Commit Graph

564 Commits

Author SHA1 Message Date
Kamil Dudka
c2f61abc1c curl.spec: align the lists of configure options
... to make it easier to extend the lists
2021-10-04 09:54:25 +02:00
Kamil Dudka
407e3960e4 new upstream release - 7.79.1 2021-09-22 09:16:36 +02:00
Kamil Dudka
e2155b2695 fix regression in http2 implementation
... introduced in the last release
2021-09-16 12:26:16 +02:00
Sahana Prasad
f97c73e9d7 Rebuilt with OpenSSL 3.0.0 2021-09-16 12:23:37 +02:00
Kamil Dudka
31329d9443 forgot to bump release in the previous commit 2021-09-16 08:51:26 +02:00
Kamil Dudka
25f443ae12 make SCP/SFTP tests work with openssh-8.7p1 2021-09-16 08:45:33 +02:00
Kamil Dudka
287da1ceec temporarily disable test 1184
... which occasionally fails on aarch64/armv7hl Koji builders
for no apparent reason
2021-09-15 10:55:21 +02:00
Kamil Dudka
d02617d325 new upstream release - 7.79.0
Resolves: CVE-2021-22947 - STARTTLS protocol injection via MITM
Resolves: CVE-2021-22946 - protocol downgrade required TLS bypassed
Resolves: CVE-2021-22945 - use-after-free and double-free in MQTT sending
2021-09-15 09:09:11 +02:00
Sahana Prasad
62e2b8d564 Rebuilt with OpenSSL 3.0.0 2021-09-14 19:00:02 +02:00
Kamil Dudka
f964aefff3 make explicit dependency on openssl work with alpha/beta builds of openssl
Reported-by: Daniel Rusek
2021-07-23 17:15:57 +02:00
Fedora Release Engineering
adeb2cb476 - Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild
Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>
2021-07-21 20:15:37 +00:00
Kamil Dudka
85619bdba3 disable tests 320..322 on ppc64le where it started to hang/fail
... in Koji environment only.  I was not able to reproduce the issues
with the fedora-rawhide-ppc64le buildroot in mock on a ppc64le machine.
2021-07-21 15:53:36 +02:00
Kamil Dudka
0ac0b6fbd1 prevent valgrind from being extremely slow 2021-07-21 12:39:45 +02:00
Kamil Dudka
c921b2c69d remove a valgrind-related patch no longer needed 2021-07-21 12:38:15 +02:00
Kamil Dudka
ef5a5be78e temporarily disable test 1452 on s390x
... where the client times out
2021-07-21 12:06:57 +02:00
Kamil Dudka
64bcb4bcc1 new upstream release - 7.78.0
Resolves: CVE-2021-22925 - TELNET stack contents disclosure again
Resolves: CVE-2021-22924 - bad connection reuse due to flawed path name checks
Resolves: CVE-2021-22923 - metalink download sends credentials
Resolves: CVE-2021-22922 - wrong content via metalink not discarded
2021-07-21 10:22:33 +02:00
Stewart Smith
ece67bdd2f gpgverify source tarball
Signed-off-by: Stewart Smith <trawets@amazon.com>
2021-07-09 18:42:11 +00:00
Kamil Dudka
ddaf41062c Resolves: #1967213 - build the curl tool without metalink support
Today curl upstream announced that they are going to completely remove
support for metalink from curl already in the next release of curl due
to a number of difficult to fix security issues:

    https://curl.se/mail/archive-2021-06/0006.html
    https://github.com/curl/curl/pull/7176
2021-06-02 19:55:01 +02:00
Kamil Dudka
4c89d92ee7 new upstream release - 7.77.0
Resolves: CVE-2021-22901 - TLS session caching disaster
Resolves: CVE-2021-22898 - TELNET stack contents disclosure
2021-05-26 09:20:35 +02:00
Kamil Dudka
4b7b124d75 Resolves: #1938699 - http2: fix resource leaks detected by Coverity 2021-05-03 17:54:40 +02:00
Kamil Dudka
bf8bb4b5b4 new upstream release - 7.76.1 2021-04-14 09:54:33 +02:00
Kamil Dudka
a0d250c162 new upstream release - 7.76.0
Resolves: CVE-2021-22890 - TLS 1.3 session ticket proxy host mixup
Resolves: CVE-2021-22876 - Automatic referer leaks credentials
2021-03-31 10:47:25 +02:00
Kamil Dudka
25676e54ef replace 0104-curl-7.73.0-localhost6.patch by sed invocation
... to avoid conflict resolution on new upstream releases
2021-03-31 10:47:24 +02:00
Kamil Dudka
b57f5589af fix misplaced comment in %prep from the previous commit 2021-03-24 11:17:40 +01:00
Kamil Dudka
742526c048 Resolves: #1941925 - fix SIGSEGV upon disconnect of a ldaps:// transfer 2021-03-24 11:04:10 +01:00
Kamil Dudka
bd924f90f2 build-require python3-impacket only on Fedora
It might not be available in RHEL or CentOS Stream build repos.
