[El-errata] ELSA-2019-1880 Low: Oracle Linux 7 curl security and bug fix update (aarch64)
Errata Announcements for Oracle Linux
el-errata at oss.oracle.com
Tue Jul 30 19:21:47 PDT 2019
Oracle Linux Security Advisory ELSA-2019-1880
http://linux.oracle.com/errata/ELSA-2019-1880.html
The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:
aarch64:
curl-7.29.0-51.0.1.el7_6.3.aarch64.rpm
libcurl-7.29.0-51.0.1.el7_6.3.aarch64.rpm
libcurl-devel-7.29.0-51.0.1.el7_6.3.aarch64.rpm
SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/curl-7.29.0-51.0.1.el7_6.3.src.rpm
Description of changes:
[7.29.0-51.0.1.el7_6.3]
- Security Fixes [OraBug: 28939992]
- CVE-2016-8615 cookie injection for other servers
(https://curl.haxx.se/docs/CVE-2016-8615.html)
- CVE-2016-8616 case insensitive password comparison
(https://curl.haxx.se/docs/CVE-2016-8616.html)
- CVE-2016-8617 OOB write via unchecked multiplication
(https://curl.haxx.se/docs/CVE-2016-8617.html)
- CVE-2016-8618 double-free in curl_maprintf
(https://curl.haxx.se/docs/CVE-2016-8618.html)
- CVE-2016-8619 double-free in krb5 code
(https://curl.haxx.se/docs/CVE-2016-8619.html)
- CVE-2016-8621 curl_getdate read out of bounds
(https://curl.haxx.se/docs/CVE-2016-8621.html)
- CVE-2016-8622 URL unescape heap overflow via integer truncation
(https://curl.haxx.se/docs/CVE-2016-8622.html)
- CVE-2016-8623 Use-after-free via shared cookies
(https://curl.haxx.se/docs/CVE-2016-8623.html)
- CVE-2016-8624 invalid URL parsing with #
(https://curl.haxx.se/docs/CVE-2016-8624.html)
[7.29.0-51.el7_6.3]
- fix NTLM password overflow via integer overflow (CVE-2018-14618)
[7.29.0-51.el7_6.2]
- prevent curl --rate-limit from crashing on https URLs (#1683292)
[7.29.0-51.el7_6.1]
- prevent curl --rate-limit from hanging on file URLs (#1281969)
[7.29.0-51]
- require a new enough version of nss-pem to avoid regression in yum
(#1610998)
[7.29.0-50]
- remove dead code, detected by Coverity Analysis
- remove unused variable, detected by GCC and Clang
[7.29.0-49]
- make curl --speed-limit work with TFTP (#1584750)
[7.29.0-48]
- fix RTSP bad headers buffer over-read (CVE-2018-1000301)
- fix FTP path trickery leads to NIL byte out of bounds write
(CVE-2018-1000120)
- fix LDAP NULL pointer dereference (CVE-2018-1000121)
- fix RTSP RTP buffer over-read (CVE-2018-1000122)
- http: prevent custom Authorization headers in redirects (CVE-2018-1000007)
- doc: --tlsauthtype works only if built with TLS-SRP support (#1542256)
- update certificates in the test-suite because they expire soon (#1572723)
[7.29.0-47]
- make NSS deallocate PKCS #11 objects early enough (#1510247)
[7.29.0-46]
- reset authentication state when HTTP transfer is done (#1511523)
[7.29.0-45]
- fix buffer overflow while processing IMAP FETCH response
(CVE-2017-1000257)
[7.29.0-44]
- drop 0109-curl-7.29.0-crl-valgrind.patch no longer needed (#1427883)
[7.29.0-43]
- curl --socks5-{basic,gssapi}: control socks5 auth (#1409208)
- nss: fix a memory leak when CURLOPT_CRLFILE is used (#1427883)
- nss: do not leak PKCS #11 slot while loading a key (#1444860)
- nss: fix a possible use-after-free in SelectClientCert() (#1473158)
[7.29.0-42]
- fix use of uninitialized variable detected by Covscan
[7.29.0-41]
- make FTPS work with --proxytunnel (#1420327)
[7.29.0-40]
- make FTPS work with --proxytunnel (#1420327)
