Index index by Group index by Distribution index by Vendor index by creation date index by Name Mirrors Help Search

libcurl4-7.37.0-51.1 RPM for ppc64le

From OpenSuSE Ports Leap 42.3 updates for ppc64le

Name: libcurl4 Distribution: openSUSE Leap 42.3
Version: 7.37.0 Vendor: openSUSE
Release: 51.1 Build date: Tue May 28 12:10:54 2019
Group: Productivity/Networking/Web/Utilities Build host: obs-power8-04
Size: 595152 Source RPM: curl-7.37.0-51.1.src.rpm
Packager: http://bugs.opensuse.org
Url: http://curl.haxx.se/
Summary: Version 4 of cURL shared library
The cURL shared library version 4 for accessing data using different
network protocols.

Provides

Requires

License

BSD-3-Clause AND MIT

Changelog

* Thu May 16 2019 Pedro Monreal Gonzalez <pmonrealgonzalez@suse.com>
  - Security fix [bsc#1135170, CVE-2019-5436]
    * A heap buffer overflow exists in tftp_receive_packet that
      receives data from a TFTP server
    * Added curl-CVE-2019-5436.patch
* Tue Apr 09 2019 Pedro Monreal Gonzalez <pmonrealgonzalez@suse.com>
  - Security fix [bsc#1112758, bsc#1131886, CVE-2018-16839]
    * SASL password overflow via integer overflow
    * Added patch curl-CVE-2018-16839.patch
* Tue Jan 29 2019 Pedro Monreal Gonzalez <pmonrealgonzalez@suse.com>
  - Security fix [bsc#1123378, CVE-2019-3823]
    * SMTP end-of-response out-of-bounds read
    * Added patch curl-CVE-2019-3823.patch
* Tue Jan 29 2019 Pedro Monreal Gonzalez <pmonrealgonzalez@suse.com>
  - Security fix [bsc#1123377, CVE-2019-3822]
    * NTLMv2 type-3 header stack buffer overflow
    * Added patch curl-CVE-2019-3822.patch
* Mon Jan 28 2019 Pedro Monreal Gonzalez <pmonrealgonzalez@suse.com>
  - Security fix [bsc#1123371, CVE-2018-16890]
    * NTLM type-2 out-of-bounds buffer read
    * Added patch curl-CVE-2018-16890.patch
* Mon Oct 29 2018 Pedro Monreal Gonzalez <pmonrealgonzalez@suse.com>
  - Security fix [bsc#1113660, CVE-2018-16842]
    * Fixed Out-of-bounds Read in tool_msgs.c
    * Added curl-7.37.0-CVE-2018-16842.patch
* Wed Oct 24 2018 Pedro Monreal Gonzalez <pmonrealgonzalez@suse.com>
  - Security fix [bsc#1112758, CVE-2018-16840]
    * use-after-free in handle close
    * Added curl-CVE-2018-16840.patch
* Mon Sep 03 2018 pmonrealgonzalez@suse.com
  - Security Fix [bsc#1106019, CVE-2018-14618]
    * NTLM password overflow via integer overflow
    * Added curl-7.37.0-CVE-2018-14618.patch
* Mon Sep 03 2018 pmonrealgonzalez@suse.com
  - Fixed erroneous debug message when paired with OpenSSL
    * Added curl-openssl-skip-trace-outputs.patch [bsc#1089533]
* Mon May 07 2018 pmonrealgonzalez@suse.com
  - Security Fix [bsc#1092098, CVE-2018-1000301]
    * RTSP bad headers buffer over-read
    * Added curl-CVE-2018-1000301.patch
* Tue Mar 27 2018 pmonrealgonzalez@suse.com
  - If the DEFAULT_SUSE cipher list is not available use HIGH.
