Commit Graph

595 Commits

Author SHA1 Message Date
Kamil Dudka
3c7950da77 new upstream release - 7.65.0
Resolves: CVE-2019-5436 - TFTP receive buffer overflow
Resolves: CVE-2019-5435 - integer overflows in curl_url_set()
2019-05-22 10:42:26 +02:00
Kamil Dudka
9dd5d73f3b do not treat failure of gss_init_sec_context() with --negotiate as fatal
This commit fixes a major incompatibility introduced in curl-7.64.1.

Bug: https://github.com/curl/curl/issues/3726
2019-05-09 10:08:03 +02:00
Paul Howarth
8fd906c559 generation of shell completions now needs more perl stuff 2019-04-05 13:38:27 +01:00
Kamil Dudka
bbad3e0a62 new upstream release - 7.64.1 2019-03-27 12:45:46 +01:00
Kamil Dudka
0ed971f14f fix last but one change log entry 2019-03-25 12:39:00 +01:00
Kamil Dudka
7594f15bce Related: #1690971 - remove verbose "Expire in" ... messages 2019-03-25 12:35:52 +01:00
Kamil Dudka
902ddefeb5 avoid spurious "Could not resolve host: [host name]" error messages 2019-03-21 09:39:30 +01:00
Kamil Dudka
95008127cf Resolves: #1683676 - fix NULL dereference if flushing cookies with no CookieInfo set 2019-02-27 18:02:05 +01:00
Kamil Dudka
e97fdf9b7f Resolves: #1680198 - prevent NetworkManager from leaking file descriptors 2019-02-25 14:24:32 +01:00
Kamil Dudka
9ace613273 make zsh completion work again 2019-02-11 13:22:07 +01:00
Kamil Dudka
2bdb624139 new upstream release - 7.64.0
Resolves: CVE-2019-3823 - SMTP end-of-response out-of-bounds read
Resolves: CVE-2019-3822 - NTLMv2 type-3 header stack buffer overflow
Resolves: CVE-2018-16890 - NTLM type-2 out-of-bounds buffer read
2019-02-06 09:56:05 +01:00
Kamil Dudka
3c5dec6602 prevent valgrind from reporting false positives on x86_64 2019-02-04 17:45:12 +01:00
Fedora Release Engineering
9221f774a1 - Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>
2019-01-31 16:37:02 +00:00
Kamil Dudka
1a6a3b20a6 Resolves: CVE-2018-20483 - xattr: strip credentials from any URL that is stored 2019-01-21 10:13:55 +01:00
Kamil Dudka
da8449decd replace 0001-curl-7.62.0-http-post-negotiate.patch by upstream patch 2019-01-07 12:42:06 +01:00
Kamil Dudka
32b0144f20 replace 0105-curl-7.63.0-libstubgss-ldadd.patch by upstream patch 2019-01-04 14:18:53 +01:00
Kamil Dudka
49f5a42f96 Resolves: #1658574 - curl -J: do not append to the destination file 2018-12-19 13:43:28 +01:00
Kamil Dudka
c30a9c7fdb Resolves: #1659329 - revert an upstream commit that broke fedpkg new-sources 2018-12-14 11:21:54 +01:00
Kamil Dudka
c91c27bce9 libtest: avoid symbol lookup error in libstubgss.so 2018-12-12 14:39:00 +01:00
Kamil Dudka
a94ce82de0 new upstream release - 7.63.0 2018-12-12 09:51:10 +01:00
Kamil Dudka
34a4d8f848 new upstream release - 7.62.0
Resolves: CVE-2018-16839 - SASL password overflow via integer overflow
Resolves: CVE-2018-16840 - use-after-free in handle close
Resolves: CVE-2018-16842 - warning message out-of-buffer read
2018-10-31 12:47:56 +01:00
Kamil Dudka
9be316eea1 enable TLS 1.3 post-handshake auth in OpenSSL
Bug: https://github.com/curl/curl/pull/3027
2018-10-11 16:16:32 +02:00
Kamil Dudka
2346b66a23 update the documentation of --tlsv1.0 in curl(1) man page 2018-10-11 16:16:18 +02:00
Kamil Dudka
800bb58ef3 Resolves: #1631804 - enforce versioned libpsl dependency for libcurl 2018-10-05 13:59:35 +02:00
Kamil Dudka
84125cbefe test320: update expected output for gnutls-3.6.4 2018-10-05 13:41:48 +02:00
Kamil Dudka
ece57c4aa4 Related: #1622594 - drop 0105-curl-7.61.0-tests-ssh-keygen.patch no longer needed 2018-10-04 15:37:53 +02:00
Kamil Dudka
20b63790e4 new upstream release - 7.61.1
Resolves: CVE-2018-14618 - NTLM password overflow via integer overflow
2018-09-05 10:03:29 +02:00
Kamil Dudka
e7b6b91818 make the --tls13-ciphers option work 2018-09-04 15:48:11 +02:00
Kamil Dudka
8bff7e0d6b Related: #1622594 - tests: make ssh-keygen always produce PEM format
The default format produced by openssh-7.8p1 cannot be consumed
by currently available versions of libssh and libssh2.
