SEARCH
NEW RPMS
DIRECTORIES
ABOUT
FAQ
VARIOUS
BLOG

 
 
Changelog for libcurl-7.76.1-16.fc34.i686.rpm :

* Wed May 11 2022 Kamil Dudka - 7.76.1-16- fix too eager reuse of TLS and SSH connections (CVE-2022-27782)
* Mon May 02 2022 Kamil Dudka - 7.76.1-15- fix leak of SRP credentials in redirects (CVE-2022-27774)
* Fri Apr 29 2022 Kamil Dudka - 7.76.1-14- add missing tests to Makefile
* Thu Apr 28 2022 Kamil Dudka - 7.76.1-13- fix credential leak on redirect (CVE-2022-27774)- fix auth/cookie leak on redirect (CVE-2022-27776)- fix bad local IPv6 connection reuse (CVE-2022-27775)- fix OAUTH2 bearer bypass in connection re-use (CVE-2022-22576)
* Fri Sep 17 2021 Kamil Dudka - 7.76.1-12- fix STARTTLS protocol injection via MITM (CVE-2021-22947)- fix protocol downgrade required TLS bypass (CVE-2021-22946)- fix use-after-free and double-free in MQTT sending (CVE-2021-22945)
* Wed Jul 21 2021 Kamil Dudka - 7.76.1-7- fix TELNET stack contents disclosure again (CVE-2021-22925)- fix bad connection reuse due to flawed path name checks (CVE-2021-22924)
* Wed Jul 21 2021 Kamil Dudka - 7.76.1-5- disable metalink support to fix the following vulnerabilities CVE-2021-22923 - metalink download sends credentials CVE-2021-22922 - wrong content via metalink not discarded
* Wed Jun 02 2021 Kamil Dudka - 7.76.1-4- fix SIGSEGV upon disconnect of a ldaps:// transfer (#1941925)
* Wed May 26 2021 Kamil Dudka - 7.76.1-3- fix TLS session caching disaster (CVE-2021-22901)- fix TELNET stack contents disclosure (CVE-2021-22898)
* Mon May 03 2021 Kamil Dudka - 7.76.1-2- http2: fix resource leaks detected by Coverity
* Wed Apr 14 2021 Kamil Dudka - 7.76.1-1- new upstream release
* Wed Mar 31 2021 Kamil Dudka - 7.76.0-1- new upstream release, which fixes the following vulnerabilities CVE-2021-22890 - TLS 1.3 session ticket proxy host mixup CVE-2021-22876 - Automatic referer leaks credentials
* Wed Mar 24 2021 Kamil Dudka - 7.75.0-3- fix SIGSEGV upon disconnect of a ldaps:// transfer
* Tue Feb 23 2021 Kamil Dudka - 7.75.0-2- build-require python3-impacket only on Fedora
* Wed Feb 03 2021 Kamil Dudka - 7.75.0-1- new upstream release
* Tue Jan 26 2021 Kamil Dudka - 7.74.0-4- do not use stunnel for tests on s390x builds to avoid spurious failures
* Tue Jan 26 2021 Fedora Release Engineering - 7.74.0-3- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
* Wed Dec 09 2020 Kamil Dudka - 7.74.0-2- do not rewrite shebangs in test-suite to use python3 explicitly
* Wed Dec 09 2020 Kamil Dudka - 7.74.0-1- new upstream release, which fixes the following vulnerabilities CVE-2020-8286 - curl: Inferior OCSP verification CVE-2020-8285 - libcurl: FTP wildcard stack overflow CVE-2020-8284 - curl: trusting FTP PASV responses
* Wed Oct 14 2020 Kamil Dudka - 7.73.0-2- prevent upstream test 1451 from being skipped
* Wed Oct 14 2020 Kamil Dudka - 7.73.0-1- new upstream release
* Thu Sep 10 2020 Jinoh Kang - 7.72.0-2- fix multiarch conflicts in libcurl-minimal (#1877671)
* Wed Aug 19 2020 Kamil Dudka - 7.72.0-1- new upstream release, which fixes the following vulnerability CVE-2020-8231 - libcurl: wrong connect-only connection
* Thu Aug 06 2020 Kamil Dudka - 7.71.1-5- setopt: unset NOBODY switches to GET if still HEAD
* Mon Jul 27 2020 Fedora Release Engineering - 7.71.1-4- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
* Mon Jul 13 2020 Tom Stellard - 7.71.1-3- Use make macros- https://fedoraproject.org/wiki/Changes/UseMakeBuildInstallMacro
* Fri Jul 03 2020 Kamil Dudka - 7.71.1-2- curl: make the --krb option work again (#1833193)
* Wed Jul 01 2020 Kamil Dudka - 7.71.1-1- new upstream release
* Wed Jun 24 2020 Kamil Dudka - 7.71.0-1- new upstream release, which fixes the following vulnerabilities CVE-2020-8169 - curl: Partial password leak over DNS on HTTP redirect CVE-2020-8177 - curl: overwrite local file with -J
  
ICM