    * Added curl-HIGH-cipher-fallback.patch [bsc#1086825]
* Fri Mar 09 2018 pmonrealgonzalez@suse.com
  - Security Fix [bsc#1084532, CVE-2018-1000122]
    * readwrite: RTSP RTP buffer over-read
    * Added curl-7.37.0-CVE-2018-1000122.patch
    * Modified curl-disable_failing_tests.patch
* Fri Mar 09 2018 pmonrealgonzalez@suse.com
  - Security Fix [bsc#1084524, CVE-2018-1000121]
    * openldap: check ldap_get_attribute_ber() results for NULL
    * LDAP NULL pointer dereference
    * Added curl-7.37.0-CVE-2018-1000121.patch
* Fri Mar 09 2018 pmonrealgonzalez@suse.com
  - Security Fix [bsc#1084521, CVE-2018-1000120]
    * FTP: reject path components with control codes
    * FTP path trickery leads to NIL byte out of bounds write
    * Added curl-7.37.0-CVE-2018-1000120.patch
* Mon Jan 22 2018 pmonrealgonzalez@suse.com
  - Security fix [bsc#1077001, CVE-2018-1000007]
    * HTTP authentication leak in redirects
    * Added patch curl-7.37.0-CVE-2018-1000007.patch
* Thu Nov 23 2017 pmonrealgonzalez@suse.com
  - Security fix [bsc#1069222, CVE-2017-8817]
    * Read out of bounds flaw in the FTP wildcard function.
    * Added patch curl-7.37.0-CVE-2017-8817.patch
* Thu Nov 23 2017 pmonrealgonzalez@suse.com
  - Security fix [bsc#1069226, CVE-2017-8816]
    * Buffer overrun flaw in the NTLM authentication code.
    * Added patch curl-7.37.0-CVE-2017-8816.patch
* Tue Oct 17 2017 pmonrealgonzalez@suse.com
  - Security fix [bsc#1063824, CVE-2017-1000257]
    * IMAP FETCH response out of bounds read
    * Added patch curl-CVE-2017-1000257.patch
* Tue Oct 17 2017 pmonrealgonzalez@suse.com
  - Disabled test1086 that fails on ppc64le
    * Refreshed patch curl-disable_failing_tests.patch
* Fri Oct 13 2017 pmonrealgonzalez@suse.com
  - Fixed error "error:1408F10B:SSL routines" when connecting to ftps
    via proxy [bsc#1060653]
    * Added patch curl-7.37.0-connect-ftps-via-proxy.patch
* Mon Oct 09 2017 pmonrealgonzalez@suse.com
  - Security fix [bsc#1061876, CVE-2017-1000254]
    * FTP PWD response parser out of bounds read
    * Added patch curl-7.37-CVE-2017-1000254.patch
* Tue Aug 01 2017 pmonrealgonzalez@suse.com
  - Project curl Security Advisory, August 9th 2017
    https://curl.haxx.se/docs/adv_20170809B.html
  - Security fix [bsc#1051644, CVE-2017-1000100]
    * TFTP sends more than buffer size
    * Added patch curl-7.37.0-CVE-2017-1000100.patch
  - Security fix [bsc#1051643, CVE-2017-1000101]
    * URL globbing out of bounds read
    * Added patch curl-CVE-2017-1000101.patch
* Wed Apr 05 2017 pmonrealgonzalez@suse.com
  - Project curl Security Advisory, April 3, 2017
    https://curl.haxx.se/docs/adv_20170403.html
    * CVE-2017-7407: --write-out out of buffer read (bsc#1032309)
  - Bug bsc#1027712 switch to new client side cipher suite default
    * Updated default cipher suite from "DEFAULT" to "SUSE_DEFAULT"
    * Updates previous patch curl-DEFAULT_CIPHER_SELECTION.patch
  - Added patches:
    * curl-7.37-CVE-2017-7407.patch
    * curl-DEFAULT_SUSE_SELECTION.patch
* Mon Mar 20 2017 pmonrealgonzalez@suse.com
  - Project curl Security Advisory, December 21, 2016
    https://curl.haxx.se/docs/adv_20161221A.html
    * CVE-2016-9586: curl: libcurl printf floating point buffer
      overflow (bsc#1015332)
    * Added patch curl-7.37-CVE-2016-9586.patch
* Tue Oct 25 2016 vcizek@suse.com
  - Project cURL Security Advisory, November 2, 2016
    https://curl.haxx.se/docs/adv_20161102K.html
    * CVE-2016-8624: invalid URL parsing with '#' (bsc#1005646)
    * CVE-2016-8623: Use-after-free via shared cookies (bsc#1005645)
    * CVE-2016-8622: URL unescape heap overflow via integer truncation (bsc#1005643)
    * CVE-2016-8621: curl_getdate read out of bounds (bsc#1005642)