2018-08-27 16:55:32 +02:00
Kamil Dudka
023b327acc Resolves: #1595135 - scp/sftp: fix infinite connect loop on invalid private key 2018-08-15 13:57:06 +02:00
Kamil Dudka
178b0fc823 Resolves: #1219544 - ssl: set engine implicitly when a PKCS#11 URI is provided 2018-08-09 15:35:59 +02:00
Kamil Dudka
35134a4aee Related: #1610888 - relax crypto policy for the test-suite to make it pass again 2018-08-07 16:56:26 +02:00
Kamil Dudka
3fb6e23557 disable flaky test 1900, which covers deprecated HTTP pipelining
See https://github.com/curl/curl/pull/2705 for details.
2018-07-31 10:42:03 +02:00
Kamil Dudka
85286dc2b3 adapt test 323 for updated OpenSSL 2018-07-31 10:33:53 +02:00
Kamil Dudka
bcdea58703 temporarily disable test 582 on s390x (client times out) 2018-07-13 13:47:08 +02:00
Fedora Release Engineering
072eac2fb6 - Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>
2018-07-12 22:28:24 +00:00
Kamil Dudka
a89a46eca8 new upstream release - 7.61.0
Resolves: CVE-2018-0500 - SMTP send heap buffer overflow
2018-07-11 14:19:28 +02:00
Kamil Dudka
d41d215108 disable test 1455, which occasionally fails in Koji
... with 'bind failed with errno 98: Address already in use'
2018-07-10 15:16:40 +02:00
Kamil Dudka
9f5f0d1189 enable support for brotli compression in libcurl-full 2018-07-10 13:51:08 +02:00
Kamil Dudka
befa5428f0 do not hard-wire path of the Python 3 interpreter 2018-07-04 15:20:51 +02:00
Kamil Dudka
4f55f71cfe Related: #1570246 - enable vlagrind again
This reverts commit e51a34d6cc.
2018-07-04 15:15:24 +02:00
Kamil Dudka
e51a34d6cc Related: #1570246 - temporarily disable valgrind completely
... and revert the previous workaround, which does not work on Koji
2018-05-16 15:58:58 +02:00
Kamil Dudka
09c874db53 require glibc-debuginfo for valgrind-enabled build
... as suggested by valgrind itself:

valgrind:  Fatal error at startup: a function redirection
valgrind:  which is mandatory for this platform-tool combination
valgrind:  cannot be set up.  Details of the redirection are:
valgrind:
valgrind:  A must-be-redirected function
valgrind:  whose name matches the pattern:      strlen
valgrind:  in an object with soname matching:   ld-linux-x86-64.so.2
valgrind:  was not found whilst processing
valgrind:  symbols from the object with soname: ld-linux-x86-64.so.2
valgrind:
valgrind:  Possible fixes: (1, short term): install glibc's debuginfo
valgrind:  package on this machine.  (2, longer term): ask the packagers
valgrind:  for your Linux distribution to please in future ship a non-
valgrind:  stripped ld.so (or whatever the dynamic linker .so is called)
valgrind:  that exports the above-named function using the standard
valgrind:  calling conventions for this platform.  The package you need
valgrind:  to install for fix (1) is called
valgrind:
valgrind:    On Debian, Ubuntu:                 libc6-dbg
valgrind:    On SuSE, openSuSE, Fedora, RHEL:   glibc-debuginfo
valgrind:
valgrind:  Note that if you are debugging a 32 bit process on a
valgrind:  64 bit system, you will need a corresponding 32 bit debuginfo
valgrind:  package (e.g. libc6-dbg:i386).
valgrind:
valgrind:  Cannot continue -- exiting now.  Sorry.
