Revisions of curl
Dominique Leuenberger (dimstar_suse)
accepted
request 438231
from
Ismail Dönmez (namtrac)
(revision 119)
- Update to 7.51.0 Changes: * nss: additional cipher suites are now accepted by CURLOPT_SSL_CIPHER_LIST * New option: CURLOPT_KEEP_SENDING_ON_ERROR Bugfixes: * CVE-2016-8615: cookie injection for other servers * CVE-2016-8616: case insensitive password comparison * CVE-2016-8617: OOB write via unchecked multiplication * CVE-2016-8618: double-free in curl_maprintf * CVE-2016-8619: double-free in krb5 code * CVE-2016-8620: glob parser write/read out of bounds * CVE-2016-8621: curl_getdate read out of bounds * CVE-2016-8622: URL unescape heap overflow via integer truncation * CVE-2016-8623: Use-after-free via shared cookies * CVE-2016-8624: invalid URL parsing with '#' * CVE-2016-8625: IDNA 2003 makes curl use wrong host * openssl: fix per-thread memory leak using 1.0.1 or 1.0.2 * http: accept "Transfer-Encoding: chunked" for HTTP/2 as well * LICENSE-MIXING.md: update with mbedTLS dual licensing * examples/imap-append: Set size of data to be uploaded * test2048: fix url * darwinssl: disable RC4 cipher-suite support * CURLOPT_PINNEDPUBLICKEY.3: fix the AVAILABILITY formatting * openssl: don’t call CRYTPO_cleanup_all_ex_data * libressl: fix version output * easy: Reset all statistical session info in curl_easy_reset * curl_global_cleanup.3: don't unload the lib with sub threads running * dist: add CurlSymbolHiding.cmake to the tarball * docs: Remove that --proto is just used for initial retrieval
Dominique Leuenberger (dimstar_suse)
accepted
request 427465
from
Ismail Dönmez (namtrac)
(revision 118)
- update to 7.50.3 Bugfixes: * CVE-2016-7167: escape and unescape integer overflows * mk-ca-bundle.pl: use SHA256 instead of SHA1 * checksrc: detect strtok() use * errors: new alias CURLE_WEIRD_SERVER_REPLY * http2: support > 64bit sized uploads * openssl: fix bad memory free (regression) * CMake: hide private library symbols * http: refuse to pass on response body when NO_NODY is set * cmake: fix curl-config --static-libs * mbedtls: switch off NTLM in build if md4 isn't available * curl: --create-dirs on windows groks both forward and backward slashes
Dominique Leuenberger (dimstar_suse)
accepted
request 425624
from
Ismail Dönmez (namtrac)
(revision 117)
- update to 7.50.2 Bugfixes: * mbedtls: Added support for NTLM * SSH: fixed SFTP/SCP transfer problems * multi: make Curl_expire() work with 0 ms timeouts * mk-ca-bundle.pl: -m keeps ca cert meta data in output * TFTP: Fix upload problem with piped input * CURLOPT_TCP_NODELAY: now enabled by default * mbedtls: set verbose TLS debug when MBEDTLS_DEBUG is defined * http2: always wait for readable socket * cmake: Enable win32 large file support by default * cmake: Enable win32 threaded resolver by default * winbuild: Avoid setting redundant CFLAGS to compile commands * curl.h: make CURL_NO_OLDIES define CURL_STRICTER * docs: make more markdown files use .md extension * docs: CONTRIBUTE and LICENSE-MIXING were converted to markdown * winbuild: Allow changing C compiler via environment variable CC * rtsp: accept any RTSP session id * HTTP: retry failed HEAD requests on reused connections too * configure: add zlib search with pkg-config * openssl: accept subjectAltName iPAddress if no dNSName match * MANUAL: Remove invalid link to LDAP documentation * socks: improved connection procedure * proxy: reject attempts to use unsupported proxy schemes * proxy: bring back use of "Proxy-Connection:" * curl: allow "pkcs11:" prefix for client certificates * spnego_sspi: fix memory leak in case *outlen is zero * SOCKS: improve verbose output of SOCKS5 connection sequence * SOCKS: display the hostname returned by the SOCKS5 proxy server * http/sasl: Query authentication mechanism supported by SSPI before using
Dominique Leuenberger (dimstar_suse)