[7.29.0-39]
- work around race condition in PK11_FindSlotByName() in NSS (#1404815)
[7.29.0-38]
- make FTPS work with --proxytunnel (#1420327)
[7.29.0-37]
- fix tight loop in non-blocking TLS handhsake over proxy (#1388162)
- handle cookies with numerical IPv6 address (#1341503)
- make libcurl recognize chacha20-poly1305 and SHA384 cipher-suites
(#1374740)
- curl -E: allow to escape ':' in cert nickname (#1376062)
- run automake in %prep to avoid patching Makefile.in files from now on
[7.29.0-36]
- reject negative string lengths in curl_easy_[un]escape() (CVE-2016-7167)
[7.29.0-35]
- fix incorrect use of a previously loaded certificate from file
(related to CVE-2016-5420)
[7.29.0-34]
- acknowledge the --no-sessionid/CURLOPT_SSL_SESSIONID_CACHE option
(required by the fix for CVE-2016-5419)
[7.29.0-33]
- fix re-using connections with wrong client cert (CVE-2016-5420)
- fix TLS session resumption client cert bypass (CVE-2016-5419)
[7.29.0-32]
- configure: improve detection of GCC's -fvisibility= flag
[7.29.0-31]
- prevent curl_multi_wait() from missing an event (#1347904)
[7.29.0-30]
- curl.1: --disable-{eprt,epsv} are ignored for IPv6 hosts (#1305974)
[7.29.0-29]
- SSH: make CURLOPT_SSH_PUBLIC_KEYFILE treat "" as NULL (#1275769)
[7.29.0-28]
- prevent NSS from incorrectly re-using a session (#1269855)
- call PR_Cleanup() in the upstream test-suite if NSPR is used (#1243324)
- disable unreliable upstream test-case 2032 (#1241168)
[7.29.0-27]
- SSH: do not require public key file for user authentication (#1275769)
[7.29.0-26]
- implement 'curl --unix-socket' and CURLOPT_UNIX_SOCKET_PATH (#1263318)
- improve parsing of URL-encoded user name and password (#1260178)
- prevent test46 from failing due to expired cookie (#1258834)
[7.29.0-25]
- fix spurious failure of test 1500 on ppc64le (#1218272)
[7.29.0-24]
- use the default min/max TLS version provided by NSS (#1170339)
- improve handling of timeouts and blocking direction to speed up FTP
(#1218272)
[7.29.0-23]
- require credentials to match for NTLM re-use (CVE-2015-3143)
- close Negotiate connections when done (CVE-2015-3148)
[7.29.0-22]
- reject CRLFs in URLs passed to proxy (CVE-2014-8150)
[7.29.0-21]
- use only full matches for hosts used as IP address in cookies
(CVE-2014-3613)
- fix handling of CURLOPT_COPYPOSTFIELDS in curl_easy_duphandle
(CVE-2014-3707)
[7.29.0-20]
- eliminate unnecessary delay when resolving host from /etc/hosts (#1130239)
- allow to enable/disable new AES cipher-suites (#1066065)
- call PR_Cleanup() on curl tool exit if NSPR is used (#1071254)
- implement non-blocking TLS handshake (#1091429)
- fix limited connection re-use for unencrypted HTTP (#1101092)
- disable libcurl-level downgrade to SSLv3 (#1154060)
- include response headers added by proxy in CURLINFO_HEADER_SIZE (#1161182)
- ignore CURLOPT_FORBID_REUSE during NTLM HTTP auth (#1166264)
[7.29.0-19]
- fix connection re-use when using different log-in credentials
(CVE-2014-0138)
[7.29.0-18]
- add all perl build requirements for the test suite, in a portable way
[7.29.0-17]
- fix documentation of curl's options --tlsv1.[0-2] (#1066364)
[7.29.0-16]
- allow to use TLS > 1.0 if built against recent NSS (#1036789)
- use proxy name in error message when proxy is used (#1042831)