2018-05-16 15:23:55 +02:00
Kamil Dudka
5a0fa9250b new upstream release, which fixes the following vulnerabilities
Resolves: CVE-2018-1000300 - FTP shutdown response buffer overflow
Resolves: CVE-2018-1000301 - RTSP bad headers buffer over-read
2018-05-16 15:02:28 +02:00
Kamil Dudka
a1b38730ce make the test-suite use Python 3
Unfortunately, smbserver.py does not work with Python 3 because
there is no 'impacket' module available for Python 3:

https://github.com/CoreSecurity/impacket/issues/61
2018-03-15 15:43:07 +01:00
Kamil Dudka
6402b496fc ftp: fix typo in recursive callback detection for seeking 2018-03-14 14:43:54 +01:00
Kamil Dudka
bdef0a1bf6 new upstream release - 7.59.0
Resolves: CVE-2018-1000120 - FTP path trickery leads to NIL byte out of bounds write
Resolves: CVE-2018-1000121 - LDAP NULL pointer dereference
Resolves: CVE-2018-1000122 - RTSP RTP buffer over-read
2018-03-14 10:28:05 +01:00
Kamil Dudka
43b81665b0 http2: mark the connection for close on GOAWAY 2018-03-12 10:28:21 +01:00
Paul Howarth
bdc6ab544b Robustness improvements to spec file
- Add explicity-used build requirements
- Fix libcurl soname version number in %files list to avoid accidental soname
  bumps
2018-02-19 10:10:12 +00:00
Paul Howarth
a16f4de7a2 Update scriptlets, enforce versioned libssh dependency
- switch to %ldconfig_scriptlets
- drop legacy BuildRoot: and Group: tags
- enforce versioned libssh dependency for libcurl
2018-02-15 09:57:54 +00:00
Igor Gnatenko
5012445aca Remove BuildRoot definition
None of currently supported distributions need that.
It was needed last for EL5 which is EOL now

Signed-off-by: Igor Gnatenko <ignatenkobrain@fedoraproject.org>
2018-02-13 23:11:49 +01:00
Kamil Dudka
960515d8a1 Related: #1540549 - drop temporary workaround for the GCC bug 2018-02-13 10:33:16 +01:00
Fedora Release Engineering
1bbb30f4f6 - Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild
Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>
2018-02-07 06:08:47 +00:00
Kamil Dudka
b76e2f2c65 Related: #1540549 - use the workaround for f28 only
... so that it does not break the build with old versions of GCC
2018-02-01 14:05:00 +01:00
Kamil Dudka
bf966a954e Related: #1540549 - temporarily work around internal compiler error on x86_64 2018-02-01 12:55:07 +01:00
Kamil Dudka
3ad2894efb disable brp-ldconfig to make RemovePathPostfixes work
... with shared libraries again

Suggested at:
https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org/message/54Y4DZXHYSDXJDHJTBTBYLXC7OJ73JDU/
2018-01-31 14:44:06 +01:00
Andreas Schneider
cbbefe6fb9 Resolves: #1531483 - use libssh (instead of libssh2)
... to implement SCP/SFTP in libcurl
2018-01-24 18:06:50 +01:00
Kamil Dudka
93c55561d3 new upstream release - 7.58.0
Resolves: CVE-2018-1000005 - curl: HTTP/2 trailer out-of-bounds read
Resolves: CVE-2018-1000007 - curl: HTTP authentication leak in redirects
2018-01-24 11:55:14 +01:00
Kamil Dudka
ed352e927e new upstream release - 7.57.0
Resolves: CVE-2017-8816 - curl: NTLM buffer overflow via integer overflow
Resolves: CVE-2017-8817 - curl: FTP wildcard out of bounds read
Resolves: CVE-2017-8818 - curl: SSL out of buffer access
2017-11-29 14:03:21 +01:00
Kamil Dudka
5d4a9257c3 new upstream release - 7.56.1 (fixes CVE-2017-1000257) 2017-10-23 10:13:16 +02:00
