Fedora Release Engineering
2fded2f1a8
Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild
...
Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>
2022-07-20 23:54:27 +00:00
Kamil Dudka
f052e58217
test3026: avoid pthread_create() failure due to resource exhaustion on i386
2022-06-28 09:04:19 +02:00
Kamil Dudka
9ba06cfc6e
easy_lock.h: include sched.h if available to fix build
2022-06-27 17:52:30 +02:00
Kamil Dudka
768ce3965d
test3026: disable valgrind
...
It fails on x86_64 with:
```
Use --max-threads=INT to specify a larger number of threads
and rerun valgrind
valgrind: the 'impossible' happened:
Max number of threads is too low
host stacktrace:
==174357== at 0x58042F5A: ??? (in /usr/libexec/valgrind/memcheck-amd64-linux)
==174357== by 0x58043087: ??? (in /usr/libexec/valgrind/memcheck-amd64-linux)
==174357== by 0x580432EF: ??? (in /usr/libexec/valgrind/memcheck-amd64-linux)
==174357== by 0x58043310: ??? (in /usr/libexec/valgrind/memcheck-amd64-linux)
==174357== by 0x58099E77: ??? (in /usr/libexec/valgrind/memcheck-amd64-linux)
==174357== by 0x580E67E9: ??? (in /usr/libexec/valgrind/memcheck-amd64-linux)
==174357== by 0x5809D59D: ??? (in /usr/libexec/valgrind/memcheck-amd64-linux)
==174357== by 0x5809901A: ??? (in /usr/libexec/valgrind/memcheck-amd64-linux)
==174357== by 0x5809B0B6: ??? (in /usr/libexec/valgrind/memcheck-amd64-linux)
==174357== by 0x580E4050: ??? (in /usr/libexec/valgrind/memcheck-amd64-linux)
sched status:
running_tid=1
Thread 1: status = VgTs_Runnable syscall 56 (lwpid 174357)
==174357== at 0x4A07816: clone (in /usr/lib64/libc.so.6)
==174357== by 0x4A08720: __clone_internal (in /usr/lib64/libc.so.6)
==174357== by 0x4987ACF: create_thread (in /usr/lib64/libc.so.6)
==174357== by 0x49885F6: pthread_create@@GLIBC_2.34 (in /usr/lib64/libc.so.6)
==174357== by 0x1093B5: test.part.0 (lib3026.c:64)
==174357== by 0x492454F: (below main) (in /usr/lib64/libc.so.6)
client stack range: [0x1FFEFFC000 0x1FFF000FFF] client SP: 0x1FFEFFC998
valgrind stack range: [0x1002BAA000 0x1002CA9FFF] top usage: 11728 of 1048576
[...]
```
2022-06-27 17:00:18 +02:00
Kamil Dudka
a4ed273b19
new upstream release - 7.84.0
...
Resolves: CVE-2022-32207 - Unpreserved file permissions
Resolves: CVE-2022-32205 - Set-Cookie denial of service
Resolves: CVE-2022-32206 - HTTP compression denial of service
Resolves: CVE-2022-32208 - FTP-KRB bad message verification
2022-06-27 13:00:50 +02:00
Kamil Dudka
4ad1229e9d
new upstream release - 7.83.1
...
Resolves: CVE-2022-27782 - fix too eager reuse of TLS and SSH connections
Resolves: CVE-2022-27779 - do not accept cookies for TLD with trailing dot
Resolves: CVE-2022-27778 - do not remove wrong file on error
Resolves: CVE-2022-30115 - hsts: ignore trailing dots when comparing hosts names
Resolves: CVE-2022-27780 - reject percent-encoded path separator in URL host
2022-05-11 10:03:28 +02:00
Kamil Dudka
f17162c526
new upstream release - 7.83.0
...
Resolves: CVE-2022-27774 - curl credential leak on redirect
Resolves: CVE-2022-27776 - curl auth/cookie leak on redirect
Resolves: CVE-2022-27775 - curl bad local IPv6 connection reuse
Resolves: CVE-2022-22576 - curl OAUTH2 bearer bypass in connection re-use
2022-04-27 13:52:54 +02:00
Kamil Dudka
cd99025ff8
curl.spec: bump release for the previous commit
2022-03-15 12:57:49 +01:00
Kamil Dudka
cbc7b73e10
openssl: fix incorrect CURLE_OUT_OF_MEMORY error
...