accepted
request 417094
from
P. Janouch (pjanouch)
(revision 116)
- update to 7.50.1 Bugfixes: * TLS: switch off SSL session id when client cert is used * TLS: only reuse connections with the same client cert * curl_multi_cleanup: clear connection pointer for easy handles * include the CURLINFO_HTTP_VERSION man page into the release tarball * include the http2-server.pl script in the release tarball * test558: fix test by stripping file paths from FD lines * spnego: Corrected miss-placed * in Curl_auth_spnego_cleanup() declaration * tests: Fix for http/2 feature * cmake: Fix for schannel support * curl.h: make public types void * again * win32: fix a potential memory leak in Curl_load_library * travis: fix OSX build by re-installing libtool * mbedtls: Fix debug function name - removed 0001-tests-distribute-the-http2-server.pl-script-too.patch - update to 7.50.0 Changes: * http: add CURLINFO_HTTP_VERSION and %{http_version} Bugfixes: * openssl: fix build with OPENSSL_NO_COMP * cmake: Added missing mbedTLS support * URL parser: allow URLs to use one, two or three slashes * curl: fix -q [regression] * openssl: Use correct buffer sizes for error messages * curl: fix SIGSEGV while parsing URL with too many globs * vtls: fix ssl session cache race condition * http: Fix HTTP/2 connection reuse [regression] * checksrc: Add LoadLibrary to the banned functions list
Dominique Leuenberger (dimstar_suse)
accepted
request 402957
from
P. Janouch (pjanouch)
(revision 115)
1
Dominique Leuenberger (dimstar_suse)
accepted
request 400210
from
Ismail Dönmez (namtrac)
(revision 114)
- Depend on libssh2 >= 1.6.0 since curl depends on the libssh2_scp_recv2 symbol now. Fixes boo#983170
Dominique Leuenberger (dimstar_suse)
accepted
request 394306
from
P. Janouch (pjanouch)
(revision 113)
1
Dominique Leuenberger (dimstar_suse)
accepted
request 382629
from
Ismail Dönmez (namtrac)
(revision 112)
- Update to 7.48.0 * configure: --with-ca-fallback: use built-in TLS CA fallback * TFTP: add --tftp-no-options to expose CURLOPT_TFTP_NO_OPTIONS * getinfo: CURLINFO_TLS_SSL_PTR supersedes CURLINFO_TLS_SESSION * Lots of bugfixes, see https://curl.haxx.se/changes.html#7_48_0 - Drop curl-7.41.0-use-openssl-s-built-in-verify-path-as-fallback.diff, superseded by --with-ca-fallback configure option.
Dominique Leuenberger (dimstar_suse)
accepted
request 379275
from
Factory Maintainer (factory-maintainer)
(revision 111)
Automatic submission by obs-autosubmit
Dominique Leuenberger (dimstar_suse)
accepted
request 357070
from
Ismail Dönmez (namtrac)
(revision 110)
1
Dominique Leuenberger (dimstar_suse)
accepted
request 352284
from
Ismail Dönmez (namtrac)
(revision 109)
- Fix path to curl in zsh.pl to unbreak _curl completion * curl-fix-zsh-completion.patch
Dominique Leuenberger (dimstar_suse)
accepted
request 347176
from
Ismail Dönmez (namtrac)
(revision 108)
- Update to 7.46.0 * Added CURLOPT_STREAM_DEPENDS * Added CURLOPT_STREAM_DEPENDS_E * Added CURLOPT_STREAM_WEIGHT * Added CURLFORM_CONTENTLEN * oauth2: Added support for OAUTHBEARER SASL mechanism to IMAP, POP3 and SNMP * Many bugfixes, see http://curl.haxx.se/changes.html#7_46_0 for the complete list.
Dominique Leuenberger (dimstar_suse)
accepted
request 339794
from
Ismail Dönmez (namtrac)
(revision 107)
1
Dominique Leuenberger (dimstar_suse)
accepted
request 323094
from
Ismail Dönmez (namtrac)
(revision 106)
1
Dominique Leuenberger (dimstar_suse)
accepted
request 321837
from
Vítězslav Čížek (vitezslav_cizek)
(revision 105)
1
Dominique Leuenberger (dimstar_suse)
accepted
request 304674
from
Ismail Dönmez (namtrac)
(revision 103)
1
Dominique Leuenberger (dimstar_suse)
accepted
request 293697
from
Ismail Dönmez (namtrac)
(revision 101)
1
Dominique Leuenberger (dimstar_suse)
accepted
request 287868
from
Ismail Dönmez (namtrac)
(revision 100)
1
Displaying revisions 81 - 100 of 199