    * CVE-2016-8620: glob parser write/read out of bounds (bsc#1005640)
    * CVE-2016-8619: double-free in krb5 code (bsc#1005638)
    * CVE-2016-8618: double-free in curl_maprintf (bsc#1005637)
    * CVE-2016-8617: OOB write via unchecked multiplication (bsc#1005635)
    * CVE-2016-8616: case insensitive password comparison (bsc#1005634)
    * CVE-2016-8615: cookie injection for other servers (bsc#1005633)
    * CVE-2016-7167: escape and unescape integer overflows (bsc#998760)
  - added patches:
    * curl-CVE-2016-7167.patch
    * curl-CVE-2016-8615.patch
    * curl-CVE-2016-8616.patch
    * curl-CVE-2016-8617.patch
    * curl-CVE-2016-8618.patch
    * curl-CVE-2016-8619.patch
    * curl-CVE-2016-8620.patch
    * curl-CVE-2016-8621.patch
    * curl-CVE-2016-8622.patch
    * curl-CVE-2016-8623.patch
    * curl-CVE-2016-8624.patch
* Wed Sep 07 2016 pjanouch@suse.de
  - Update curl-CVE-2016-5420.patch to fix incorrect reuse of client
    certificates with NSS (bsc#997420 CVE-2016-7141)
* Wed Aug 24 2016 pjanouch@suse.de
  - Add curl-bsc991746.patch (bsc#991746) fixing a performance
    regression with FTP
* Tue Aug 02 2016 pjanouch@suse.de
  - Add curl-CVE-2016-5419.patch (bsc#991389 CVE-2016-5419)
  - Add curl-CVE-2016-5420.patch (bsc#991390 CVE-2016-5420)
  - Add curl-CVE-2016-5421.patch (bsc#991391 CVE-2016-5421)
* Thu May 05 2016 alarrosa@suse.com
  - Add fix-return-status-in-Curl_is_connected.patch . Fixes some error
    handling in Curl_is_connected by backporting some code from upstream.
  - Add 0001-Fix-invalid-Network-is-unreachable-errors.patch.
    Fixes "Network is unreachable" errors in valid situations when ipv6
    is not available but ipv4 is working fine. This also fixes the same
    error from happening in applications using libcurl4 (like zypper).
    (bsc#915846)
* Thu Jan 21 2016 vcizek@suse.com
  - fix CVE-2016-0755 (bsc#962983)
    * libcurl NTLM credentials not-checked for proxy connection re-use
    * http://curl.haxx.se/docs/adv_20160127A.html
    * add curl-CVE-2016-0755.patch
* Thu Jan 21 2016 vcizek@suse.com
  - unexpire cookie in test 46 (bsc#962996)
    * add 0001-test46-update-cookie-expire-time.patch
  - fix a typo in curl-secure-getenv.patch (bsc#936676)
  - run the testsuite during build (bsc#934333)
    * add curl-disable_failing_tests.patch
* Mon Apr 20 2015 vcizek@suse.com
  - security update:
    * CVE-2015-3143 (bnc#927556)
    - Re-using authenticated connection when unauthenticated
    * CVE-2015-3144 (bnc#927608)
    - host name out of boundary memory access
    * CVE-2015-3145 (bnc#927607)
    - cookie parser out of boundary memory access
    * CVE-2015-3148 (bnc#927746)
    - Negotiate not treated as connection-oriented
    * CVE-2015-3153 (bnc#928533)
    - sensitive HTTP server headers also sent to proxies
    * added patches:
      + curl-CVE-2015-3143.patch
      + curl-CVE-2015-3144.patch
      + curl-CVE-2015-3145.patch
      + curl-CVE-2015-3148.patch
      + curl-CVE-2015-3153.patch
  - fix baselibs.conf
* Tue Feb 03 2015 vcizek@suse.com
  - allow md4 and md5 in fips mode (bnc#913209)
    * https://github.com/bagder/curl/pull/138
    * added curl-allow_md4_and_md5_in_fips_mode.patch
* Fri Jan 02 2015 vcizek@suse.com
  - fix for CVE-2014-8150 (bnc#911363)
    * request injection vulnerability
    * added curl-CVE-2014-8150.patch
  - fix for CVE-2014-3707 (bnc#901924)
    * duphandle read out of bounds
    * added curl-CVE-2014-3707.patch
* Wed Sep 10 2014 vcizek@suse.com
  - add fixes for two security vulnerabilities
    * CVE-2014-3613 (bnc#894575) and CVE-2014-3620 (bnc#895991)
    * cookie leaks for ip addresses as domains and TLDs
    * added patches:
      curl-CVE-2014-3613.patch
      curl-CVE-2014-3620.patch
* Thu Jun 12 2014 vcizek@suse.com
  - update to 7.37.0
    This release includes many bugfixes and the following changes:
    * URL parser: IPv6 zone identifiers are now supported
    * CURLOPT_PROXYHEADER: set headers for proxy-only
    * CURLOPT_HEADEROPT: added
    * curl: add --proxy-header
    * sasl: Added support for DIGEST-MD5 via Windows SSPI
    * sasl: Added DIGEST-MD5 qop-option validation in native challange handling
    * imap: Expanded mailbox SEARCH support to use URL query strings [7]
    * imap: Extended FETCH support to include PARTIAL URL specifier [7]
    * nss: implement non-blocking SSL handshake
    * build: Reworked Visual Studio project files
    * poll: enable poll on darwin13
    * mk-ca-bundle: added -p
    * libtests: add a wait_ms() function
    - dropped patches:
    * curl-mkhelp.patch (upstream)
    * curl-test815.patch (upstream)
* Fri Apr 25 2014 vcizek@suse.com
  - adjust default cipher list (bnc#874986)
    * curl-DEFAULT_CIPHER_SELECTION.patch
* Wed Apr 09 2014 vcizek@suse.com
  - update to 7.36
    * fixes CVE-2014-0138 (bnc#868627) and CVE-2014-0139 (bnc#868629)
    * NEW FEATURES:
      ntlm: Added support for NTLMv2
      tool: Added support for URL specific options
      openssl: add ALPN support
      gtls: add ALPN support
      nss: add ALPN and NPN support
      added CURLOPT_EXPECT_100_TIMEOUT_MS
      tool: add --no-alpn and --no-npn
      added CURLOPT_SSL_ENABLE_NPN and CURLOPT_SSL_ENABLE_ALPN
      http2: build with current nghttp2 version
      openssl: info message with SSL version used
    * dropped curl-test172_cookie_expiration.patch (upstream)
    * added patches to make it build:
    - curl-mkhelp.patch
    - curl-test815.patch
* Thu Mar 13 2014 kukuk@suse.de
  - Disable BuildRequires for openssh, only needed for test suite,
    but the test suite isn't able to start sshd anyways.
    Solves the problem that openssh checkins triggers a nearly full
    rebuild, too.
* Tue Feb 04 2014 vcizek@suse.com
  - update to 7.35.0
    * security fix:
      CVE-2014-0015: re-use of wrong HTTP NTLM connection (bnc#858673)
    * changes:
      imap/pop3/smtp: Added support for SASL authentication downgrades
      imap/pop3/smtp: Extended the login options to support multiple auth mechanisms
      TheArtOfHttpScripting: major update, converted layout and more
      mprintf: Added support for I, I32 and I64 size specifiers
      makefile: Added support for VC7, VC11 and VC12
      SSL: protocol version can be specified more precisely
      imap/pop3/smtp: Added graceful cancellation of SASL authentication
      Add "Happy Eyeballs" for IPv4/IPv6 dual connect attempts
      base64: Added validation of base64 input strings when decoding
      curl_easy_setopt: Added the ability to set the login options separately
      smtp: Added support for additional SMTP commands
      curl_easy_getinfo: Added CURLINFO_TLS_SESSION for accessing TLS internals
      nss: allow to use TLS > 1.0 if built against recent NSS
      SECURITY: added this document to describe our security processes
      parseconfig: warn if unquoted white spaces are detected
    * and many bugfixes
  - fix test failure because of an expired cookie (bnc#862144)
    * added curl-test172_cookie_expiration.patch
  - refresh libcurl-ocloexec.patch
* Fri Nov 29 2013 vcizek@suse.com
  - update to 7.33.0
    * fixes CVE-2013-4545 (bnc#849596)
      = curl: ssl cert checks unclear behaviour
    o test code for testing the event based API
    o CURLM_ADDED_ALREADY: new error code
    o test TFTP server: support "writedelay" within <servercmd>
    o krb4 support has been removed