... on CN check failure, which was breaking the test-suite of pycurl.
Reported-by: Lukas Zaoral
2022-03-15 12:53:45 +01:00
Kamil Dudka
4f4da0817d
new upstream release - 7.82.0
2022-03-05 11:17:52 +01:00
Kamil Dudka
cf3c14e497
enable IDN support also in libcurl-minimal
...
... as requested at fedora devel mailing-list:
https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org/thread/SH5WAIBVF7GVSKL2VPMSQKY7BB4QYEB5/
2022-02-24 09:50:19 +01:00
Zbigniew Jędrzejewski-Szmek
d768f3c814
Pull in libcurl-minimal if installing curl-minimal
...
curl-minimal has an automatically generated dependency on libcurl.so.4(), so it'd
pull in either libcurl or libcurl-minimal. Let's make the second one preferred.
$ sudo dnf install --releasever=rawhide --installroot=/var/tmp/f36-test --setopt install_weak_deps=False curl-minimal
...
Total download size: 21 M
Installed size: 64 M
$ sudo dnf install --releasever=rawhide --installroot=/var/tmp/f36-test --setopt install_weak_deps=False curl-minimal libcurl-minimal
...
Total download size: 18 M
Installed size: 57 M
2022-02-10 20:52:05 +01:00
Fedora Release Engineering
c3286199cb
- Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild
...
Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>
2022-01-20 00:08:37 +00:00
Kamil Dudka
3e801a6f9f
new upstream release - 7.81.0
2022-01-05 09:35:58 +01:00
Paul Howarth
503307b687
sshserver.pl (used in test suite) now requires the Digest::SHA perl module
2021-11-14 17:06:12 +00:00
Kamil Dudka
ef0743b641
new upstream release - 7.80.0
2021-11-10 09:03:50 +01:00
Kamil Dudka
ac00a5bac0
temporarily disable tests 300{0,1} on x86_64
...
stunnel clashes with itself
2021-10-27 13:57:07 +02:00
Kamil Dudka
94a3e807dd
Related: #2005874 - re-enable HSTS in libcurl-minimal
...
... as a security feature
2021-10-26 17:15:50 +02:00
Kamil Dudka
a0acb0cc77
Related: #2005874 - use correct bug ID in the change log
2021-10-04 12:29:42 +02:00
Kamil Dudka
d4c5b54bf3
run upstream tests for both curl-minimal and curl-full
...
As we made libcurl-minimal more minimal, it differs more from
libcurl-full and it should be tested separately. On the other
hand, the test-suite for libcurl-minimal runs faster now because
more tests are skipped.
2021-10-04 09:55:13 +02:00
Kamil Dudka
5ebead952b
Resolves : #1994521 - disable more protocols and features in libcurl-minimal
...
... to limit vulnerability exposure in case there is a CVE in curl
in some of the rarer protocols
2021-10-04 09:55:11 +02:00
Kamil Dudka
54117120e4
explicitly disable zstd while configuring curl
...
... in order to make local builds closer to what we get from Koji
2021-10-04 09:54:25 +02:00
Kamil Dudka
c2f61abc1c
curl.spec: align the lists of configure options
...
... to make it easier to extend the lists
2021-10-04 09:54:25 +02:00
Kamil Dudka
407e3960e4
new upstream release - 7.79.1
2021-09-22 09:16:36 +02:00
Kamil Dudka
e2155b2695
fix regression in http2 implementation
...
... introduced in the last release
2021-09-16 12:26:16 +02:00
Sahana Prasad
f97c73e9d7
Rebuilt with OpenSSL 3.0.0
2021-09-16 12:23:37 +02:00
Kamil Dudka
31329d9443
forgot to bump release in the previous commit
2021-09-16 08:51:26 +02:00
Kamil Dudka
25f443ae12
make SCP/SFTP tests work with openssh-8.7p1
2021-09-16 08:45:33 +02:00
Kamil Dudka
287da1ceec
temporarily disable test 1184
...