Kamil Dudka
c4a2596b22 re-enable temporarily disabled IDN2 test-cases
test2033 is now marked flaky by upstream, so it does not need
to explicitly disabled any more
2017-10-04 10:00:50 +02:00
Kamil Dudka
46c8abb050 new upstream release - 7.56.0 (fixes CVE-2017-1000254) 2017-10-04 09:36:05 +02:00
Kamil Dudka
b2dab7f315 Resolves: #1485702 - apply the patch for the previous commit and fix its name 2017-08-28 13:40:42 +02:00
Bastien Nocera
57a73689a9 + curl-7.55.1-4
Fix NetworkManager connectivity check not working (#1485702)
2017-08-28 13:26:23 +02:00
Kamil Dudka
0480ac07c5 Resolves: #1483972 - utilize system wide crypto policies for TLS 2017-08-22 17:39:58 +02:00
Kamil Dudka
8eae4647c3 make zsh completion work again 2017-08-15 12:34:08 +02:00
Kamil Dudka
019e1c424c new upstream release - 7.55.1 2017-08-14 09:39:22 +02:00
Kamil Dudka
a12eed4ad5 avoid int overflow on arches with 32bit long
Bug: https://github.com/curl/curl/pull/1748
2017-08-09 14:34:27 +02:00
Kamil Dudka
46ef14b039 add BR for gnutls-utils to increase test coverage 2017-08-09 13:48:21 +02:00
Kamil Dudka
8e0d8e3815 add tests/{dictserver,negtelnetserver}.py
... not included in EXTRA_DIST: https://github.com/curl/curl/pull/1744
2017-08-09 12:36:41 +02:00
Kamil Dudka
ffdd721180 explicitly install libcurl man pages 2017-08-09 11:47:30 +02:00
Kamil Dudka
574639b8f6 drop multilib fix for libcurl header files no longer needed 2017-08-09 11:34:32 +02:00
Kamil Dudka
46042daf78 new upstream release - 7.55.0
Resolves: CVE-2017-1000099 - FILE buffer read out of bounds
Resolves: CVE-2017-1000100 - TFTP sends more than buffer size
Resolves: CVE-2017-1000101 - URL globbing out of bounds read
2017-08-09 10:52:10 +02:00
Fedora Release Engineering
0aa4c628e2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild 2017-08-02 19:22:27 +00:00
Florian Weimer
4af228aa7a Rebuild with fixed binutils (#1475636) 2017-07-28 21:15:25 +02:00
Igor Gnatenko
6ec12398a3 Enable separate debuginfo back
Signed-off-by: Igor Gnatenko <ignatenkobrain@fedoraproject.org>
2017-07-28 19:43:57 +02:00
Kamil Dudka
a042788c8a rebuild to fix broken linkage of cmake on ppc64le 2017-07-27 10:02:53 +02:00
Kamil Dudka
03b8614ff6 avoid build failure caused broken RPM code
... that produces debuginfo packages

Bug: https://github.com/rpm-software-management/rpm/issues/280
2017-07-26 16:48:08 +02:00
Fedora Release Engineering
44f7d8692a - Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild 2017-07-26 05:48:14 +00:00
Kamil Dudka
18e7a55066 Resolves: #1462184 - enforce versioned openssl-libs dependency for libcurl 2017-06-19 14:28:19 +02:00
Kamil Dudka
0aa20e6c92 new upstream release - 7.54.1 2017-06-14 10:50:24 +02:00
Kamil Dudka
e4d662f774 add *-full provides for curl and libcurl
... to make them explicitly installable
2017-05-16 13:28:03 +02:00
Kamil Dudka
f7041f17bf make curl-minimal require a new enough version of libcurl
At the same time relax the dependency of curl on libcurl to support
running old curl on top of new libcurl but not vice versa.
2017-05-04 12:42:41 +02:00
Kamil Dudka
3be7c46fde Resolves: #1445153 - switch the TLS backend back to OpenSSL 2017-04-27 10:42:34 +02:00
Kamil Dudka
9549974a4c nss: use libnssckbi.so as the default source of trust
See https://github.com/curl/curl/pull/1414 for details.