    o imap/pop3/smtp: added basic SASL XOAUTH2 support
    o Pass password to OpenSSL engine by user interface
    o c-ares: Add support for various DNS binding options
    o cookies: add expiration
    o curl: added --oauth2-bearer option
* Mon Aug 12 2013 crrodriguez@opensuse.org
  - curl 7.32.0
    * curl: allow timeouts to accept decimal values
    * CURLOPT_XFERINFOFUNCTION: introducing a new progress callback
    * SIGPIPE: ignored while inside the library
    * OpenSSL: check for read errors
    * configure: automake 1.14 compatibility tweak
    * curl_multi_wait: set revents for extra fds
    * global dns cache: didn't work (regression)
    * mk-ca-bundle.1: don't install on make install
* Mon Jul 01 2013 coolo@suse.com
  - avoid cycle between curl and krb5 by using krb5-mini-devel
* Mon Jun 24 2013 vcizek@suse.com
  - update to 7.31.0
    * includes fix for CVE-2013-2174 (bnc#824517)
    * SECURITY VULNERABILITY: curl_easy_unescape() may parse data
      beyond the end of the input buffer [26]
    * Changes:
      darwinssl: add TLS session resumption
      darwinssl: add TLS crypto authentication
      imap/pop3/smtp: Added support for ;auth= in the URL
      imap/pop3/smtp: Added support for ;auth= to CURLOPT_USERPWD
      usercertinmem.c: add example showing user cert in memory
      url: Added smtp and pop3 hostnames to the protocol detection list
      imap/pop3/smtp: Added support for enabling the SASL initial response
      curl -E: allow to use ':' in certificate nicknames
* Fri Apr 12 2013 vcizek@suse.com
  - update to 7.30.0
    includes security fixes for CVE-2013-0249 and CVE-2013-1944
    (bugs bnc#814655 and bnc#802411 respectively)
    (dropped curl-CVE-2013-0249.patch)
  - Changes:
    imap: Changed response tag generation to be completely unique
    imap: Added support for SASL-IR extension
    imap: Added support for the list command
    imap: Added support for the append command
    imap: Added custom request parsing
    imap: Added support to the fetch command for UID and SECTION properties
    imap: Added parsing and verification of the UIDVALIDITY mailbox attribute
    imap/pop3/smtp: Added support for the STARTTLS capability
    checksrc: ban use of sprintf, vsprintf, strcat, strncat and gets
    curl_global_init() now accepts the CURL_GLOBAL_ACK_EINTR flag
    Added CURLMOPT_MAX_HOST_CONNECTIONS, CURLMOPT_MAX_TOTAL_CONNECTIONS
      for new multi interface connection handling
    Added CURLMOPT_MAX_PIPELINE_LENGTH, CURLMOPT_CONTENT_LENGTH_PENALTY_SIZE,
      CURLMOPT_CHUNK_LENGTH_PENALTY_SIZE, CURLMOPT_PIPELINING_SITE_BL
      and CURLMOPT_PIPELI NING_SERVER_BL for new pipelining control
    test: offer "automake" output and check for perl better
    always-multi: always use non-blocking internals
    imap: Added support for sasl digest-md5 authentication
    imap: Added support for sasl cram-md5 authentication
    imap: Added support for sasl ntlm authentication
    imap: Added support for sasl login authentication
    imap: Added support for sasl plain text authentication
    imap: Added support for login disabled server capability
    mk-ca-bundle: add -f, support passing to stdout and more
    writeout: -w now supports remote_ip/port and local_ip/port
  - refreshed patches
* Sun Feb 17 2013 crrodriguez@opensuse.org
  - Add curl-secure-getenv.patch: Use secure_getenv if available.
    libcurl might be linked to a program where "secure execution" is
    required.
* Thu Feb 07 2013 vcizek@suse.com
  - fixed CVE-2013-0249 (bnc#802411)
  - refreshed patches
* Fri Jan 11 2013 sbrabec@suse.cz
  - Break build loop and make GPG signature verification optional.
* Tue Nov 27 2012 sbrabec@suse.cz
  - Verify GPG signature.
