2e18ec1da4
Resolves: CVE-2022-32206 - fix HTTP compression denial of service
2022-06-29 14:53:47 +02:00
0d71fe9a40
Resolves: CVE-2022-32208 - fix FTP-KRB bad message verification
2022-06-29 14:53:14 +02:00
d613827bea
Related: CVE-2022-27782 - make upstream tests work with openssh-8.7p1
2022-05-11 15:06:48 +02:00
8c425de1b3
Resolves: CVE-2022-27782 - fix too eager reuse of TLS and SSH connections
2022-05-11 14:13:31 +02:00
36d4ce9e14
Resolves: CVE-2022-27774 - fix leak of SRP credentials in redirects
2022-05-02 10:34:03 +02:00
858e381746
Related: CVE-2022-27774 - add missing tests to Makefile
2022-04-29 14:47:02 +02:00
fa64a61826
Related: CVE-2022-27774 - update gating.yaml for RHEL-9
2022-04-28 13:36:24 +02:00
8929aa4b81
Resolves: CVE-2022-27774 - fix credential leak on redirect
2022-04-28 13:35:41 +02:00
0a149a1ed9
Resolves: CVE-2022-27776 - fix auth/cookie leak on redirect
2022-04-28 13:35:30 +02:00
ebff9aa2cc
Resolves: CVE-2022-27775 - fix bad local IPv6 connection reuse
2022-04-28 13:35:10 +02:00
7c695ff325
Resolves: CVE-2022-22576 - fix OAUTH2 bearer bypass in connection re-use
2022-04-28 13:34:45 +02:00
a3da9b9ac3
Related: #2005874 - re-disable HSTS in libcurl
...
... as an experimental feature
2021-10-26 17:35:49 +02:00
64fed6be02
Related: #2005874 - run upstream tests for both curl-minimal and curl-full
...
As we made libcurl-minimal more minimal, it differs more from
libcurl-full and it should be tested separately. On the other
hand, the test-suite for libcurl-minimal runs faster now because
more tests are skipped.
2021-10-06 13:44:09 +02:00
91252b5be5
Resolves : #2005874 - disable more protocols and features in libcurl-minimal
...
... to limit vulnerability exposure in case there is a CVE in curl
in some of the rarer protocols
2021-10-06 13:42:01 +02:00
6f12b4a106
Related: #2005874 - explicitly disable zstd while configuring curl
...
... in order to make local builds closer to what we get from Koji
2021-10-06 13:41:57 +02:00
b4895633ac
Related: #2005874 - curl.spec: align the lists of configure options
...
... to make it easier to extend the lists
2021-10-06 13:41:44 +02:00
18dc6a0508
Resolves: CVE-2021-22947 - fix STARTTLS protocol injection via MITM
2021-09-17 10:35:40 +02:00
29681cbdd7
Resolves: CVE-2021-22946 - fix protocol downgrade required TLS bypass
2021-09-17 10:35:38 +02:00
f58185cd40
Resolves: CVE-2021-22945 - fix use-after-free and double-free in MQTT sending
2021-09-17 10:35:29 +02:00
e32e427920
Rebuilt for IMA sigs, glibc 2.34, aarch64 flags
...
Related: rhbz#1991688
Signed-off-by: Mohan Boddu <mboddu@redhat.com>
2021-08-09 19:44:44 +00:00
f2c10b31eb
Rebuild to pick up OpenSSL 3.0 Beta ABI ( #1984097 )
...
Related: #1984097
2021-07-28 11:50:14 +02:00
a1aeccc458
Related: CVE-2021-22924 - make explicit dependency on openssl work
...
... with alpha/beta builds of openssl
Reported-by: Daniel Rusek
2021-07-23 17:37:28 +02:00
ad77edcfa4
Related: CVE-2021-22924 - bump release to pick gating.yaml
...
Ideally such commits and builds should not be needed. The following
ticket asks for an extension of OSCI to avoid them in the future:
https://issues.redhat.com/browse/OSCI-2320 - unable to apply a new test configuration on an existing brew build
2021-07-23 15:56:43 +02:00
0f0e1c9fb4
Resolves : #1681019 - gating.yaml: use BaseOS CI for gating
2021-07-23 14:53:38 +02:00
62ea6c3a17
Resolves: CVE-2021-22925 - fix TELNET stack contents disclosure again
2021-07-22 09:30:56 +02:00
422b232978
Resolves: CVE-2021-22924 - fix bad connection reuse due to flawed path name checks
2021-07-22 09:30:43 +02:00
d580cec333
- Rebuilt for RHEL 9 BETA for openssl 3.0
...
