Kamil Dudka
5a0fa9250b
new upstream release, which fixes the following vulnerabilities
...
Resolves: CVE-2018-1000300 - FTP shutdown response buffer overflow
Resolves: CVE-2018-1000301 - RTSP bad headers buffer over-read
2018-05-16 15:02:28 +02:00
Kamil Dudka
a1b38730ce
make the test-suite use Python 3
...
Unfortunately, smbserver.py does not work with Python 3 because
there is no 'impacket' module available for Python 3:
https://github.com/CoreSecurity/impacket/issues/61
2018-03-15 15:43:07 +01:00
Kamil Dudka
6402b496fc
ftp: fix typo in recursive callback detection for seeking
2018-03-14 14:43:54 +01:00
Kamil Dudka
bdef0a1bf6
new upstream release - 7.59.0
...
Resolves: CVE-2018-1000120 - FTP path trickery leads to NIL byte out of bounds write
Resolves: CVE-2018-1000121 - LDAP NULL pointer dereference
Resolves: CVE-2018-1000122 - RTSP RTP buffer over-read
2018-03-14 10:28:05 +01:00
Kamil Dudka
43b81665b0
http2: mark the connection for close on GOAWAY
2018-03-12 10:28:21 +01:00
Paul Howarth
bdc6ab544b
Robustness improvements to spec file
...
- Add explicity-used build requirements
- Fix libcurl soname version number in %files list to avoid accidental soname
bumps
2018-02-19 10:10:12 +00:00
Paul Howarth
a16f4de7a2
Update scriptlets, enforce versioned libssh dependency
...
- switch to %ldconfig_scriptlets
- drop legacy BuildRoot: and Group: tags
- enforce versioned libssh dependency for libcurl
2018-02-15 09:57:54 +00:00
Igor Gnatenko
5012445aca
Remove BuildRoot definition
...
None of currently supported distributions need that.
It was needed last for EL5 which is EOL now
Signed-off-by: Igor Gnatenko <ignatenkobrain@fedoraproject.org>
2018-02-13 23:11:49 +01:00
Kamil Dudka
960515d8a1
Related: #1540549 - drop temporary workaround for the GCC bug
2018-02-13 10:33:16 +01:00
Fedora Release Engineering
1bbb30f4f6
- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild
...
Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>
2018-02-07 06:08:47 +00:00
Kamil Dudka
b76e2f2c65
Related: #1540549 - use the workaround for f28 only
...
... so that it does not break the build with old versions of GCC
2018-02-01 14:05:00 +01:00
Kamil Dudka
bf966a954e
Related: #1540549 - temporarily work around internal compiler error on x86_64
2018-02-01 12:55:07 +01:00
Kamil Dudka
3ad2894efb
disable brp-ldconfig to make RemovePathPostfixes work
...
... with shared libraries again
Suggested at:
https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org/message/54Y4DZXHYSDXJDHJTBTBYLXC7OJ73JDU/
2018-01-31 14:44:06 +01:00
Andreas Schneider
cbbefe6fb9
Resolves : #1531483 - use libssh (instead of libssh2)
...
... to implement SCP/SFTP in libcurl
2018-01-24 18:06:50 +01:00
Kamil Dudka
93c55561d3
new upstream release - 7.58.0
...
Resolves: CVE-2018-1000005 - curl: HTTP/2 trailer out-of-bounds read
Resolves: CVE-2018-1000007 - curl: HTTP authentication leak in redirects
2018-01-24 11:55:14 +01:00
Kamil Dudka
ed352e927e
new upstream release - 7.57.0
...
Resolves: CVE-2017-8816 - curl: NTLM buffer overflow via integer overflow
Resolves: CVE-2017-8817 - curl: FTP wildcard out of bounds read
Resolves: CVE-2017-8818 - curl: SSL out of buffer access
2017-11-29 14:03:21 +01:00
Kamil Dudka
5d4a9257c3
new upstream release - 7.56.1 (fixes CVE-2017-1000257)
2017-10-23 10:13:16 +02:00
Kamil Dudka
c4a2596b22
re-enable temporarily disabled IDN2 test-cases
...
test2033 is now marked flaky by upstream, so it does not need
to explicitly disabled any more
2017-10-04 10:00:50 +02:00
Kamil Dudka
46c8abb050
new upstream release - 7.56.0 (fixes CVE-2017-1000254)
2017-10-04 09:36:05 +02:00
Andrei Stepanov
c7e4ac606d
Add CI tests using the standard test interface
...
Adds tests according to the CI wiki [0] specifically the standard test interface in the spec [1].
[0] https://fedoraproject.org/wiki/CI
[1] https://fedoraproject.org/wiki/Changes/InvokingTests
Signed-off-by: Andrei Stepanov <astepano@redhat.com>
2017-09-26 15:46:24 +00:00
Kamil Dudka
b2dab7f315
Resolves : #1485702 - apply the patch for the previous commit and fix its name
2017-08-28 13:40:42 +02:00
Bastien Nocera
57a73689a9
+ curl-7.55.1-4
...