2017-04-25 18:47:15 +02:00
Kamil Dudka
1e77c47734 Resolves: #1444860 - nss: do not leak PKCS #11 slot while loading a key 2017-04-25 18:37:35 +02:00
Kamil Dudka
0f99fceebe new upstream release - 7.54.0 (fixes CVE-2017-7468) 2017-04-20 09:09:40 +02:00
Paul Howarth
db1a758364 add %post and %postun scriptlets for libcurl-minimal
also:
- libcurl-minimal provides both libcurl and libcurl%{?_isa}
- remove some legacy spec file cruft
2017-04-13 11:59:46 +01:00
Kamil Dudka
9b62c3eaeb provide (lib)curl-minimal subpackages with lightweight build of (lib)curl
Discussed at:
https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org/message/CBIGRS63BCULMZBU7O4KBIKDWZZKA7OV/
2017-04-13 08:15:22 +02:00
Kamil Dudka
0d44d984ff bump release number 2017-04-10 13:55:52 +02:00
Kamil Dudka
a5dd610a20 disable upstream test 2033 (flaky test for HTTP/1 pipelining) 2017-04-10 13:32:42 +02:00
Kamil Dudka
d469b84593 Resolves: CVE-2017-7407 - fix out of bounds read in curl --write-out 2017-04-07 12:13:07 +02:00
Kamil Dudka
4832a02ce4 Resolves: #1428550 - make the dependency on nss-pem arch-specific 2017-03-06 10:30:12 +01:00
Kamil Dudka
c870f5feb8 Related: #1428286 - re-enable valgrind on ix86 because sqlite is fixed 2017-03-02 16:54:10 +01:00
Kamil Dudka
c1fbf35cce new upstream release - 7.53.1 2017-02-24 10:51:31 +01:00
Kamil Dudka
efea9223f3 do not use valgrind on i686 until sqlite is rebuilt
... by patched GCC (#1423434)
2017-02-22 12:17:41 +01:00
Kamil Dudka
8afeb9390f new upstream release - 7.53.0 (fixes CVE-2017-2629) 2017-02-22 10:32:55 +01:00
Fedora Release Engineering
9ec0774d38 - Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild 2017-02-10 08:05:00 +00:00
Kamil Dudka
00369df034 new upstream release - 7.52.1 (fixes CVE-2016-9586) 2016-12-23 10:06:25 +01:00
Kamil Dudka
c38149da81 Resolves: #1396719 - map CURL_SSLVERSION_DEFAULT to NSS default, add support for TLS 1.3 2016-11-21 09:54:16 +01:00
Kamil Dudka
40b1d9916f stricter host name checking for file:// URLs 2016-11-15 18:40:23 +01:00
Kamil Dudka
2856bdf841 ssh: check md5 fingerprints case insensitively 2016-11-15 18:34:21 +01:00
Kamil Dudka
c8e1922952 temporarily disable failing libidn2 test-cases 2016-11-02 11:14:11 +01:00
Kamil Dudka
5169cd3899 new upstream release - 7.51.0
Resolves: CVE-2016-8615 - Cookie injection for other servers
Resolves: CVE-2016-8616 - Case insensitive password comparison
Resolves: CVE-2016-8617 - Out-of-bounds write via unchecked multiplication
Resolves: CVE-2016-8618 - Double-free in curl_maprintf
Resolves: CVE-2016-8619 - Double-free in krb5 code
Resolves: CVE-2016-8620 - Glob parser write/read out of bounds
Resolves: CVE-2016-8621 - curl_getdate out-of-bounds read
Resolves: CVE-2016-8622 - URL unescape heap overflow via integer truncation
Resolves: CVE-2016-8623 - Use-after-free via shared cookies
Resolves: CVE-2016-8624 - Invalid URL parsing with '#'
Resolves: CVE-2016-8625 - IDNA 2003 makes curl use wrong host
2016-11-02 11:12:40 +01:00
Kamil Dudka
837f1f0f4e drop 0103-curl-7.50.0-stunnel.patch no longer needed
It paralyzes the test-suite on systems with ancient versions of stunnel.
2016-10-20 13:39:29 +02:00
Kamil Dudka
6aadc8e2a0 use the just built version of libcurl while generating zsh completion 2016-10-07 12:23:18 +02:00
Kamil Dudka
b552e5528d new upstream release - 7.50.3 (fixes CVE-2016-7167) 2016-09-14 10:50:47 +02:00
Kamil Dudka
1db8ad8d42 new upstream release - 7.50.2 2016-09-07 10:33:38 +02:00
Kamil Dudka
165cb33f0a work around race condition in PK11_FindSlotByName()
Bug: https://bugzilla.mozilla.org/1297397
2016-08-26 15:48:18 +02:00
Kamil Dudka
0f6a97db34 Related: CVE-2016-5420 - fix incorrect use of a previously loaded certificate from file 2016-08-26 15:48:07 +02:00
Kamil Dudka
2fd0a39aee new upstream release - 7.50.1
Resolves: CVE-2016-5419 CVE-2016-5420 CVE-2016-5421
2016-08-03 10:10:39 +02:00
Kamil Dudka
1b9369d1bf run HTTP/2 tests on all arches (#1360319 worked around in nghttp2)
Revert "run HTTP/2 tests only on Intel for now"

This reverts commit 99b64f5ec2.