... which occasionally fails on aarch64/armv7hl Koji builders
for no apparent reason
2021-09-15 10:55:21 +02:00
Kamil Dudka
d02617d325
new upstream release - 7.79.0
...
Resolves: CVE-2021-22947 - STARTTLS protocol injection via MITM
Resolves: CVE-2021-22946 - protocol downgrade required TLS bypassed
Resolves: CVE-2021-22945 - use-after-free and double-free in MQTT sending
2021-09-15 09:09:11 +02:00
Sahana Prasad
62e2b8d564
Rebuilt with OpenSSL 3.0.0
2021-09-14 19:00:02 +02:00
Kamil Dudka
f964aefff3
make explicit dependency on openssl work with alpha/beta builds of openssl
...
Reported-by: Daniel Rusek
2021-07-23 17:15:57 +02:00
Fedora Release Engineering
adeb2cb476
- Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild
...
Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>
2021-07-21 20:15:37 +00:00
Kamil Dudka
85619bdba3
disable tests 320..322 on ppc64le where it started to hang/fail
...
... in Koji environment only. I was not able to reproduce the issues
with the fedora-rawhide-ppc64le buildroot in mock on a ppc64le machine.
2021-07-21 15:53:36 +02:00
Kamil Dudka
0ac0b6fbd1
prevent valgrind from being extremely slow
2021-07-21 12:39:45 +02:00
Kamil Dudka
c921b2c69d
remove a valgrind-related patch no longer needed
2021-07-21 12:38:15 +02:00
Kamil Dudka
ef5a5be78e
temporarily disable test 1452 on s390x
...
... where the client times out
2021-07-21 12:06:57 +02:00
Kamil Dudka
64bcb4bcc1
new upstream release - 7.78.0
...
Resolves: CVE-2021-22925 - TELNET stack contents disclosure again
Resolves: CVE-2021-22924 - bad connection reuse due to flawed path name checks
Resolves: CVE-2021-22923 - metalink download sends credentials
Resolves: CVE-2021-22922 - wrong content via metalink not discarded
2021-07-21 10:22:33 +02:00
Stewart Smith
ece67bdd2f
gpgverify source tarball
...
Signed-off-by: Stewart Smith <trawets@amazon.com>
2021-07-09 18:42:11 +00:00
Kamil Dudka
ddaf41062c
Resolves : #1967213 - build the curl tool without metalink support
...
Today curl upstream announced that they are going to completely remove
support for metalink from curl already in the next release of curl due
to a number of difficult to fix security issues:
https://curl.se/mail/archive-2021-06/0006.html
https://github.com/curl/curl/pull/7176
2021-06-02 19:55:01 +02:00
Kamil Dudka
4c89d92ee7
new upstream release - 7.77.0
...
Resolves: CVE-2021-22901 - TLS session caching disaster
Resolves: CVE-2021-22898 - TELNET stack contents disclosure
2021-05-26 09:20:35 +02:00
Kamil Dudka
4b7b124d75
Resolves : #1938699 - http2: fix resource leaks detected by Coverity
2021-05-03 17:54:40 +02:00
Kamil Dudka
bf8bb4b5b4
new upstream release - 7.76.1
2021-04-14 09:54:33 +02:00
Kamil Dudka
a0d250c162
new upstream release - 7.76.0
...
Resolves: CVE-2021-22890 - TLS 1.3 session ticket proxy host mixup
Resolves: CVE-2021-22876 - Automatic referer leaks credentials
2021-03-31 10:47:25 +02:00
Kamil Dudka
25676e54ef
replace 0104-curl-7.73.0-localhost6.patch by sed invocation
...
... to avoid conflict resolution on new upstream releases
2021-03-31 10:47:24 +02:00
Kamil Dudka
b57f5589af
fix misplaced comment in %prep from the previous commit
2021-03-24 11:17:40 +01:00
Kamil Dudka
742526c048
Resolves : #1941925 - fix SIGSEGV upon disconnect of a ldaps:// transfer
2021-03-24 11:04:10 +01:00
Kamil Dudka
bd924f90f2
build-require python3-impacket only on Fedora
...
It might not be available in RHEL or CentOS Stream build repos.