2021-02-23 22:03:03 +01:00
Kamil Dudka
d781733304 %check: use unstripped library from the build dir
It results in more detailed backtraces in valgrind's output.
2021-02-11 11:51:32 +01:00
Kamil Dudka
7dada590f2 new upstream release - 7.75.0 2021-02-03 09:07:33 +01:00
Kamil Dudka
1cfc0aeb3b do not use stunnel for tests on s390x builds
... to avoid spurious failures
2021-01-26 15:13:50 +01:00
Fedora Release Engineering
3613691251 - Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>
2021-01-26 02:51:37 +00:00
Kamil Dudka
182c2a8bbb do not rewrite shebangs in test-suite to use python3 explicitly 2020-12-09 18:51:40 +01:00
Kamil Dudka
c829072f9f new upstream release - 7.74.0
Resolves: CVE-2020-8286 - curl: Inferior OCSP verification
Resolves: CVE-2020-8285 - libcurl: FTP wildcard stack overflow
Resolves: CVE-2020-8284 - curl: trusting FTP PASV responses
2020-12-09 11:13:15 +01:00
Paul Howarth
9ef73a22d0 Upstream moved from curl.haxx.se to curl.se 2020-11-09 12:31:52 +00:00
Kamil Dudka
3c950d5541 prevent upstream test 1451 from being skipped 2020-10-14 11:54:54 +02:00
Kamil Dudka
a15dd89aaa new upstream release - 7.73.0 2020-10-14 10:31:57 +02:00
Paul Howarth
89714e3b24 Fix bug reference in changelog 2020-09-20 11:49:49 +01:00
Jinoh Kang
4226c316c7 Resolves: #1877671O - fix multiarch conflicts in libcurl-minimal 2020-09-10 09:45:17 +02:00
Kamil Dudka
e7a12a6b7b new upstream release - 7.72.0
Resolves: CVE-2020-8231 - libcurl: wrong connect-only connection
2020-08-19 12:29:51 +02:00
Kamil Dudka
b740a1ecc6 setopt: unset NOBODY switches to GET if still HEAD
Reported-by: Vít Ondruch
2020-08-06 11:04:30 +02:00
Fedora Release Engineering
407d32e00a - Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>
2020-07-27 14:52:54 +00:00
Tom Stellard
df63713984 Use make macros
https://fedoraproject.org/wiki/Changes/UseMakeBuildInstallMacro
2020-07-13 19:00:01 +00:00
Kamil Dudka
87d774717a Resolves: #1833193 - curl: make the --krb option work again 2020-07-03 12:47:48 +02:00
Kamil Dudka
6071e0dd16 new upstream release - 7.71.1 2020-07-01 09:26:44 +02:00
Kamil Dudka
8c661bb9d7 new upstream release - 7.71.0
Resolves: CVE-2020-8169 - curl: Partial password leak over DNS on HTTP redirect
Resolves: CVE-2020-8177 - curl: overwrite local file with -J
2020-06-24 10:03:56 +02:00
Kamil Dudka
c74a58b095 Related: #1829180 - add BuildRequires for hostname
It is used by the test-suite but it is missing in armv7hl buildroot.