2016-07-26 17:12:54 +02:00
Kamil Dudka
99b64f5ec2 run HTTP/2 tests only on Intel for now
... to work around #1358845
2016-07-21 17:21:41 +02:00
Kamil Dudka
9b1375c118 require nss-pem no longer included in the nss package (#1347336) 2016-07-21 16:36:33 +02:00
Kamil Dudka
518559f4a0 fix HTTPS and FTPS tests (work around stunnel bug #1358810) 2016-07-21 16:33:22 +02:00
Kamil Dudka
f4e76c10cd add BR for nghttp2 used by the upstream test-suite 2016-07-21 14:09:11 +02:00
Kamil Dudka
90cc80745a import needed files missing in the upstream tarball 2016-07-21 14:08:30 +02:00
Kamil Dudka
bed70046cf new upstream release - 7.50.0 2016-07-21 11:32:21 +02:00
Kamil Dudka
83e65ab057 use multilib-rpm-config to install arch-dependent header files 2016-06-17 17:49:49 +02:00
Kamil Dudka
81483e8ea1 drop a test-suite quirk already applied upstream
https://github.com/curl/curl/commit/effa575f
2016-06-15 14:50:58 +02:00
Kamil Dudka
ed398dec4b Resolves: #1340757 - fix SIGSEGV of the curl tool
... while parsing URL with too many globs
2016-06-03 13:27:18 +02:00
Kamil Dudka
baeb46456e new upstream release - 7.49.1 2016-05-30 09:28:06 +02:00
Kamil Dudka
84382c927b prevent test1140 from failing
... by locally creating docs/libcurl/curl_multi_socket_all.3
2016-05-18 19:29:28 +02:00
Kamil Dudka
1e7c2958aa include manpage-scan.pl nroff-scan.pl to fix tests 1139 and 1140
Upstream-commit: 54e4c6c396a9987f4232c73b5b4d31c01b16f8ae
2016-05-18 19:29:28 +02:00
Kamil Dudka
9a03eb6087 new upstream release - 7.49.0 2016-05-18 19:29:26 +02:00
Kamil Dudka
b041400317 new upstream release - 7.48.0 2016-03-23 13:11:48 +01:00
Kamil Dudka
e2daf98253 Resolves: #1308791 - do not refuse cookies for localhost 2016-03-03 00:42:56 +01:00
Kamil Dudka
e57a741556 make SCP and SFTP test-cases work with up2date OpenSSH 2016-02-17 13:08:22 +01:00
Kamil Dudka
1e7ba88548 Resolves: #1305701 - enable support for Public Suffix List 2016-02-10 18:54:34 +01:00
Kamil Dudka
127274be95 new upstream release - 7.47.1 2016-02-08 12:30:15 +01:00
Dennis Gilmore
5af23e27ef - Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild 2016-02-03 18:21:15 +00:00
Paul Howarth
ec00e90a49 Prefer %global over %define 2016-02-02 11:32:20 +00:00
Kamil Dudka
40933f3c05 new upstream release - 7.47.0 (fixes CVE-2016-0755) 2016-01-27 09:20:36 +01:00
Kamil Dudka
92a4396c47 Resolves: #1288529 - own /usr/share/zsh/site-functions
... instead of requiring zsh
2015-12-04 15:41:44 +01:00
Kamil Dudka
7c41b922e3 disable silent builds
Suggested-by: Paul Howarth
2015-12-02 13:37:59 +01:00
Kamil Dudka
7ee26673d3 use default port numbers when running the upstream test-suite 2015-12-02 13:17:27 +01:00
Kamil Dudka
638c8f1abc install zsh completion script 2015-12-02 12:43:14 +01:00
Kamil Dudka
62fef86fa4 new upstream release - 7.46.0 2015-12-02 10:51:11 +01:00
Paul Howarth
b1cf0d53ef new upstream release - 7.45.0 2015-10-07 14:43:06 +01:00
Kamil Dudka
1dcbbd628a Resolves: #1104597 - prevent NSS from incorrectly re-using a session 2015-09-18 18:13:13 +02:00
Kamil Dudka
8b89049610 better explain the conditional BR on valgrind 2015-08-27 16:06:46 +02:00
Kamil Dudka
bfaeb9dd10 new upstream release - 7.44.0 2015-08-12 12:05:13 +02:00
Kamil Dudka