2021-02-23 22:03:03 +01:00
Kamil Dudka
d781733304
%check: use unstripped library from the build dir
...
It results in more detailed backtraces in valgrind's output.
2021-02-11 11:51:32 +01:00
Kamil Dudka
7dada590f2
new upstream release - 7.75.0
2021-02-03 09:07:33 +01:00
Kamil Dudka
1cfc0aeb3b
do not use stunnel for tests on s390x builds
...
... to avoid spurious failures
2021-01-26 15:13:50 +01:00
Fedora Release Engineering
3613691251
- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
...
Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>
2021-01-26 02:51:37 +00:00
Kamil Dudka
182c2a8bbb
do not rewrite shebangs in test-suite to use python3 explicitly
2020-12-09 18:51:40 +01:00
Kamil Dudka
c829072f9f
new upstream release - 7.74.0
...
Resolves: CVE-2020-8286 - curl: Inferior OCSP verification
Resolves: CVE-2020-8285 - libcurl: FTP wildcard stack overflow
Resolves: CVE-2020-8284 - curl: trusting FTP PASV responses
2020-12-09 11:13:15 +01:00
Paul Howarth
9ef73a22d0
Upstream moved from curl.haxx.se to curl.se
2020-11-09 12:31:52 +00:00
Kamil Dudka
3c950d5541
prevent upstream test 1451 from being skipped
2020-10-14 11:54:54 +02:00
Kamil Dudka
a15dd89aaa
new upstream release - 7.73.0
2020-10-14 10:31:57 +02:00
Paul Howarth
89714e3b24
Fix bug reference in changelog
2020-09-20 11:49:49 +01:00
Jinoh Kang
4226c316c7
Resolves: #1877671O - fix multiarch conflicts in libcurl-minimal
2020-09-10 09:45:17 +02:00
Kamil Dudka
e7a12a6b7b
new upstream release - 7.72.0
...
Resolves: CVE-2020-8231 - libcurl: wrong connect-only connection
2020-08-19 12:29:51 +02:00
Kamil Dudka
b740a1ecc6
setopt: unset NOBODY switches to GET if still HEAD
...
Reported-by: Vít Ondruch
2020-08-06 11:04:30 +02:00
Fedora Release Engineering
407d32e00a
- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
...
Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>
2020-07-27 14:52:54 +00:00
Tom Stellard
df63713984
Use make macros
...
https://fedoraproject.org/wiki/Changes/UseMakeBuildInstallMacro
2020-07-13 19:00:01 +00:00
Kamil Dudka
87d774717a
Resolves : #1833193 - curl: make the --krb option work again
2020-07-03 12:47:48 +02:00
Kamil Dudka
6071e0dd16
new upstream release - 7.71.1
2020-07-01 09:26:44 +02:00
Kamil Dudka
8c661bb9d7
new upstream release - 7.71.0
...
Resolves: CVE-2020-8169 - curl: Partial password leak over DNS on HTTP redirect
Resolves: CVE-2020-8177 - curl: overwrite local file with -J
2020-06-24 10:03:56 +02:00
Kamil Dudka
c74a58b095
Related: #1829180 - add BuildRequires for hostname
...
It is used by the test-suite but it is missing in armv7hl buildroot.
2020-05-02 10:08:32 +02:00
Kamil Dudka
ce4949188b
Related: #1829180 - temporarily disable tests 702 703 716 on armv7hl
2020-05-02 09:52:39 +02:00
Kamil Dudka
c88a6aff30
new upstream release - 7.70.0
2020-04-29 14:59:25 +02:00
Kamil Dudka
6a752013d0
Resolves : #1824926 - SSH: use new ECDSA key types to check known hosts
2020-04-20 11:34:56 +02:00
Tom Stellard
53c8c93125
Prevent discarding of -g when compiling with clang
2020-04-17 16:06:52 +00:00
Kamil Dudka
ac5c236f18
new upstream release - 7.69.1
2020-03-11 10:23:53 +01:00
Kamil Dudka
fbcad9a3a0
Resolves : #1810989 - make Flatpak work again
2020-03-09 09:54:27 +01:00
Kamil Dudka
249d0aea51
new upstream release - 7.69.0
2020-03-04 11:41:43 +01:00
Fedora Release Engineering
83181bd6d3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild
...
Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>
2020-01-28 15:11:40 +00:00
Kamil Dudka
dfb411a0a2
new upstream release - 7.68.0
2020-01-08 09:52:29 +01:00
Kamil Dudka
13f70ceee2
fix upstream release number in last two change log items
2020-01-08 09:47:26 +01:00
Kamil Dudka
d1233ad4cd
do not run test-suite through valgrind on i686 brew builds
...
The architecture is being decommissioned in Fedora, which makes it
difficult to debug valgrind failures (usually not related to curl
anyway).
2019-11-15 10:37:39 +01:00
Kamil Dudka
eeb37e29bd
Related: #1771025 - fix date in the last change log entry
2019-11-14 16:25:25 +01:00
Kamil Dudka
2298078d54
Resolves : #1771025 - fix infinite loop on upload using a glob
2019-11-14 13:57:39 +01:00
Kamil Dudka
c667b141d6
new upstream release - 7.67.0
2019-11-06 09:26:57 +01:00
Kamil Dudka
e0bf66ef6c
fix memory leaked by parse_metalink()
2019-09-13 10:18:24 +02:00
Kamil Dudka
da9af16256
new upstream release - 7.66.0
...
Resolves: CVE-2019-5481 - double free due to subsequent call of realloc()
Resolves: CVE-2019-5482 - heap buffer overflow in function tftp_receive_packet()
2019-09-12 15:20:21 +02:00
Kamil Dudka
91c50ee6d4
Resolves : #1690971 - avoid reporting spurious error in the HTTP2 framing layer
2019-08-27 18:11:29 +02:00
Kamil Dudka
8559ecc1d9
changelog: fix copy/paste error in the last entry
2019-08-01 16:41:42 +02:00
Kamil Dudka
863394fd95
improve handling of gss_init_sec_context() failures
2019-08-01 16:37:57 +02:00
Fedora Release Engineering
22186831fb
- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild
...
Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>
2019-07-24 21:21:56 +00:00
Paul Howarth
a5c984a590
new upstream release - 7.65.3
2019-07-20 12:02:57 +01:00
Kamil Dudka
6e794d5beb
new upstream release - 7.65.2
2019-07-17 10:34:24 +02:00
Kamil Dudka
901da63160
new upstream release - 7.65.1
2019-06-05 09:33:30 +02:00
Kamil Dudka
b6ccff47ac
Resolves : #1714893 - fix spurious timeout events with speed-limit
2019-05-30 15:27:58 +02:00
Kamil Dudka
3c7950da77
new upstream release - 7.65.0
...
Resolves: CVE-2019-5436 - TFTP receive buffer overflow
Resolves: CVE-2019-5435 - integer overflows in curl_url_set()
2019-05-22 10:42:26 +02:00
Kamil Dudka
9dd5d73f3b
do not treat failure of gss_init_sec_context() with --negotiate as fatal
...
This commit fixes a major incompatibility introduced in curl-7.64.1.
Bug: https://github.com/curl/curl/issues/3726
2019-05-09 10:08:03 +02:00
Paul Howarth
8fd906c559
generation of shell completions now needs more perl stuff
2019-04-05 13:38:27 +01:00
Kamil Dudka
bbad3e0a62
new upstream release - 7.64.1
2019-03-27 12:45:46 +01:00
Kamil Dudka
0ed971f14f
fix last but one change log entry
2019-03-25 12:39:00 +01:00
Kamil Dudka
7594f15bce
Related: #1690971 - remove verbose "Expire in" ... messages
2019-03-25 12:35:52 +01:00
Kamil Dudka
902ddefeb5
avoid spurious "Could not resolve host: [host name]" error messages
2019-03-21 09:39:30 +01:00
Kamil Dudka
95008127cf
Resolves : #1683676 - fix NULL dereference if flushing cookies with no CookieInfo set
2019-02-27 18:02:05 +01:00
Kamil Dudka
e97fdf9b7f
Resolves : #1680198 - prevent NetworkManager from leaking file descriptors
2019-02-25 14:24:32 +01:00