- refresh expired cookie in test172 from upstream test-suite (#1063693)
[7.29.0-15]
- allow to use ECC ciphers if NSS implements them (#1058776)
- re-use of wrong HTTP NTLM connection in libcurl (CVE-2014-0015)
[7.29.0-14]
- Mass rebuild 2014-01-24
[7.29.0-13]
- Mass rebuild 2013-12-27
[7.29.0-12]
- do not limit the speed of SCP upload on a fast connection (#1014928)
[7.29.0-11]
- avoid delay if FTP is aborted in CURLOPT_HEADERFUNCTION callback
(#1005686)
[7.29.0-10]
- avoid a busy-loop in curl_easy_perform()
[7.29.0-9]
- FTP: when EPSV gets a 229 but fails to connect, retry with PASV (#1002815)
[7.29.0-8]
- mention all option listed in 'curl --help' in curl.1 man page
[7.29.0-7]
- fix heap-based buffer overflow in curl_easy_unescape() (CVE-2013-2174)
[7.29.0-6]
- prevent an artificial timeout event due to stale speed-check data
(#906031)
- show proper host name on failed resolve (#957173)
[7.29.0-5]
- fix cookie tailmatching to prevent cross-domain leakage (CVE-2013-1944)
[7.29.0-4]
- do not ignore poll() failures other than EINTR (#919127)
- curl_global_init() now accepts the CURL_GLOBAL_ACK_EINTR flag (#919127)
[7.29.0-3]
- switch SSL socket into non-blocking mode after handshake (#960765)
- drop the hide_selinux.c hack no longer needed in %check
[7.29.0-2]
- fix a SIGSEGV when closing an unused multi handle (#914411)
[7.29.0-1]
- new upstream release (fixes CVE-2013-0249)
[7.28.1-3]
- require valgrind for build only on i386 and x86_64 (#886891)
[7.28.1-2]
- prevent NSS from crashing on client auth hook failure
- clear session cache if a client cert from file is used
- fix error messages for CURLE_SSL_{CACERT,CRL}_BADFILE
[7.28.1-1]
- new upstream release
[7.28.0-1]
- new upstream release
[7.27.0-3]
- use the upstream facility to disable problematic tests
- do not crash if MD5 fingerprint is not provided by libssh2
[7.27.0-2]
- eliminate unnecessary inotify events on upload via file protocol (#844385)
[7.27.0-1]
- new upstream release
[7.26.0-6]
- print reason phrase from HTTP status line on error (#676596)
[7.26.0-5]
- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
[7.26.0-4]
- fix duplicated SSL handshake with multi interface and proxy (#788526)
[7.26.0-3]
- disable test 1319 on ppc64, server times out
[7.26.0-2]
- use human-readable error messages provided by NSS (upstream commit
72f4b534)
[7.26.0-1]
- new upstream release
[7.25.0-3]
- valgrind on ppc64 works fine, disable ppc32 only
[7.25.0-3]
- drop BR valgrind on PPC(64) until bugzilla #810992 gets fixed
[7.25.0-2]
- use NSS_InitContext() to initialize NSS if available (#738456)
- provide human-readable names for NSS errors (upstream commit a60edcc6)
[7.25.0-1]
- new upstream release (#806264)
- fix character encoding of docs with a patch rather than just iconv
- update debug and multilib patches
- don't use macros for commands
- reduce size of %prep output for readability
[7.24.0-1]
- new upstream release (fixes CVE-2012-0036)
[7.23.0-6]
- rebuild for gcc 4.7
[7.23.0-5]
- upstream patch that allows to run FTPS tests with nss-3.13 (#760060)
[7.23.0-4]
- allow to run FTPS tests with nss-3.13 (#760060)
[7.23.0-3]
- avoid unnecessary timeout event when waiting for 100-continue (#767490)
[7.23.0-2]
- curl -JO now uses -O name if no C-D header comes (upstream commit c532604)
[7.23.0-1]
- new upstream release (#754391)