* Tue Nov 20 2012 crrodriguez@opensuse.org
  - Curl 7.28.1
    * FTP: prevent the multi interface from blocking Obsoletes
    curl-ftp-prevent-the-multi-interface-from-blocking.patch
    * don't send '#' fragments when using proxy
    * OpenSSL: Disable SSL/TLS compression - avoid the "CRIME" attack
    * TFTP: handle resend
    * memory leak: CURLOPT_RESOLVE with multi interface
    * SSL: Several SSL-backend related fixes
* Sun Nov 04 2012 gber@opensuse.org
  - added curl-ftp-prevent-the-multi-interface-from-blocking.patch in
    order to prevent the multi interface from blocking when using ftp
    and the remote end responds very slowly (sf#3579064)
* Sun Jul 29 2012 crrodriguez@opensuse.org
  - Curl 7.27.0
    * support metalinks
    * Add sasl authentication support
    * various bugfixes
  - Fix previous change, _GNU_SOURCE --> AC_USE_SYSTEM_EXTENSIONS
* Mon Jul 09 2012 dnh@opensuse.org
  - define _GNU_SOURCE for oS/SLES <= 11.4, as O_CLOEXEC is
    defined inside a ifdef __USE_GNU
* Sat May 12 2012 jengelh@inai.de
  - Update to new upstream release 7.25.0
    * Added CURLOPT_TCP_KEEPALIVE, CURLOPT_TCP_KEEPIDLE,
    CURLOPT_TCP_KEEPINTVL
    * use new library-side TCP_KEEPALIVE options
    * Added a new CURLOPT_MAIL_AUTH option
    * Added support for --mail-auth
    * (for more see the shipped CHANGES file)
* Wed Feb 08 2012 crrodriguez@opensuse.org
  - Problem with the c-ares backend, workaround for [bnc#745534]
* Thu Feb 02 2012 crrodriguez@opensuse.org
  - Update to version curl 7.24.0
  - refresh patches to fix broken build
* Wed Jan 18 2012 dmueller@suse.de
  - use the rpmoptflags unconditionally, don't do own compiler flag
    magic. Fixes debuginfo package built
* Wed Dec 28 2011 mmarek@suse.cz
  - Package /usr/share/aclocal to avoid build dependency on automake.
* Wed Nov 30 2011 crrodriguez@opensuse.org
  - Use O_CLOEXEC in library code.
* Tue Nov 29 2011 jengelh@medozas.de
  - Remove redundant/unwanted tags/section (cf. specfile guidelines)
* Tue Nov 29 2011 idoenmez@suse.de
  - Use original source tarball
* Mon Nov 28 2011 opensuse@dstoecker.de
  - Update to version 7.23.1:
    + Empty headers can be sent in HTTP requests by terminating with a semicolon
    + SSL session sharing support added to curl_share_setopt()
    + Added support to MAIL FROM for the optional SIZE parameter
    + smtp: Added support for NTLM authentication
    + curl tool: code split into tool_*.[ch] files
    + lots of bugfixes
* Mon Oct 03 2011 dimstar@opensuse.org
  - Update to version 7.22.0:
    + Added CURLOPT_GSSAPI_DELEGATION
    + Added support for NTLM delegation to Samba's winbind daemon
      helper ntlm_auth
    + Display notes from setup file in testcurl.pl
    + BSD-style lwIP TCP/IP stack experimental support on Windows
    + OpenSSL: Use SSL_MODE_RELEASE_BUFFERS if available
    + --delegation was added to set CURLOPT_GSSAPI_DELEGATION
    + nss: start with no database if the selected database is broken
    + telnet: allow programatic use on Windows
    + for a list of bugfixes, see
      http://curl.haxx.se/changes.html#7_22_0
  - Drop curl-openssl-release-buffers.patch: fixed upstream.
  - Add curl-fix-m4.patch: Use 'x' in configure scripts. Fixes issues
    when configure is run with -Werror -Wall.
* Sun Sep 18 2011 jengelh@medozas.de
  - Remove redundant tags/sections from specfile
  - Use %_smp_mflags for parallel build
* Fri Sep 16 2011 jengelh@medozas.de
  - Add curl-devel to baselibs
* Mon Aug 15 2011 crrodriguez@opensuse.org
  - Use SSL_MODE_RELEASE_BUFFERS if available, accepted
    in upstream as commit 3d919440c80333c496fb
* Tue Jul 12 2011 coolo@novell.com
  - remove support for old suse_versions
* Mon Jul 11 2011 pth@suse.de
  - Update to 7.21.7:
    - Fix libcurl inappropriate GSSAPI delegation. Full details at
      http://curl.haxx.se/docs/adv_20110623.html
    - Some other minor fixes.
  - Use the lzma compressed tarball provided upstreams.
* Fri May 20 2011 crrodriguez@opensuse.org
  - remove unintented LDFLAGS from the spec file
* Fri May 20 2011 crrodriguez@opensuse.org
  - Update to 7.21.6
    * curl-config: fix --version
    * use HTTPS properly after CONNECT
    * SFTP: close file before post quote operations
* Thu Apr 14 2011 crrodriguez@opensuse.org
  - bnc#598574 has been fixed in upstream commit  8ab137b2bc9630ce20f4
    already, so enable c-ares support again.
