Kamil Dudka
|
18e7a55066
|
Resolves: #1462184 - enforce versioned openssl-libs dependency for libcurl
|
2017-06-19 14:28:19 +02:00 |
|
Kamil Dudka
|
0aa20e6c92
|
new upstream release - 7.54.1
|
2017-06-14 10:50:24 +02:00 |
|
Kamil Dudka
|
e4d662f774
|
add *-full provides for curl and libcurl
... to make them explicitly installable
|
2017-05-16 13:28:03 +02:00 |
|
Kamil Dudka
|
f7041f17bf
|
make curl-minimal require a new enough version of libcurl
At the same time relax the dependency of curl on libcurl to support
running old curl on top of new libcurl but not vice versa.
|
2017-05-04 12:42:41 +02:00 |
|
Kamil Dudka
|
3be7c46fde
|
Resolves: #1445153 - switch the TLS backend back to OpenSSL
|
2017-04-27 10:42:34 +02:00 |
|
Kamil Dudka
|
9549974a4c
|
nss: use libnssckbi.so as the default source of trust
See https://github.com/curl/curl/pull/1414 for details.
|
2017-04-25 18:47:15 +02:00 |
|
Kamil Dudka
|
1e77c47734
|
Resolves: #1444860 - nss: do not leak PKCS #11 slot while loading a key
|
2017-04-25 18:37:35 +02:00 |
|
Kamil Dudka
|
0f99fceebe
|
new upstream release - 7.54.0 (fixes CVE-2017-7468)
|
2017-04-20 09:09:40 +02:00 |
|
Paul Howarth
|
db1a758364
|
add %post and %postun scriptlets for libcurl-minimal
also:
- libcurl-minimal provides both libcurl and libcurl%{?_isa}
- remove some legacy spec file cruft
|
2017-04-13 11:59:46 +01:00 |
|
Kamil Dudka
|
9b62c3eaeb
|
provide (lib)curl-minimal subpackages with lightweight build of (lib)curl
Discussed at:
https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org/message/CBIGRS63BCULMZBU7O4KBIKDWZZKA7OV/
|
2017-04-13 08:15:22 +02:00 |
|
Kamil Dudka
|
0d44d984ff
|
bump release number
|
2017-04-10 13:55:52 +02:00 |
|
Kamil Dudka
|
a5dd610a20
|
disable upstream test 2033 (flaky test for HTTP/1 pipelining)
|
2017-04-10 13:32:42 +02:00 |
|
Kamil Dudka
|
d469b84593
|
Resolves: CVE-2017-7407 - fix out of bounds read in curl --write-out
|
2017-04-07 12:13:07 +02:00 |
|
Kamil Dudka
|
4832a02ce4
|
Resolves: #1428550 - make the dependency on nss-pem arch-specific
|
2017-03-06 10:30:12 +01:00 |
|
Kamil Dudka
|
c870f5feb8
|
Related: #1428286 - re-enable valgrind on ix86 because sqlite is fixed
|
2017-03-02 16:54:10 +01:00 |
|
Kamil Dudka
|
c1fbf35cce
|
new upstream release - 7.53.1
|
2017-02-24 10:51:31 +01:00 |
|
Kamil Dudka
|
efea9223f3
|
do not use valgrind on i686 until sqlite is rebuilt
... by patched GCC (#1423434)
|
2017-02-22 12:17:41 +01:00 |
|
Kamil Dudka
|
8afeb9390f
|
new upstream release - 7.53.0 (fixes CVE-2017-2629)
|
2017-02-22 10:32:55 +01:00 |
|
Fedora Release Engineering
|
9ec0774d38
|
- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild
|
2017-02-10 08:05:00 +00:00 |
|
Kamil Dudka
|
00369df034
|
new upstream release - 7.52.1 (fixes CVE-2016-9586)
|
2016-12-23 10:06:25 +01:00 |
|
Kamil Dudka
|
c38149da81
|
Resolves: #1396719 - map CURL_SSLVERSION_DEFAULT to NSS default, add support for TLS 1.3
|
2016-11-21 09:54:16 +01:00 |
|
Kamil Dudka
|
40b1d9916f
|
stricter host name checking for file:// URLs
|
2016-11-15 18:40:23 +01:00 |
|
Kamil Dudka
|
2856bdf841
|
ssh: check md5 fingerprints case insensitively
|
2016-11-15 18:34:21 +01:00 |
|
Kamil Dudka
|
c8e1922952
|
temporarily disable failing libidn2 test-cases
|
2016-11-02 11:14:11 +01:00 |
|
Kamil Dudka
|
5169cd3899
|
new upstream release - 7.51.0
Resolves: CVE-2016-8615 - Cookie injection for other servers
Resolves: CVE-2016-8616 - Case insensitive password comparison
Resolves: CVE-2016-8617 - Out-of-bounds write via unchecked multiplication
Resolves: CVE-2016-8618 - Double-free in curl_maprintf
Resolves: CVE-2016-8619 - Double-free in krb5 code
Resolves: CVE-2016-8620 - Glob parser write/read out of bounds
Resolves: CVE-2016-8621 - curl_getdate out-of-bounds read
Resolves: CVE-2016-8622 - URL unescape heap overflow via integer truncation
Resolves: CVE-2016-8623 - Use-after-free via shared cookies
Resolves: CVE-2016-8624 - Invalid URL parsing with '#'
Resolves: CVE-2016-8625 - IDNA 2003 makes curl use wrong host
|
2016-11-02 11:12:40 +01:00 |
|
Kamil Dudka
|
837f1f0f4e
|
drop 0103-curl-7.50.0-stunnel.patch no longer needed
It paralyzes the test-suite on systems with ancient versions of stunnel.
