read CVE-2019-3822 - NTLMv2 type-3 header stack buffer overflow CVE-2018-16890 - NTLM type-2 out-of-bounds buffer read
* Mon Feb 04 2019 Kamil Dudka - 7.63.0-7- prevent valgrind from reporting false positives on x86_64
* Thu Jan 31 2019 Fedora Release Engineering - 7.63.0-6- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
* Mon Jan 21 2019 Kamil Dudka - 7.63.0-5- xattr: strip credentials from any URL that is stored (CVE-2018-20483)
* Fri Jan 04 2019 Kamil Dudka - 7.63.0-4- replace 0105-curl-7.63.0-libstubgss-ldadd.patch by upstream patch
* Wed Dec 19 2018 Kamil Dudka - 7.63.0-3- curl -J: do not append to the destination file (#1658574)
* Fri Dec 14 2018 Kamil Dudka - 7.63.0-2- revert an upstream commit that broke `fedpkg new-sources` (#1659329)
* Wed Dec 12 2018 Kamil Dudka - 7.63.0-1- new upstream release
* Wed Oct 31 2018 Kamil Dudka - 7.62.0-1- new upstream release, which fixes the following vulnerabilities CVE-2018-16839 - SASL password overflow via integer overflow CVE-2018-16840 - use-after-free in handle close CVE-2018-16842 - warning message out-of-buffer read
* Thu Oct 11 2018 Kamil Dudka - 7.61.1-3- enable TLS 1.3 post-handshake auth in OpenSSL- update the documentation of --tlsv1.0 in curl(1) man page
* Thu Oct 04 2018 Kamil Dudka - 7.61.1-2- enforce versioned libpsl dependency for libcurl (#1631804)- test320: update expected output for gnutls-3.6.4- drop 0105-curl-7.61.0-tests-ssh-keygen.patch no longer needed (#1622594)
* Wed Sep 05 2018 Kamil Dudka - 7.61.1-1- new upstream release, which fixes the following vulnerability CVE-2018-14618 - NTLM password overflow via integer overflow
* Tue Sep 04 2018 Kamil Dudka - 7.61.0-8- make the --tls13-ciphers option work
* Mon Aug 27 2018 Kamil Dudka - 7.61.0-7- tests: make ssh-keygen always produce PEM format (#1622594)
* Wed Aug 15 2018 Kamil Dudka - 7.61.0-6- scp/sftp: fix infinite connect loop on invalid private key (#1595135)
* Thu Aug 09 2018 Kamil Dudka - 7.61.0-5- ssl: set engine implicitly when a PKCS#11 URI is provided (#1219544)
* Tue Aug 07 2018 Kamil Dudka - 7.61.0-4- relax crypto policy for the test-suite to make it pass again (#1610888)
* Tue Jul 31 2018 Kamil Dudka - 7.61.0-3- disable flaky test 1900, which covers deprecated HTTP pipelining- adapt test 323 for updated OpenSSL
* Thu Jul 12 2018 Fedora Release Engineering - 7.61.0-2- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
* Wed Jul 11 2018 Kamil Dudka - 7.61.0-1- new upstream release, which fixes the following vulnerability CVE-2018-0500 - SMTP send heap buffer overflow
* Tue Jul 10 2018 Kamil Dudka - 7.60.0-3- enable support for brotli compression in libcurl-full
* Wed Jul 04 2018 Kamil Dudka - 7.60.0-2- do not hard-wire path of the Python 3 interpreter
* Wed May 16 2018 Kamil Dudka - 7.60.0-1- new upstream release, which fixes the following vulnerabilities CVE-2018-1000300 - FTP shutdown response buffer overflow CVE-2018-1000301 - RTSP bad headers buffer over-read
* Thu Mar 15 2018 Kamil Dudka - 7.59.0-3- make the test-suite use Python 3
* Wed Mar 14 2018 Kamil Dudka - 7.59.0-2- ftp: fix typo in recursive callback detection for seeking
* Wed Mar 14 2018 Kamil Dudka - 7.59.0-1- new upstream release, which fixes the following vulnerabilities CVE-2018-1000120 - FTP path trickery leads to NIL byte out of bounds write CVE-2018-1000121 - LDAP NULL pointer dereference CVE-2018-1000122 - RTSP RTP buffer over-read
* Mon Mar 12 2018 Kamil Dudka - 7.58.0-8- http2: mark the connection for close on GOAWAY
* Mon Feb 19 2018 Paul Howarth - 7.58.0-7- Add explicity-used build requirements- Fix libcurl soname version number in %files list to avoid accidental soname bumps
* Thu Feb 15 2018 Paul Howarth - 7.58.0-6- switch to %ldconfig_scriptlets- drop legacy BuildRoot: and Group: tags- enforce versioned libssh dependency for libcurl
* Tue Feb 13 2018 Kamil Dudka - 7.58.0-5- drop temporary workaround for #1540549
* Wed Feb 07 2018 Fedora Release Engineering - 7.58.0-4- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild
* Wed Jan 31 2018 Kamil Dudka - 7.58.0-3- temporarily work around internal compiler error on x86_64 (#1540549)- disable brp-ldconfig to make RemovePathPostfixes work with shared libs again
* Wed Jan 24 2018 Andreas Schneider - 7.58.0-2- use libssh (instead of libssh2) to implement SCP/SFTP in libcurl (#1531483)
* Wed Jan 24 2018 Kamil Dudka - 7.58.0-1- new upstream release, which fixes the following vulnerabilities CVE-2018-1000005 - curl: HTTP/2 trailer out-of-bounds read CVE-2018-1000007 - curl: HTTP authentication leak in redirects
* Wed Nov 29 2017 Kamil Dudka - 7.57.0-1- new upstream release, which fixes the following vulnerabilities CVE-2017-8816 - curl: NTLM buffer overflow via integer overflow CVE-2017-8817 - curl: FTP wildcard out of bounds read CVE-2017-8818 - curl: SSL out of buffer access
* Mon Oct 23 2017 Kamil Dudka - 7.56.1-1- new upstream release (fixes CVE-2017-1000257)
* Wed Oct 04 2017 Kamil Dudka - 7.56.0-1- new upstream release (fixes CVE-2017-1000254)
  
ICM