Resolves: CVE-2017-1000099 - FILE buffer read out of bounds
Resolves: CVE-2017-1000100 - TFTP sends more than buffer size
Resolves: CVE-2017-1000101 - URL globbing out of bounds read
- new upstream release (#806264)
- fix character encoding of docs with a patch rather than just iconv
- update debug and multilib patches
- don't use macros for commands
- reduce size of %prep output for readability
- New upstream release 7.21.3:
- added --noconfigure switch to testcurl.pl
- added --xattr option
- added CURLOPT_RESOLVE and --resolve
- added CURLAUTH_ONLY
- added version-check.pl to the examples dir
- check for libcurl features for some command line options
- Curl_setopt: disallow CURLOPT_USE_SSL without SSL support
- http_chunks: remove debug output
- URL-parsing: consider ? a divider
- SSH: avoid using the libssh2_ prefix
- SSH: use libssh2_session_handshake() to work on win64
- ftp: prevent server from hanging on closed data connection when stopping
a transfer before the end of the full transfer (ranges)
- LDAP: detect non-binary attributes properly
- ftp: treat server's response 421 as CURLE_OPERATION_TIMEDOUT
- gnutls->handshake: improved timeout handling
- security: pass the right parameter to init
- krb5: use GSS_ERROR to check for error
- TFTP: resend the correct data
- configure: fix autoconf 2.68 warning: no AC_LANG_SOURCE call detected
- GnuTLS: now detects socket errors on Windows
- symbols-in-versions: updated en masse
- added a couple of examples that were missing from the tarball
- Curl_send/recv_plain: return errno on failure
- Curl_wait_for_resolv (for c-ares): correct timeout
- ossl_connect_common: detect connection re-use
- configure: prevent link errors with --librtmp
- openldap: use remote port in URL passed to ldap_init_fd()
- url: provide dead_connection flag in Curl_handler::disconnect
- lots of compiler warning fixes
- ssh: fix a download resume point calculation
- fix getinfo CURLINFO_LOCAL* for reused connections
- multi: the returned running handles counter could turn negative
- multi: only ever consider pipelining for connections doing HTTP(S)
- Drop upstream patches now in tarball
- Update bz650255 and disable-test1112 patches to apply against new codebase
- Add workaround for false-positive glibc-detected buffer overflow in tftpd
test server with FORTIFY_SOURCE (similar to #515361)
- add ABI docs for libcurl
- remove --static-libs from curl-config
- drop curl-config patch, obsoleted by @SSL_ENABLED@ autoconf substitution
(#432667)
- drop .print patch, applied upstream
- next series of merge review fixes by Paul Howarth
- remove aclocal stuff, no more needed
- simplify makefile arguments
- don't reference standard library paths in libcurl.pc
- include docs/CONTRIBUTE
Tue Mar 02 2004 Elliot Lee <sopwith@redhat.com>
- rebuilt
Fri Feb 13 2004 Elliot Lee <sopwith@redhat.com>
- rebuilt
Sat Jan 31 2004 Florian La Roche <Florian.LaRoche@redhat.de>
- update to 7.10.8
- remove patch2, already upstream
Wed Oct 15 2003 Adrian Havill <havill@redhat.com> 7.10.6-7
- aclocal before libtoolize
- move OpenLDAP license so it's present as a doc file, present in both the
source and binary as per conditions
Mon Oct 13 2003 Adrian Havill <havill@redhat.com> 7.10.6-6
- add OpenLDAP copyright notice for usage of code, add OpenLDAP license for
this code
Tue Oct 07 2003 Adrian Havill <havill@redhat.com> 7.10.6-5
- match serverAltName certs with SSL (#106168)
Tue Sep 16 2003 Adrian Havill <havill@redhat.com> 7.10.6-4.1
- bump n-v-r for RHEL
Tue Sep 16 2003 Adrian Havill <havill@redhat.com> 7.10.6-4
- restore ca cert bundle (#104400)
- require openssl, we want to use its ca-cert bundle
Sun Sep 07 2003 Joe Orton <jorton@redhat.com> 7.10.6-3
- rebuild
Fri Sep 05 2003 Joe Orton <jorton@redhat.com> 7.10.6-2.2
- fix to include libcurl.so
Mon Aug 25 2003 Adrian Havill <havill@redhat.com> 7.10.6-2.1
- bump n-v-r for RHEL
Mon Aug 25 2003 Adrian Havill <havill@redhat.com> 7.10.6-2
- devel subpkg needs openssl-devel as a Require (#102963)
Mon Jul 28 2003 Adrian Havill <havill@redhat.com> 7.10.6-1
- bumped version
Tue Jul 01 2003 Adrian Havill <havill@redhat.com> 7.10.5-1
- bumped version
Wed Jun 04 2003 Elliot Lee <sopwith@redhat.com>
- rebuilt
Sat Apr 12 2003 Florian La Roche <Florian.LaRoche@redhat.de>
- update to 7.10.4
- adapt nousr patch
Fri Aug 17 2001 Nalin Dahyabhai <nalin@redhat.com>
- include curl-config in curl-devel
- update to 7.8 to fix memory leak and strlcat() symbol pollution from
libcurl
Wed Jul 18 2001 Crutcher Dunnavant <crutcher@redhat.com>
- added openssl-devel build req
Mon May 21 2001 Tim Powers <timp@redhat.com>
- built for the distro
Tue Apr 24 2001 Jeff Johnson <jbj@redhat.com>
- upgrade to curl-7.7.2.
- enable IPv6.
Fri Mar 02 2001 Tim Powers <timp@redhat.com>
- rebuilt against openssl-0.9.6-1
Thu Jan 04 2001 Tim Powers <timp@redhat.com>
- fixed mising ldconfigs
- updated to 7.5.2, bug fixes
Mon Dec 11 2000 Tim Powers <timp@redhat.com>
- updated to 7.5.1
Mon Nov 06 2000 Tim Powers <timp@redhat.com>
- update to 7.4.1 to fix bug #20337, problems with curl -c
- not using patch anymore, it's included in the new source. Keeping for
reference
Fri Oct 20 2000 Nalin Dahyabhai <nalin@redhat.com>
- fix bogus req in -devel package
Fri Oct 20 2000 Tim Powers <timp@redhat.com>
- devel package needed defattr so that root owns the files
Mon Oct 16 2000 Nalin Dahyabhai <nalin@redhat.com>
- update to 7.3
- apply vsprintf/vsnprintf patch from Colin Phipps via Debian
Mon Aug 21 2000 Nalin Dahyabhai <nalin@redhat.com>
- enable SSL support
- fix packager tag
- move buildroot to %{_tmppath}
Tue Aug 01 2000 Tim Powers <timp@redhat.com>
- fixed vendor tag for bug #15028
Mon Jul 24 2000 Prospector <prospector@redhat.com>
- rebuilt
Tue Jul 11 2000 Tim Powers <timp@redhat.com>
- workaround alpha build problems with optimizations
Mon Jul 10 2000 Tim Powers <timp@redhat.com>
- rebuilt
Mon Jun 05 2000 Tim Powers <timp@redhat.com>
- put man pages in correct place
- use %makeinstall
Mon Apr 24 2000 Tim Powers <timp@redhat.com>
- updated to 6.5.2
Wed Nov 03 1999 Tim Powers <timp@redhat.com>
- updated sources to 6.2
- gzip man page
Mon Aug 30 1999 Tim Powers <timp@redhat.com>
- changed group
Thu Aug 26 1999 Tim Powers <timp@redhat.com>
- changelog started
- general cleanups, changed prefix to /usr, added manpage to files section
- including in Powertools