|
2016-10-20 13:39:29 +02:00 |
|
Kamil Dudka
|
6aadc8e2a0
|
use the just built version of libcurl while generating zsh completion
|
2016-10-07 12:23:18 +02:00 |
|
Kamil Dudka
|
b552e5528d
|
new upstream release - 7.50.3 (fixes CVE-2016-7167)
|
2016-09-14 10:50:47 +02:00 |
|
Kamil Dudka
|
1db8ad8d42
|
new upstream release - 7.50.2
|
2016-09-07 10:33:38 +02:00 |
|
Kamil Dudka
|
165cb33f0a
|
work around race condition in PK11_FindSlotByName()
Bug: https://bugzilla.mozilla.org/1297397
|
2016-08-26 15:48:18 +02:00 |
|
Kamil Dudka
|
0f6a97db34
|
Related: CVE-2016-5420 - fix incorrect use of a previously loaded certificate from file
|
2016-08-26 15:48:07 +02:00 |
|
Kamil Dudka
|
2fd0a39aee
|
new upstream release - 7.50.1
Resolves: CVE-2016-5419 CVE-2016-5420 CVE-2016-5421
|
2016-08-03 10:10:39 +02:00 |
|
Kamil Dudka
|
1b9369d1bf
|
run HTTP/2 tests on all arches (#1360319 worked around in nghttp2)
Revert "run HTTP/2 tests only on Intel for now"
This reverts commit 99b64f5ec2 .
|
2016-07-26 17:12:54 +02:00 |
|
Kamil Dudka
|
99b64f5ec2
|
run HTTP/2 tests only on Intel for now
... to work around #1358845
|
2016-07-21 17:21:41 +02:00 |
|
Kamil Dudka
|
9b1375c118
|
require nss-pem no longer included in the nss package (#1347336)
|
2016-07-21 16:36:33 +02:00 |
|
Kamil Dudka
|
518559f4a0
|
fix HTTPS and FTPS tests (work around stunnel bug #1358810)
|
2016-07-21 16:33:22 +02:00 |
|
Kamil Dudka
|
f4e76c10cd
|
add BR for nghttp2 used by the upstream test-suite
|
2016-07-21 14:09:11 +02:00 |
|
Kamil Dudka
|
90cc80745a
|
import needed files missing in the upstream tarball
|
2016-07-21 14:08:30 +02:00 |
|
Kamil Dudka
|
bed70046cf
|
new upstream release - 7.50.0
|
2016-07-21 11:32:21 +02:00 |
|
Kamil Dudka
|
83e65ab057
|
use multilib-rpm-config to install arch-dependent header files
|
2016-06-17 17:49:49 +02:00 |
|
Kamil Dudka
|
81483e8ea1
|
drop a test-suite quirk already applied upstream
https://github.com/curl/curl/commit/effa575f
|
2016-06-15 14:50:58 +02:00 |
|
Kamil Dudka
|
ed398dec4b
|
Resolves: #1340757 - fix SIGSEGV of the curl tool
... while parsing URL with too many globs
|
2016-06-03 13:27:18 +02:00 |
|
Kamil Dudka
|
baeb46456e
|
new upstream release - 7.49.1
|
2016-05-30 09:28:06 +02:00 |
|
Kamil Dudka
|
84382c927b
|
prevent test1140 from failing
... by locally creating docs/libcurl/curl_multi_socket_all.3
|
2016-05-18 19:29:28 +02:00 |
|
Kamil Dudka
|
1e7c2958aa
|
include manpage-scan.pl nroff-scan.pl to fix tests 1139 and 1140
Upstream-commit: 54e4c6c396a9987f4232c73b5b4d31c01b16f8ae
|
2016-05-18 19:29:28 +02:00 |
|
Kamil Dudka
|
9a03eb6087
|
new upstream release - 7.49.0
|
2016-05-18 19:29:26 +02:00 |
|
Kamil Dudka
|
b041400317
|
new upstream release - 7.48.0
|
2016-03-23 13:11:48 +01:00 |
|
Kamil Dudka
|
e2daf98253
|
Resolves: #1308791 - do not refuse cookies for localhost
|
2016-03-03 00:42:56 +01:00 |
|
Kamil Dudka
|
e57a741556
|
make SCP and SFTP test-cases work with up2date OpenSSH
|
2016-02-17 13:08:22 +01:00 |
|
Kamil Dudka
|
1e7ba88548
|
Resolves: #1305701 - enable support for Public Suffix List
|
2016-02-10 18:54:34 +01:00 |
|