Related: rhbz#1971065
Signed-off-by: Mohan Boddu <mboddu@redhat.com>
2021-06-15 20:29:00 +00:00
05f59553df
Resolves : #1967213 - build the curl tool without metalink support
...
Today curl upstream announced that they are going to completely remove
support for metalink from curl already in the next release of curl due
to a number of difficult to fix security issues:
https://curl.se/mail/archive-2021-06/0006.html
https://github.com/curl/curl/pull/7176
2021-06-03 08:18:46 +02:00
469a44d0c1
Resolves : #1941925 - fix SIGSEGV upon disconnect of a ldaps:// transfer
2021-06-02 15:49:30 +02:00
bc006791a4
Resolves: CVE-2021-22901 - fix TLS session caching disaster
2021-05-26 13:10:45 +02:00
aa689a0f22
Resolves: CVE-2021-22898 - fix TELNET stack contents disclosure
2021-05-26 13:10:43 +02:00
2461a58681
Resolves : #1938699 - http2: fix resource leaks detected by Coverity
2021-05-03 20:49:06 +02:00
d7e1d3c8be
new upstream release - 7.76.1
...
Resolves : #1950111
2021-04-23 17:08:53 +02:00
3872cc4434
new upstream release - 7.76.0
...
Resolves: CVE-2021-22890 - TLS 1.3 session ticket proxy host mixup
Resolves: CVE-2021-22876 - Automatic referer leaks credentials
2021-04-23 17:08:06 +02:00
3addcd310b
replace 0104-curl-7.73.0-localhost6.patch by sed invocation
...
... to avoid conflict resolution on new upstream releases
Related: #1950111
2021-04-23 16:41:07 +02:00
9fbfeb4898
- Rebuilt for RHEL 9 BETA on Apr 15th 2021. Related: rhbz#1947937
...
Signed-off-by: Mohan Boddu <mboddu@redhat.com>
2021-04-15 23:00:41 +00:00
548eee58a5
Related: #1941925 - temporarily disable an unreliable test-case
2021-03-24 13:52:09 +01:00
41dba95570
Resolves : #1941925 - fix SIGSEGV upon disconnect of a ldaps:// transfer
2021-03-24 11:21:28 +01:00
996e51f2d6
%check: use unstripped library from the build dir
...
It results in more detailed backtraces in valgrind's output.
2021-03-24 11:21:28 +01:00
6ace03bc47
Resolves : #1932082 - build-require python3-impacket only on Fedora
...
It might not be available in RHEL or CentOS Stream build repos.
2021-03-04 18:09:40 +01:00
263115e94c
Merged update from upstream sources
...
This is an automated DistroBaker update from upstream sources.
If you do not know what this is about or would like to opt out,
contact the OSCI team.
Source: https://src.fedoraproject.org/rpms/curl.git#7dada590f21a6aa8ea6033f636f03e334d91a026
2021-02-06 15:23:58 +00:00
2174528c27
Merged update from upstream sources
...
This is an automated DistroBaker update from upstream sources.
If you do not know what this is about or would like to opt out,
contact the OSCI team.
Source: https://src.fedoraproject.org/rpms/curl.git#1cfc0aeb3b0803992927a289aec9140acc107853
2021-01-26 15:41:57 +00:00
a16bb47a53
Merged update from upstream sources
...
This is an automated DistroBaker update from upstream sources.
If you do not know what this is about or would like to opt out,
contact the OSCI team.
Source: https://src.fedoraproject.org/rpms/curl.git#182c2a8bbbeee42a6e4d16817c764f624390d87d
2020-12-15 10:57:47 +00:00
359180b2e6
Merged update from upstream sources
...
This is an automated DistroBaker update from upstream sources.
If you do not know what this is about or would like to opt out,
contact the OSCI team.
Source: https://src.fedoraproject.org/rpms/curl.git#182c2a8bbbeee42a6e4d16817c764f624390d87d
2020-12-10 01:12:41 +01:00
c3f9b577a5
RHEL 9.0.0 Alpha bootstrap
...
The content of this branch was automatically imported from Fedora ELN
with the following as its source:
https://src.fedoraproject.org/rpms/curl#3c950d55416b900db1a4bd1720769de977c56ac1
2020-10-14 23:25:29 +02:00
ac5e667c8a
New branch setup
2020-10-08 11:34:11 +00:00
Kamil Dudka
Mohan Boddu
Florian Weimer
DistroBaker
Petr Šabata
Release Configuration Management