2020-05-02 10:08:32 +02:00
Kamil Dudka
ce4949188b Related: #1829180 - temporarily disable tests 702 703 716 on armv7hl 2020-05-02 09:52:39 +02:00
Kamil Dudka
c88a6aff30 new upstream release - 7.70.0 2020-04-29 14:59:25 +02:00
Kamil Dudka
6a752013d0 Resolves: #1824926 - SSH: use new ECDSA key types to check known hosts 2020-04-20 11:34:56 +02:00
Tom Stellard
53c8c93125 Prevent discarding of -g when compiling with clang 2020-04-17 16:06:52 +00:00
Kamil Dudka
ac5c236f18 new upstream release - 7.69.1 2020-03-11 10:23:53 +01:00
Kamil Dudka
fbcad9a3a0 Resolves: #1810989 - make Flatpak work again 2020-03-09 09:54:27 +01:00
Kamil Dudka
249d0aea51 new upstream release - 7.69.0 2020-03-04 11:41:43 +01:00
Fedora Release Engineering
83181bd6d3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild
Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>
2020-01-28 15:11:40 +00:00
Kamil Dudka
dfb411a0a2 new upstream release - 7.68.0 2020-01-08 09:52:29 +01:00
Kamil Dudka
13f70ceee2 fix upstream release number in last two change log items 2020-01-08 09:47:26 +01:00
Kamil Dudka
d1233ad4cd do not run test-suite through valgrind on i686 brew builds
The architecture is being decommissioned in Fedora, which makes it
difficult to debug valgrind failures (usually not related to curl
anyway).
2019-11-15 10:37:39 +01:00
Kamil Dudka
eeb37e29bd Related: #1771025 - fix date in the last change log entry 2019-11-14 16:25:25 +01:00
Kamil Dudka
2298078d54 Resolves: #1771025 - fix infinite loop on upload using a glob 2019-11-14 13:57:39 +01:00
Kamil Dudka
c667b141d6 new upstream release - 7.67.0 2019-11-06 09:26:57 +01:00
Kamil Dudka
e0bf66ef6c fix memory leaked by parse_metalink() 2019-09-13 10:18:24 +02:00
Kamil Dudka
da9af16256 new upstream release - 7.66.0
Resolves: CVE-2019-5481 - double free due to subsequent call of realloc()
Resolves: CVE-2019-5482 - heap buffer overflow in function tftp_receive_packet()
2019-09-12 15:20:21 +02:00
Kamil Dudka
91c50ee6d4 Resolves: #1690971 - avoid reporting spurious error in the HTTP2 framing layer 2019-08-27 18:11:29 +02:00
Kamil Dudka
8559ecc1d9 changelog: fix copy/paste error in the last entry 2019-08-01 16:41:42 +02:00
Kamil Dudka
863394fd95 improve handling of gss_init_sec_context() failures 2019-08-01 16:37:57 +02:00
Fedora Release Engineering
22186831fb - Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild
Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>
2019-07-24 21:21:56 +00:00
Paul Howarth
a5c984a590 new upstream release - 7.65.3 2019-07-20 12:02:57 +01:00
Kamil Dudka
6e794d5beb new upstream release - 7.65.2 2019-07-17 10:34:24 +02:00
Kamil Dudka
901da63160 new upstream release - 7.65.1 2019-06-05 09:33:30 +02:00
Kamil Dudka
b6ccff47ac Resolves: #1714893 - fix spurious timeout events with speed-limit 2019-05-30 15:27:58 +02:00
Kamil Dudka
3c7950da77 new upstream release - 7.65.0
Resolves: CVE-2019-5436 - TFTP receive buffer overflow
Resolves: CVE-2019-5435 - integer overflows in curl_url_set()
2019-05-22 10:42:26 +02:00
Kamil Dudka
9dd5d73f3b do not treat failure of gss_init_sec_context() with --negotiate as fatal
This commit fixes a major incompatibility introduced in curl-7.64.1.