* Sat Apr 09 2011 crrodriguez@opensuse.org
  - Support openSSL compiled without SSLv2 support
  - Update to version 7.21.4
    * SMTP: add brackets for MAIL FROM
    * multi: connect fail => use next IP address
    * pubkey_show: allocate buffer to fit any-size result
    * Curl_do: avoid using stale conn pointer
    * tftpd test server: avoid buffer overflow report from glibc
    * OpenSSL get_cert_chain: support larger data sets
    * SCP/SFTP transfers: acknowledge speedcheck
    * connect problem: use UDP correctly
    * OpenSSL: improved error message on SSL_CTX_new failures
    * HTTP: memory leak on multiple Location:
    * curl.1: typo in -v description
    * CURLOPT_SOCKOPTFUNCTION: return proper error code --keepalive-time
    * file: add support for CURLOPT_TIMECONDITION
    * multi: fix CURLM_STATE_TOOFAST for multi_socket
* Fri Oct 22 2010 cristian.rodriguez@opensuse.org
  - Update to version  7.21.2
    * curl -T: ignore file size of special files
    * Added GOPHER protocol support
    * Added mk-ca-bundle.vbs script
    * c-ares build now requires c-ares >= 1.6.0
    * --remote-header-name security vulnerability fixed
    * multi: support the timeouts correctly, fixes known bug #62
    * multi: use timeouts properly for MAX_RECV/SEND_SPEED
    * negotiation: Wrong proxy authorization
    * multi: avoid sending multiple complete messages
    * cmdline: make -F type= accept ;charset=
    * RESUME_FROM: clarify what ftp uploads do
    * http: handle trailer headers in all chunked responses
    * Curl_is_connected: use correct errno
    * progress: callback for POSTs less than MAX_INITIAL_POST_SIZE
    * Link curl and the test apps with -lrt explicitly when necessary
    * chunky parser: only rewind stream internally if needed
    * remote-header-name: don't output filename when NULL
    * Curl_timeleft: avoid returning "no timeout" by mistake
    * timeout: use the correct start value as offset
    * FTP: fix wrong timeout trigger
    * rtsp: avoid SIGSEGV on malformed header
    * LDAP: Support for tunnelling queries through HTTP proxy
    * curl_easy_duphandle: clone the c-ares handle correctly
    * support URL containing colon without trailing port number
    * parsedate: allow time specified without seconds
    * curl_easy_escape: don't escape "unreserved" characters
    * SFTP: avoid downloading negative sizes
    * Lots of GSS/KRB FTP fixes
    * TFTP: Work around tftpd-hpa upload bug
    * libcurl.m4: several fixes
    * HTTP: remove special case for 416
    * globbing: fix crash on unballanced open brace
* Wed Jun 02 2010 lnussel@suse.de
  - allowing switching to nss instead of openssl via bcond
* Mon May 10 2010 crrodriguez@opensuse.org
  - disable c-ares support while bnc598574 is fixed.
* Sat Apr 24 2010 coolo@novell.com
  - buildrequire pkg-config to fix provides
* Fri Apr 23 2010 crrodriguez@opensuse.org
  - Update to libcurl 7.20.1
    * off-by-one in the chunked encoding trailer parser
    * CURLOPT_CERTINFO memory leak
    * threaded resolver double free when closing curl handle
    * url_multi_remove_handle() caused use after free
    * SSL possible double free when reusing curl handle
    * alarm()-based DNS timeout bug
* Wed Mar 24 2010 crrodriguez@opensuse.org
  - enable libssh2 support unconditionally.
* Wed Mar 10 2010 crrodriguez@opensuse.org
  - enable libcares support unconditionally.
