Commit Graph

530 Commits

Author SHA1 Message Date
Kamil Dudka
a15dd89aaa new upstream release - 7.73.0 2020-10-14 10:31:57 +02:00
Paul Howarth
89714e3b24 Fix bug reference in changelog 2020-09-20 11:49:49 +01:00
Jinoh Kang
4226c316c7 Resolves: #1877671O - fix multiarch conflicts in libcurl-minimal 2020-09-10 09:45:17 +02:00
Kamil Dudka
e7a12a6b7b new upstream release - 7.72.0
Resolves: CVE-2020-8231 - libcurl: wrong connect-only connection
2020-08-19 12:29:51 +02:00
Kamil Dudka
b740a1ecc6 setopt: unset NOBODY switches to GET if still HEAD
Reported-by: Vít Ondruch
2020-08-06 11:04:30 +02:00
Fedora Release Engineering
407d32e00a - Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>
2020-07-27 14:52:54 +00:00
Tom Stellard
df63713984 Use make macros
https://fedoraproject.org/wiki/Changes/UseMakeBuildInstallMacro
2020-07-13 19:00:01 +00:00
Kamil Dudka
87d774717a Resolves: #1833193 - curl: make the --krb option work again 2020-07-03 12:47:48 +02:00
Kamil Dudka
6071e0dd16 new upstream release - 7.71.1 2020-07-01 09:26:44 +02:00
Kamil Dudka
8c661bb9d7 new upstream release - 7.71.0
Resolves: CVE-2020-8169 - curl: Partial password leak over DNS on HTTP redirect
Resolves: CVE-2020-8177 - curl: overwrite local file with -J
2020-06-24 10:03:56 +02:00
Kamil Dudka
c74a58b095 Related: #1829180 - add BuildRequires for hostname
It is used by the test-suite but it is missing in armv7hl buildroot.
2020-05-02 10:08:32 +02:00
Kamil Dudka
ce4949188b Related: #1829180 - temporarily disable tests 702 703 716 on armv7hl 2020-05-02 09:52:39 +02:00
Kamil Dudka
c88a6aff30 new upstream release - 7.70.0 2020-04-29 14:59:25 +02:00
Kamil Dudka
6a752013d0 Resolves: #1824926 - SSH: use new ECDSA key types to check known hosts 2020-04-20 11:34:56 +02:00
Tom Stellard
53c8c93125 Prevent discarding of -g when compiling with clang 2020-04-17 16:06:52 +00:00
Kamil Dudka
ac5c236f18 new upstream release - 7.69.1 2020-03-11 10:23:53 +01:00
Kamil Dudka
fbcad9a3a0 Resolves: #1810989 - make Flatpak work again 2020-03-09 09:54:27 +01:00
Kamil Dudka
249d0aea51 new upstream release - 7.69.0 2020-03-04 11:41:43 +01:00
Fedora Release Engineering
83181bd6d3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild
Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>
2020-01-28 15:11:40 +00:00
Kamil Dudka
dfb411a0a2 new upstream release - 7.68.0 2020-01-08 09:52:29 +01:00
Kamil Dudka
13f70ceee2 fix upstream release number in last two change log items 2020-01-08 09:47:26 +01:00
Kamil Dudka
d1233ad4cd do not run test-suite through valgrind on i686 brew builds
The architecture is being decommissioned in Fedora, which makes it
difficult to debug valgrind failures (usually not related to curl
anyway).
2019-11-15 10:37:39 +01:00
Kamil Dudka
eeb37e29bd Related: #1771025 - fix date in the last change log entry 2019-11-14 16:25:25 +01:00
Kamil Dudka
2298078d54 Resolves: #1771025 - fix infinite loop on upload using a glob 2019-11-14 13:57:39 +01:00
Kamil Dudka
c667b141d6 new upstream release - 7.67.0 2019-11-06 09:26:57 +01:00
Kamil Dudka
e0bf66ef6c fix memory leaked by parse_metalink() 2019-09-13 10:18:24 +02:00
Kamil Dudka
da9af16256 new upstream release - 7.66.0
Resolves: CVE-2019-5481 - double free due to subsequent call of realloc()
Resolves: CVE-2019-5482 - heap buffer overflow in function tftp_receive_packet()
2019-09-12 15:20:21 +02:00
Kamil Dudka
91c50ee6d4 Resolves: #1690971 - avoid reporting spurious error in the HTTP2 framing layer 2019-08-27 18:11:29 +02:00
Kamil Dudka
8559ecc1d9 changelog: fix copy/paste error in the last entry 2019-08-01 16:41:42 +02:00
Kamil Dudka
863394fd95 improve handling of gss_init_sec_context() failures 2019-08-01 16:37:57 +02:00
Fedora Release Engineering
22186831fb - Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild
Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>
2019-07-24 21:21:56 +00:00
Paul Howarth
a5c984a590 new upstream release - 7.65.3 2019-07-20 12:02:57 +01:00
Kamil Dudka
6e794d5beb new upstream release - 7.65.2 2019-07-17 10:34:24 +02:00
Kamil Dudka
901da63160 new upstream release - 7.65.1 2019-06-05 09:33:30 +02:00
Kamil Dudka
b6ccff47ac Resolves: #1714893 - fix spurious timeout events with speed-limit 2019-05-30 15:27:58 +02:00
Kamil Dudka
3c7950da77 new upstream release - 7.65.0
Resolves: CVE-2019-5436 - TFTP receive buffer overflow
Resolves: CVE-2019-5435 - integer overflows in curl_url_set()
2019-05-22 10:42:26 +02:00
Kamil Dudka
9dd5d73f3b do not treat failure of gss_init_sec_context() with --negotiate as fatal
This commit fixes a major incompatibility introduced in curl-7.64.1.