Bug: https://github.com/curl/curl/issues/3726
2019-05-09 10:08:03 +02:00
Paul Howarth
8fd906c559 generation of shell completions now needs more perl stuff 2019-04-05 13:38:27 +01:00
Kamil Dudka
bbad3e0a62 new upstream release - 7.64.1 2019-03-27 12:45:46 +01:00
Kamil Dudka
0ed971f14f fix last but one change log entry 2019-03-25 12:39:00 +01:00
Kamil Dudka
7594f15bce Related: #1690971 - remove verbose "Expire in" ... messages 2019-03-25 12:35:52 +01:00
Kamil Dudka
902ddefeb5 avoid spurious "Could not resolve host: [host name]" error messages 2019-03-21 09:39:30 +01:00
Kamil Dudka
95008127cf Resolves: #1683676 - fix NULL dereference if flushing cookies with no CookieInfo set 2019-02-27 18:02:05 +01:00
Kamil Dudka
e97fdf9b7f Resolves: #1680198 - prevent NetworkManager from leaking file descriptors 2019-02-25 14:24:32 +01:00
Kamil Dudka
9ace613273 make zsh completion work again 2019-02-11 13:22:07 +01:00
Kamil Dudka
2bdb624139 new upstream release - 7.64.0
Resolves: CVE-2019-3823 - SMTP end-of-response out-of-bounds read
Resolves: CVE-2019-3822 - NTLMv2 type-3 header stack buffer overflow
Resolves: CVE-2018-16890 - NTLM type-2 out-of-bounds buffer read
2019-02-06 09:56:05 +01:00
Kamil Dudka
3c5dec6602 prevent valgrind from reporting false positives on x86_64 2019-02-04 17:45:12 +01:00
Fedora Release Engineering
9221f774a1 - Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>
2019-01-31 16:37:02 +00:00
Kamil Dudka
1a6a3b20a6 Resolves: CVE-2018-20483 - xattr: strip credentials from any URL that is stored 2019-01-21 10:13:55 +01:00
Kamil Dudka
da8449decd replace 0001-curl-7.62.0-http-post-negotiate.patch by upstream patch 2019-01-07 12:42:06 +01:00
Kamil Dudka
32b0144f20 replace 0105-curl-7.63.0-libstubgss-ldadd.patch by upstream patch 2019-01-04 14:18:53 +01:00
Kamil Dudka
49f5a42f96 Resolves: #1658574 - curl -J: do not append to the destination file 2018-12-19 13:43:28 +01:00
Kamil Dudka
c30a9c7fdb Resolves: #1659329 - revert an upstream commit that broke fedpkg new-sources 2018-12-14 11:21:54 +01:00
Kamil Dudka
c91c27bce9 libtest: avoid symbol lookup error in libstubgss.so 2018-12-12 14:39:00 +01:00
Kamil Dudka
a94ce82de0 new upstream release - 7.63.0 2018-12-12 09:51:10 +01:00
Kamil Dudka
34a4d8f848 new upstream release - 7.62.0
Resolves: CVE-2018-16839 - SASL password overflow via integer overflow
Resolves: CVE-2018-16840 - use-after-free in handle close
Resolves: CVE-2018-16842 - warning message out-of-buffer read
2018-10-31 12:47:56 +01:00
Kamil Dudka
9be316eea1 enable TLS 1.3 post-handshake auth in OpenSSL
Bug: https://github.com/curl/curl/pull/3027
2018-10-11 16:16:32 +02:00
Kamil Dudka
2346b66a23 update the documentation of --tlsv1.0 in curl(1) man page 2018-10-11 16:16:18 +02:00
Kamil Dudka
800bb58ef3 Resolves: #1631804 - enforce versioned libpsl dependency for libcurl 2018-10-05 13:59:35 +02:00
Kamil Dudka
84125cbefe test320: update expected output for gnutls-3.6.4 2018-10-05 13:41:48 +02:00
Kamil Dudka
ece57c4aa4 Related: #1622594 - drop 0105-curl-7.61.0-tests-ssh-keygen.patch no longer needed 2018-10-04 15:37:53 +02:00
Kamil Dudka
20b63790e4 new upstream release - 7.61.1
Resolves: CVE-2018-14618 - NTLM password overflow via integer overflow
2018-09-05 10:03:29 +02:00
Kamil Dudka
e7b6b91818 make the --tls13-ciphers option work 2018-09-04 15:48:11 +02:00
Kamil Dudka
8bff7e0d6b Related: #1622594 - tests: make ssh-keygen always produce PEM format
The default format produced by openssh-7.8p1 cannot be consumed
by currently available versions of libssh and libssh2.
2018-08-27 16:55:32 +02:00
Kamil Dudka
023b327acc Resolves: #1595135 - scp/sftp: fix infinite connect loop on invalid private key 2018-08-15 13:57:06 +02:00
Kamil Dudka
178b0fc823 Resolves: #1219544 - ssl: set engine implicitly when a PKCS#11 URI is provided 2018-08-09 15:35:59 +02:00