* Sat Feb 13 2010 dimstar@opensuse.org
  - Update to version 7.20.0:
    * support SSL_FILETYPE_ENGINE for client certificate
    * curl-config can now show the arguments used when building curl
    * non-blocking TFTP
    * send Expect: 100-continue for POSTs with unknown sizes
    * added support for IMAP(S), POP3(S), SMTP(S) and RTSP
    * added new curl_easy_setopt() options for SMTP and RTSP
    * added --mail-from and --mail-rcpt for SMTP
    * VMS build system enhancements
    * added support for the PRET ftp command
    * curl supports --ssl and --ssl-reqd
    * added -J/--remote-header-name for using server-provided
      filename with -O
    * enhanced asynchronous DNS lookups
    * symbol CURL_FORMAT_OFF_T is obsoleted
    * many bugfixes
* Tue Jan 26 2010 mmarek@suse.cz
  - updated to 7.19.7
    * -T. is now for non-blocking uploading from stdin
    * SYST handling on FTP for OS/400 FTP server cases
    * libcurl refuses to read a single HTTP header longer than 100K
    * added the --crlfile option to curl
    * many bugfixes
* Mon Jan 11 2010 meissner@suse.de
  - add baselibs.conf as source
* Thu Aug 13 2009 mmarek@suse.cz
  - updated to 7.19.6
    * CURLOPT_FTPPORT (and curl's -P/--ftpport) support port ranges
    * Added CURLOPT_SSH_KNOWNHOSTS, CURLOPT_SSH_KEYFUNCTION,
      CURLOPT_SSH_KEYDATA
    * CURLOPT_QUOTE, CURLOPT_POSTQUOTE and CURLOPT_PREQUOTE can be
      told to ignore error responses when used with FTP
    * fixed CVE-2009-2417 (matching certificates with embedded NUL
      bytes)
    * many other bugfixes
* Tue May 19 2009 mmarek@suse.cz
  - remove the Obsoletes: curl-ca-bundle, it breaks parallel
    installation of older libcurl packages (bnc#484044).
* Tue May 19 2009 mmarek@suse.cz
  - updated to 7.19.5
    * libcurl now closes all dead connections whenever you attempt to
      open a new connection
    * libssh2's version number can now be figured out run-time
      instead of using the build-time fixed number
    * CURLOPT_SEEKFUNCTION may now return CURL_SEEKFUNC_CANTSEEK
    * curl can now upload with resume even when reading from a pipe
    * a build-time configured curl_socklen_t is now used instead of
      socklen_t
  - by default, don't abort if the testsuite fails.
* Thu Mar 05 2009 mmarek@suse.cz
  - don't run autoreconf -fi as it breaks on older distros and
    upstream uses recent autotools already.
* Mon Mar 02 2009 mmarek@suse.cz
  - updated to 7.19.4
    * don't follow redirects to file:// and scp:// by default; add
      new curl_easy_setopt options CURLOPT_PROTOCOLS and
      CURLOPT_REDIR_PROTOCOLS to specify which protocols are allowed
      and which protocols are allowed to redirect to (bnc#475103,
      CVE-2009-0037)
    * Added CURLOPT_NOPROXY and the corresponding --noproxy
    * the OpenSSL-specific code disables TICKET (rfc5077) which is
      enabled by default in openssl 0.9.8j
    * Added CURLOPT_TFTP_BLKSIZE
    * Added CURLOPT_SOCKS5_GSSAPI_SERVICE and
      CURLOPT_SOCKS5_GSSAPI_NEC - with the corresponding curl options
    - -socks5-gssapi-service and --socks5-gssapi-nec
    * Improved IPv6 support when built with with c-ares >= 1.6.1
    * Added CURLPROXY_HTTP_1_0 and --proxy1.0
    * Added docs/libcurl/symbols-in-versions
    * Added CURLINFO_CONDITION_UNMET
    * Added support for Digest and NTLM authentication using GnuTLS
    * CURLOPT_FTP_CREATE_MISSING_DIRS can now be set to 2 to retry
      the CWD even when MKD fails
    * GnuTLS initing moved to curl_global_init()
    * CURLAUTH_DIGEST_IE bit added for CURLOPT_HTTPAUTH and
      CURLOPT_PROXYAUTH
    * pkg-config can now show supported_protocols and
      supported_features
    * Added CURLOPT_CERTINFO and CURLINFO_CERTINFO
    * Added CURLOPT_POSTREDIR
    * Better detect HTTP 1.0 servers and don't do HTTP 1.1 requests
      on them
    * configure --disable-proxy disables proxy support
    * Added CURLOPT_USERNAME and CURLOPT_PASSWORD
    * --interface now works with IPv6 connections on glibc systems
    * Added CURLOPT_PROXYUSERNAME and CURLOPT_PROXYPASSWORD

Files

/usr/lib64/libcurl.so.4
/usr/lib64/libcurl.so.4.3.0


Generated by rpm2html 1.8.1

Fabrice Bellet, Sun Sep 15 23:39:26 2019