c6f2e7c0fe Resolves: #1248389 - prevent dnf from crashing when using both FTP and HTTP 2015-07-30 15:27:33 +02:00
Kamil Dudka
cdae22a40d test1801: completely disable the test-case
Bug: https://github.com/bagder/curl/commit/21e82bd6#commitcomment-12226582
2015-07-17 16:36:36 +02:00
Kamil Dudka
ad3e87c230 test1801: temporarily disable failing data check 2015-07-17 14:48:53 +02:00
Kamil Dudka
e40065e6ae build support for the HTTP/2 protocol 2015-07-16 13:31:08 +02:00
Kamil Dudka
712c550596 new upstream release - 7.43.0 (fixes CVE-2015-3236 and CVE-2015-3237) 2015-06-17 16:25:33 +02:00
Dennis Gilmore
a21f0d7f44 - Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild 2015-06-17 03:33:56 +00:00
Kamil Dudka
88ed685bb7 Resolves: #1228363 - curl-config --libs now works on x86_64
... without libcurl-devel.x86_64
2015-06-05 13:23:20 +02:00
Kamil Dudka
d60ef0c155 new upstream release - 7.42.1 (fixes CVE-2015-3153) 2015-04-29 09:51:18 +02:00
Kamil Dudka
1307476790 do not run flaky test-cases in %check 2015-04-22 15:45:07 +02:00
Kamil Dudka
54e48b0348 Resolves: #1195771 - implement public key pinning for NSS backend 2015-04-22 15:01:09 +02:00
Kamil Dudka
167643f9ce new upstream release - 7.42.0
Fixes CVE-2015-3143, CVE-2015-3144, CVE-2015-3145, and CVE-2015-3148.
2015-04-22 12:40:08 +02:00
Kamil Dudka
094e8186a4 drop 0106-curl-7.36.0-libssh2-valgrind.patch
... which is already included upstream since curl-7_35_0-269-g02bba0c
2015-02-25 14:00:41 +01:00
Kamil Dudka
e286d38a5f include extern-scan.pl to make test1135 succeed
Upstream-commit: 1514b718e3e5ea08acd1816464809de49a211f38
2015-02-25 12:23:44 +01:00
Kamil Dudka
012235acc8 new upstream release - 7.41.0 2015-02-25 10:39:43 +01:00
Kamil Dudka
8357e0ea3e Resolves: #1187531 - fix a spurious connect failure on dual-stacked hosts 2015-02-23 13:46:07 +01:00
Till Maas
75e18c5969 Rebuilt for Fedora 23 Change
https://fedoraproject.org/wiki/Changes/Harden_all_packages_with_position-independent_code
2015-02-21 21:22:45 +01:00
Kamil Dudka
352eca18a1 add BR for python to enable tests 1900 - 1903 2015-01-08 12:44:54 +01:00
Kamil Dudka
29b64c7221 new upstream release - 7.40.0 (fixes CVE-2014-8150) 2015-01-08 11:28:17 +01:00
Kamil Dudka
5cb97168a8 new upstream release - 7.39.0 (fixes CVE-2014-3707) 2014-11-05 10:58:01 +01:00
Kamil Dudka
724cf4a6d4 fix a connection failure when FTPS handle is reused 2014-10-21 12:18:12 +02:00
Kamil Dudka
0d94c479b6 new upstream release - 7.38.0 (fixes CVE-2014-3613 and CVE-2014-3620) 2014-09-10 15:35:01 +02:00
Peter Robinson
acdb7eec10 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild 2014-08-16 01:56:30 +00:00
Rex Dieter
6ee86949ea include arch'd Requires/Provides 2014-08-13 08:15:17 -05:00
Kamil Dudka
8490cd97fe Resolves: #1118751 - fix endless loop with GSSAPI proxy auth 2014-07-16 18:17:54 +02:00
Kamil Dudka
d996cc7137 new upstream release - 7.37.1 2014-07-16 17:53:43 +02:00
Tom Callaway
2aebfc699c fix license handling 2014-07-11 17:11:42 -04:00
Kamil Dudka
ff02afad2f various SSL-related fixes (mainly crash on connection failure) 2014-07-04 16:27:42 +02:00
Dennis Gilmore
0a86866820 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild 2014-06-07 01:30:59 -05:00
Kamil Dudka
69703f0045 new upstream release - 7.37.0 2014-05-21 10:42:01 +02:00
Kamil Dudka
