Changelog for libcurl-devel-7.66.0-3.fc31.x86_64.rpm :

* Wed Aug 19 2020 Kamil Dudka - 7.66.0-3- libcurl: wrong connect-only connection (CVE-2020-8231)
* Wed Jun 24 2020 Kamil Dudka - 7.66.0-2- avoid overwriting a local file with -J (CVE-2020-8177)- fix partial password leak over DNS on HTTP redirect (CVE-2020-8169)
* Wed Sep 11 2019 Kamil Dudka - 7.66.0-1- new upstream release, which fixes the following vulnerabilities CVE-2019-5481 - double free due to subsequent call of realloc() CVE-2019-5482 - heap buffer overflow in function tftp_receive_packet()
* Tue Aug 27 2019 Kamil Dudka - 7.65.3-4- avoid reporting spurious error in the HTTP2 framing layer (#1690971)
* Thu Aug 01 2019 Kamil Dudka - 7.65.3-3- improve handling of gss_init_sec_context() failures
* Wed Jul 24 2019 Fedora Release Engineering - 7.65.3-2- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild
* Sat Jul 20 2019 Paul Howarth - 7.65.3-1- new upstream release
* Wed Jul 17 2019 Kamil Dudka - 7.65.2-1- new upstream release
* Wed Jun 05 2019 Kamil Dudka - 7.65.1-1- new upstream release
* Thu May 30 2019 Kamil Dudka - 7.65.0-2- fix spurious timeout events with speed-limit (#1714893)
* Wed May 22 2019 Kamil Dudka - 7.65.0-1- new upstream release, which fixes the following vulnerabilities CVE-2019-5436 - TFTP receive buffer overflow CVE-2019-5435 - integer overflows in curl_url_set()
* Thu May 09 2019 Kamil Dudka - 7.64.1-2- do not treat failure of gss_init_sec_context() with --negotiate as fatal
* Wed Mar 27 2019 Kamil Dudka - 7.64.1-1- new upstream release
* Mon Mar 25 2019 Kamil Dudka - 7.64.0-6- remove verbose \"Expire in\" ... messages (#1690971)
* Thu Mar 21 2019 Kamil Dudka - 7.64.0-5- avoid spurious \"Could not resolve host: [host name]\" error messages
* Wed Feb 27 2019 Kamil Dudka - 7.64.0-4- fix NULL dereference if flushing cookies with no CookieInfo set (#1683676)
* Mon Feb 25 2019 Kamil Dudka - 7.64.0-3- prevent NetworkManager from leaking file descriptors (#1680198)
* Mon Feb 11 2019 Kamil Dudka - 7.64.0-2- make zsh completion work again
* Wed Feb 06 2019 Kamil Dudka - 7.64.0-1- new upstream release, which fixes the following vulnerabilities CVE-2019-3823 - SMTP end-of-response out-of-bounds read CVE-2019-3822 - NTLMv2 type-3 header stack buffer overflow CVE-2018-16890 - NTLM type-2 out-of-bounds buffer read
* Mon Feb 04 2019 Kamil Dudka - 7.63.0-7- prevent valgrind from reporting false positives on x86_64
* Thu Jan 31 2019 Fedora Release Engineering - 7.63.0-6- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
* Mon Jan 21 2019 Kamil Dudka - 7.63.0-5- xattr: strip credentials from any URL that is stored (CVE-2018-20483)
* Fri Jan 04 2019 Kamil Dudka - 7.63.0-4- replace 0105-curl-7.63.0-libstubgss-ldadd.patch by upstream patch
* Wed Dec 19 2018 Kamil Dudka - 7.63.0-3- curl -J: do not append to the destination file (#1658574)
* Fri Dec 14 2018 Kamil Dudka - 7.63.0-2- revert an upstream commit that broke `fedpkg new-sources` (#1659329)
* Wed Dec 12 2018 Kamil Dudka - 7.63.0-1- new upstream release
* Wed Oct 31 2018 Kamil Dudka - 7.62.0-1- new upstream release, which fixes the following vulnerabilities CVE-2018-16839 - SASL password overflow via integer overflow CVE-2018-16840 - use-after-free in handle close CVE-2018-16842 - warning message out-of-buffer read
* Thu Oct 11 2018 Kamil Dudka - 7.61.1-3- enable TLS 1.3 post-handshake auth in OpenSSL- update the documentation of --tlsv1.0 in curl(1) man page
* Thu Oct 04 2018 Kamil Dudka - 7.61.1-2- enforce versioned libpsl dependency for libcurl (#1631804)- test320: update expected output for gnutls-3.6.4- drop 0105-curl-7.61.0-tests-ssh-keygen.patch no longer needed (#1622594)
* Wed Sep 05 2018 Kamil Dudka - 7.61.1-1- new upstream release, which fixes the following vulnerability CVE-2018-14618 - NTLM password overflow via integer overflow
* Tue Sep 04 2018 Kamil Dudka - 7.61.0-8- make the --tls13-ciphers option work
* Mon Aug 27 2018 Kamil Dudka - 7.61.0-7- tests: make ssh-keygen always produce PEM format (#1622594)