Fix NetworkManager connectivity check not working (#1485702 )
2017-08-28 13:26:23 +02:00
Kamil Dudka
0480ac07c5
Resolves : #1483972 - utilize system wide crypto policies for TLS
2017-08-22 17:39:58 +02:00
Kamil Dudka
8eae4647c3
make zsh completion work again
2017-08-15 12:34:08 +02:00
Kamil Dudka
019e1c424c
new upstream release - 7.55.1
2017-08-14 09:39:22 +02:00
Kamil Dudka
a12eed4ad5
avoid int overflow on arches with 32bit long
...
Bug: https://github.com/curl/curl/pull/1748
2017-08-09 14:34:27 +02:00
Kamil Dudka
46ef14b039
add BR for gnutls-utils to increase test coverage
2017-08-09 13:48:21 +02:00
Kamil Dudka
8e0d8e3815
add tests/{dictserver,negtelnetserver}.py
...
... not included in EXTRA_DIST: https://github.com/curl/curl/pull/1744
2017-08-09 12:36:41 +02:00
Kamil Dudka
ffdd721180
explicitly install libcurl man pages
2017-08-09 11:47:30 +02:00
Kamil Dudka
574639b8f6
drop multilib fix for libcurl header files no longer needed
2017-08-09 11:34:32 +02:00
Kamil Dudka
46042daf78
new upstream release - 7.55.0
...
Resolves: CVE-2017-1000099 - FILE buffer read out of bounds
Resolves: CVE-2017-1000100 - TFTP sends more than buffer size
Resolves: CVE-2017-1000101 - URL globbing out of bounds read
2017-08-09 10:52:10 +02:00
Fedora Release Engineering
0aa4c628e2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild
2017-08-02 19:22:27 +00:00
Florian Weimer
4af228aa7a
Rebuild with fixed binutils ( #1475636 )
2017-07-28 21:15:25 +02:00
Igor Gnatenko
6ec12398a3
Enable separate debuginfo back
...
Signed-off-by: Igor Gnatenko <ignatenkobrain@fedoraproject.org>
2017-07-28 19:43:57 +02:00
Kamil Dudka
a042788c8a
rebuild to fix broken linkage of cmake on ppc64le
2017-07-27 10:02:53 +02:00
Kamil Dudka
03b8614ff6
avoid build failure caused broken RPM code
...
... that produces debuginfo packages
Bug: https://github.com/rpm-software-management/rpm/issues/280
2017-07-26 16:48:08 +02:00
Fedora Release Engineering
44f7d8692a
- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild
2017-07-26 05:48:14 +00:00
Kamil Dudka
18e7a55066
Resolves : #1462184 - enforce versioned openssl-libs dependency for libcurl
2017-06-19 14:28:19 +02:00
Kamil Dudka
0aa20e6c92
new upstream release - 7.54.1
2017-06-14 10:50:24 +02:00
Kamil Dudka
e4d662f774
add *-full provides for curl and libcurl
...
... to make them explicitly installable
2017-05-16 13:28:03 +02:00
Kamil Dudka
f7041f17bf
make curl-minimal require a new enough version of libcurl
...
At the same time relax the dependency of curl on libcurl to support
running old curl on top of new libcurl but not vice versa.
2017-05-04 12:42:41 +02:00
Kamil Dudka
3be7c46fde
Resolves : #1445153 - switch the TLS backend back to OpenSSL
2017-04-27 10:42:34 +02:00
Kamil Dudka
9549974a4c
nss: use libnssckbi.so as the default source of trust
...
See https://github.com/curl/curl/pull/1414 for details.
2017-04-25 18:47:15 +02:00
Kamil Dudka
1e77c47734
Resolves : #1444860 - nss: do not leak PKCS #11 slot while loading a key
2017-04-25 18:37:35 +02:00
Kamil Dudka
0f99fceebe
new upstream release - 7.54.0 (fixes CVE-2017-7468)
2017-04-20 09:09:40 +02:00
Paul Howarth
db1a758364
add %post and %postun scriptlets for libcurl-minimal
...
also:
- libcurl-minimal provides both libcurl and libcurl%{?_isa}
- remove some legacy spec file cruft
2017-04-13 11:59:46 +01:00
Kamil Dudka
9b62c3eaeb
provide (lib)curl-minimal subpackages with lightweight build of (lib)curl
...
Discussed at:
https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org/message/CBIGRS63BCULMZBU7O4KBIKDWZZKA7OV/
2017-04-13 08:15:22 +02:00
Kamil Dudka
0d44d984ff
bump release number
2017-04-10 13:55:52 +02:00
Kamil Dudka
a5dd610a20
disable upstream test 2033 (flaky test for HTTP/1 pipelining)
2017-04-10 13:32:42 +02:00
Kamil Dudka
d469b84593
Resolves: CVE-2017-7407 - fix out of bounds read in curl --write-out
2017-04-07 12:13:07 +02:00