8b3cb24b84 Resolves: #1093348 - auth failure on duplicated 'WWW-Authenticate: Negotiate' header 2014-05-09 23:43:40 +02:00
Kamil Dudka
0f6b1efb14 nss: implement non-blocking SSL handshake 2014-04-25 17:36:51 +02:00
Kamil Dudka
3f180252f8 extend URL parser to support IPv6 zone identifiers (#680996) 2014-04-02 15:25:45 +02:00
Kamil Dudka
e4d3e72cd6 adapt tests 815 and 816 such that they work with the fix for CVE-2014-0138 2014-03-26 23:43:07 +01:00
Kamil Dudka
4bddb2814c new upstream release - 7.36.0 (fixes CVE-2014-0138) 2014-03-26 08:55:38 +01:00
Paul Howarth
e9708b37b5 add all perl build requirements for the test suite, in a portable way 2014-03-17 18:33:11 +00:00
Kamil Dudka
381114ce83 add BR for perl-Digest-MD5, which is required by the test-suite 2014-03-17 15:32:33 +01:00
Kamil Dudka
1128c2bd9a Resolves: #1072273 - avoid spurious failure of test1086 on s390(x) koji builders 2014-03-05 15:17:57 +01:00
Kamil Dudka
dee4c8342e Resolves: #1068967 - refresh expired cookie in test172 from upstream test-suite 2014-02-25 12:50:11 +01:00
Kamil Dudka
65da26b4ab new upstream release - 7.35.0 (fixes CVE-2014-0015) 2014-01-29 10:27:37 +01:00
Kamil Dudka
6ad1a46051 use --enable-symbol-hiding instead of --enable-hidden-symbols
... which is said to be deprecated
2014-01-14 14:46:12 +01:00
Kamil Dudka
a16bdb8ecc new upstream release - 7.34.0 2013-12-18 16:49:47 +01:00
Kamil Dudka
4a73ffdc43 allow to use TLS > 1.0 if built against recent NSS 2013-12-02 16:24:33 +01:00
Kamil Dudka
0831955018 fix missing initialization in SSH code
... causing test 619 to fail
2013-10-21 19:34:24 +02:00
Kamil Dudka
787e73101d fix missing initialization in NTLM code
... causing test 906 to fail
2013-10-18 18:37:29 +02:00
Kamil Dudka
b98b240818 test906: Fixed failing test on some platforms 2013-10-16 19:37:22 +02:00
Kamil Dudka
7b8437e3a1 new upstream release - 7.33.0
FIXME: test906 fails if compiled against NSS
2013-10-15 00:09:48 +02:00
Kamil Dudka
4ae7271a09 do not limit the speed of SCP upload on a fast connection 2013-10-11 14:17:13 +02:00
Kamil Dudka
d26889345a avoid delay if FTP is aborted in CURLOPT_HEADERFUNCTION callback (#1005686) 2013-09-09 13:40:57 +02:00
Paul Howarth
159ba1a770 no need to remove manpage for mk-ca-bundle as it's no longer installed 2013-08-12 15:22:55 +01:00
Kamil Dudka
1e8099ab00 nss: make sure that NSS is initialized
... prior to calling PK11_GenerateRandom()
2013-08-12 15:24:36 +02:00
Kamil Dudka
c12a28f9b8 new upstream release - 7.32.0 2013-08-12 14:01:19 +02:00
Dennis Gilmore
786f95d7bd - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild 2013-08-03 01:25:16 -05:00
Kamil Dudka
233f010767 mention all option listed in 'curl --help' in curl.1 man page 2013-07-09 16:05:20 +02:00
Kamil Dudka
ad17697486 restore the functionality of 'curl -u :' 2013-07-01 11:42:49 +02:00
Kamil Dudka
05df56af61 make the curl tool link SSL libraries also used by src/tool_metalink.c 2013-06-26 18:09:08 +02:00
Kamil Dudka
82daaf7e98 build the curl tool with metalink support 2013-06-26 18:09:08 +02:00
Kamil Dudka
c5085749c3 rename patches to reflect the curl version they apply to 2013-06-26 18:05:26 +02:00
Kamil Dudka
5ebb52d092 test1230: avoid using hard-wired port number 2013-06-22 22:19:59 +02:00