Bug: https://github.com/curl/curl/issues/3726
2019-05-09 10:08:03 +02:00
Paul Howarth
8fd906c559 generation of shell completions now needs more perl stuff 2019-04-05 13:38:27 +01:00
Kamil Dudka
bbad3e0a62 new upstream release - 7.64.1 2019-03-27 12:45:46 +01:00
Kamil Dudka
0ed971f14f fix last but one change log entry 2019-03-25 12:39:00 +01:00
Kamil Dudka
7594f15bce Related: #1690971 - remove verbose "Expire in" ... messages 2019-03-25 12:35:52 +01:00
Kamil Dudka
902ddefeb5 avoid spurious "Could not resolve host: [host name]" error messages 2019-03-21 09:39:30 +01:00
Kamil Dudka
95008127cf Resolves: #1683676 - fix NULL dereference if flushing cookies with no CookieInfo set 2019-02-27 18:02:05 +01:00
Kamil Dudka
e97fdf9b7f Resolves: #1680198 - prevent NetworkManager from leaking file descriptors 2019-02-25 14:24:32 +01:00
Kamil Dudka
9ace613273 make zsh completion work again 2019-02-11 13:22:07 +01:00
Kamil Dudka
2bdb624139 new upstream release - 7.64.0
Resolves: CVE-2019-3823 - SMTP end-of-response out-of-bounds read
Resolves: CVE-2019-3822 - NTLMv2 type-3 header stack buffer overflow
Resolves: CVE-2018-16890 - NTLM type-2 out-of-bounds buffer read
2019-02-06 09:56:05 +01:00
Kamil Dudka
3c5dec6602 prevent valgrind from reporting false positives on x86_64 2019-02-04 17:45:12 +01:00
Fedora Release Engineering
9221f774a1 - Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>
2019-01-31 16:37:02 +00:00
Kamil Dudka
1a6a3b20a6 Resolves: CVE-2018-20483 - xattr: strip credentials from any URL that is stored 2019-01-21 10:13:55 +01:00
Kamil Dudka
da8449decd replace 0001-curl-7.62.0-http-post-negotiate.patch by upstream patch 2019-01-07 12:42:06 +01:00
Kamil Dudka
32b0144f20 replace 0105-curl-7.63.0-libstubgss-ldadd.patch by upstream patch 2019-01-04 14:18:53 +01:00
Kamil Dudka
49f5a42f96 Resolves: #1658574 - curl -J: do not append to the destination file 2018-12-19 13:43:28 +01:00
Kamil Dudka
c30a9c7fdb Resolves: #1659329 - revert an upstream commit that broke fedpkg new-sources 2018-12-14 11:21:54 +01:00
Kamil Dudka
c91c27bce9 libtest: avoid symbol lookup error in libstubgss.so 2018-12-12 14:39:00 +01:00
Kamil Dudka
a94ce82de0 new upstream release - 7.63.0 2018-12-12 09:51:10 +01:00
Kamil Dudka
34a4d8f848 new upstream release - 7.62.0
Resolves: CVE-2018-16839 - SASL password overflow via integer overflow
Resolves: CVE-2018-16840 - use-after-free in handle close
Resolves: CVE-2018-16842 - warning message out-of-buffer read
2018-10-31 12:47:56 +01:00
Kamil Dudka
9be316eea1 enable TLS 1.3 post-handshake auth in OpenSSL
Bug: https://github.com/curl/curl/pull/3027
2018-10-11 16:16:32 +02:00
Kamil Dudka
2346b66a23 update the documentation of --tlsv1.0 in curl(1) man page 2018-10-11 16:16:18 +02:00
Kamil Dudka
800bb58ef3 Resolves: #1631804 - enforce versioned libpsl dependency for libcurl 2018-10-05 13:59:35 +02:00
Kamil Dudka
84125cbefe test320: update expected output for gnutls-3.6.4 2018-10-05 13:41:48 +02:00
Kamil Dudka
ece57c4aa4 Related: #1622594 - drop 0105-curl-7.61.0-tests-ssh-keygen.patch no longer needed 2018-10-04 15:37:53 +02:00
Kamil Dudka
20b63790e4 new upstream release - 7.61.1
Resolves: CVE-2018-14618 - NTLM password overflow via integer overflow
2018-09-05 10:03:29 +02:00
Kamil Dudka
e7b6b91818 make the --tls13-ciphers option work 2018-09-04 15:48:11 +02:00
Kamil Dudka
8bff7e0d6b Related: #1622594 - tests: make ssh-keygen always produce PEM format
The default format produced by openssh-7.8p1 cannot be consumed
by currently available versions of libssh and libssh2.
2018-08-27 16:55:32 +02:00
Kamil Dudka
023b327acc Resolves: #1595135 - scp/sftp: fix infinite connect loop on invalid private key 2018-08-15 13:57:06 +02:00
Kamil Dudka
178b0fc823 Resolves: #1219544 - ssl: set engine implicitly when a PKCS#11 URI is provided 2018-08-09 15:35:59 +02:00
Kamil Dudka
35134a4aee Related: #1610888 - relax crypto policy for the test-suite to make it pass again 2018-08-07 16:56:26 +02:00
Kamil Dudka
3fb6e23557 disable flaky test 1900, which covers deprecated HTTP pipelining
See https://github.com/curl/curl/pull/2705 for details.
2018-07-31 10:42:03 +02:00
Kamil Dudka
85286dc2b3 adapt test 323 for updated OpenSSL 2018-07-31 10:33:53 +02:00
Kamil Dudka
bcdea58703 temporarily disable test 582 on s390x (client times out) 2018-07-13 13:47:08 +02:00
Fedora Release Engineering
072eac2fb6 - Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>
2018-07-12 22:28:24 +00:00
Kamil Dudka
a89a46eca8 new upstream release - 7.61.0
Resolves: CVE-2018-0500 - SMTP send heap buffer overflow
2018-07-11 14:19:28 +02:00
Kamil Dudka
d41d215108 disable test 1455, which occasionally fails in Koji
... with 'bind failed with errno 98: Address already in use'
2018-07-10 15:16:40 +02:00
Kamil Dudka
9f5f0d1189 enable support for brotli compression in libcurl-full 2018-07-10 13:51:08 +02:00
Kamil Dudka
befa5428f0 do not hard-wire path of the Python 3 interpreter 2018-07-04 15:20:51 +02:00
Kamil Dudka
4f55f71cfe Related: #1570246 - enable vlagrind again
This reverts commit e51a34d6cc.
2018-07-04 15:15:24 +02:00
Kamil Dudka
e51a34d6cc Related: #1570246 - temporarily disable valgrind completely
... and revert the previous workaround, which does not work on Koji
2018-05-16 15:58:58 +02:00
Kamil Dudka
09c874db53 require glibc-debuginfo for valgrind-enabled build
... as suggested by valgrind itself:

valgrind:  Fatal error at startup: a function redirection
valgrind:  which is mandatory for this platform-tool combination
valgrind:  cannot be set up.  Details of the redirection are:
valgrind:
valgrind:  A must-be-redirected function
valgrind:  whose name matches the pattern:      strlen
valgrind:  in an object with soname matching:   ld-linux-x86-64.so.2
valgrind:  was not found whilst processing
valgrind:  symbols from the object with soname: ld-linux-x86-64.so.2
valgrind:
valgrind:  Possible fixes: (1, short term): install glibc's debuginfo
valgrind:  package on this machine.  (2, longer term): ask the packagers
valgrind:  for your Linux distribution to please in future ship a non-
valgrind:  stripped ld.so (or whatever the dynamic linker .so is called)
valgrind:  that exports the above-named function using the standard
valgrind:  calling conventions for this platform.  The package you need
valgrind:  to install for fix (1) is called
valgrind:
valgrind:    On Debian, Ubuntu:                 libc6-dbg
valgrind:    On SuSE, openSuSE, Fedora, RHEL:   glibc-debuginfo
valgrind:
valgrind:  Note that if you are debugging a 32 bit process on a
valgrind:  64 bit system, you will need a corresponding 32 bit debuginfo
valgrind:  package (e.g. libc6-dbg:i386).
valgrind:
valgrind:  Cannot continue -- exiting now.  Sorry.
2018-05-16 15:23:55 +02:00
Kamil Dudka
5a0fa9250b new upstream release, which fixes the following vulnerabilities
Resolves: CVE-2018-1000300 - FTP shutdown response buffer overflow
Resolves: CVE-2018-1000301 - RTSP bad headers buffer over-read
2018-05-16 15:02:28 +02:00
Kamil Dudka
a1b38730ce make the test-suite use Python 3
Unfortunately, smbserver.py does not work with Python 3 because
there is no 'impacket' module available for Python 3:

https://github.com/CoreSecurity/impacket/issues/61
2018-03-15 15:43:07 +01:00
Kamil Dudka
6402b496fc ftp: fix typo in recursive callback detection for seeking 2018-03-14 14:43:54 +01:00
Kamil Dudka
bdef0a1bf6 new upstream release - 7.59.0
Resolves: CVE-2018-1000120 - FTP path trickery leads to NIL byte out of bounds write
Resolves: CVE-2018-1000121 - LDAP NULL pointer dereference
Resolves: CVE-2018-1000122 - RTSP RTP buffer over-read
2018-03-14 10:28:05 +01:00
Kamil Dudka
43b81665b0 http2: mark the connection for close on GOAWAY 2018-03-12 10:28:21 +01:00
Paul Howarth
bdc6ab544b Robustness improvements to spec file
- Add explicity-used build requirements
- Fix libcurl soname version number in %files list to avoid accidental soname
  bumps
2018-02-19 10:10:12 +00:00
Paul Howarth
a16f4de7a2 Update scriptlets, enforce versioned libssh dependency
- switch to %ldconfig_scriptlets
- drop legacy BuildRoot: and Group: tags
- enforce versioned libssh dependency for libcurl
2018-02-15 09:57:54 +00:00
Igor Gnatenko
5012445aca Remove BuildRoot definition
None of currently supported distributions need that.
It was needed last for EL5 which is EOL now

Signed-off-by: Igor Gnatenko <ignatenkobrain@fedoraproject.org>
2018-02-13 23:11:49 +01:00
Kamil Dudka
960515d8a1 Related: #1540549 - drop temporary workaround for the GCC bug 2018-02-13 10:33:16 +01:00
Fedora Release Engineering
1bbb30f4f6 - Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild
Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>
2018-02-07 06:08:47 +00:00
Kamil Dudka
b76e2f2c65 Related: #1540549 - use the workaround for f28 only
... so that it does not break the build with old versions of GCC
2018-02-01 14:05:00 +01:00
Kamil Dudka
bf966a954e Related: #1540549 - temporarily work around internal compiler error on x86_64 2018-02-01 12:55:07 +01:00
Kamil Dudka
3ad2894efb disable brp-ldconfig to make RemovePathPostfixes work
... with shared libraries again

Suggested at:
https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org/message/54Y4DZXHYSDXJDHJTBTBYLXC7OJ73JDU/
2018-01-31 14:44:06 +01:00
Andreas Schneider
cbbefe6fb9 Resolves: #1531483 - use libssh (instead of libssh2)
... to implement SCP/SFTP in libcurl
2018-01-24 18:06:50 +01:00
Kamil Dudka
93c55561d3 new upstream release - 7.58.0
Resolves: CVE-2018-1000005 - curl: HTTP/2 trailer out-of-bounds read
Resolves: CVE-2018-1000007 - curl: HTTP authentication leak in redirects
2018-01-24 11:55:14 +01:00
Kamil Dudka
ed352e927e new upstream release - 7.57.0
Resolves: CVE-2017-8816 - curl: NTLM buffer overflow via integer overflow
Resolves: CVE-2017-8817 - curl: FTP wildcard out of bounds read
Resolves: CVE-2017-8818 - curl: SSL out of buffer access
2017-11-29 14:03:21 +01:00
Kamil Dudka
5d4a9257c3 new upstream release - 7.56.1 (fixes CVE-2017-1000257) 2017-10-23 10:13:16 +02:00
Kamil Dudka
c4a2596b22 re-enable temporarily disabled IDN2 test-cases
test2033 is now marked flaky by upstream, so it does not need
to explicitly disabled any more
2017-10-04 10:00:50 +02:00
Kamil Dudka
46c8abb050 new upstream release - 7.56.0 (fixes CVE-2017-1000254) 2017-10-04 09:36:05 +02:00
Kamil Dudka
b2dab7f315 Resolves: #1485702 - apply the patch for the previous commit and fix its name 2017-08-28 13:40:42 +02:00
Bastien Nocera
57a73689a9 + curl-7.55.1-4
Fix NetworkManager connectivity check not working (#1485702)
2017-08-28 13:26:23 +02:00
Kamil Dudka
0480ac07c5 Resolves: #1483972 - utilize system wide crypto policies for TLS 2017-08-22 17:39:58 +02:00