[7.22.0-2]
- nss: select client certificates by DER (#733657)
[7.22.0-1]
- new upstream release
- curl-config now provides dummy --static-libs option (#733956)
[7.21.7-4]
- actually fix SIGSEGV of curl -O -J given more than one URL (#723075)
[7.21.7-3]
- fix SIGSEGV of curl -O -J given more than one URL (#723075)
- introduce the --delegation option of curl (#730444)
- initialize NSS with no database if the selected database is broken
(#728562)
[7.21.7-2]
- add a new option CURLOPT_GSSAPI_DELEGATION (#719939)
[7.21.7-1]
- new upstream release (fixes CVE-2011-2192)
[7.21.6-2]
- avoid an invalid timeout event on a reused handle (#679709)
[7.21.6-1]
- new upstream release
[7.21.5-2]
- fix the output of curl-config --version (upstream commit 82ecc85)
[7.21.5-1]
- new upstream release
[7.21.4-4]
- no valgrind on ARMv5 arches
[7.21.4-3]
- no valgrind on sparc arches
[7.21.4-2]
- do not ignore failure of SSL handshake (upstream commit 7aa2d10)
[7.21.4-1]
- new upstream release
- avoid memory leak on SSL connection failure (upstream commit a40f58d)
- work around valgrind bug (#678518)
[7.21.3-3]
- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
[7.21.3-2]
- build libcurl with --enable-hidden-symbols
[7.21.3-1]
- update to 7.21.3:
- added --noconfigure switch to testcurl.pl
- added --xattr option
- added CURLOPT_RESOLVE and --resolve
- added CURLAUTH_ONLY
- added version-check.pl to the examples dir
- check for libcurl features for some command line options
- Curl_setopt: disallow CURLOPT_USE_SSL without SSL support
- http_chunks: remove debug output
- URL-parsing: consider ? a divider
- SSH: avoid using the libssh2_ prefix
- SSH: use libssh2_session_handshake() to work on win64
- ftp: prevent server from hanging on closed data connection when stopping
a transfer before the end of the full transfer (ranges)
- LDAP: detect non-binary attributes properly
- ftp: treat server's response 421 as CURLE_OPERATION_TIMEDOUT
- gnutls->handshake: improved timeout handling
- security: pass the right parameter to init
- krb5: use GSS_ERROR to check for error
- TFTP: resend the correct data
- configure: fix autoconf 2.68 warning: no AC_LANG_SOURCE call detected
- GnuTLS: now detects socket errors on Windows
- symbols-in-versions: updated en masse
- added a couple of examples that were missing from the tarball
- Curl_send/recv_plain: return errno on failure
- Curl_wait_for_resolv (for c-ares): correct timeout
- ossl_connect_common: detect connection re-use
- configure: prevent link errors with --librtmp
- openldap: use remote port in URL passed to ldap_init_fd()
- url: provide dead_connection flag in Curl_handler::disconnect
- lots of compiler warning fixes
- ssh: fix a download resume point calculation
- fix getinfo CURLINFO_LOCAL* for reused connections
- multi: the returned running handles counter could turn negative
- multi: only ever consider pipelining for connections doing HTTP(S)
- drop upstream patches now in tarball
- update bz650255 and disable-test1112 patches to apply against new codebase
- add workaround for false-positive glibc-detected buffer overflow in tftpd
test server with FORTIFY_SOURCE (similar to #515361)
[7.21.2-5]
- do not send QUIT to a dead FTP control connection (#650255)
- pull back glibc's implementation of str[n]casecmp(), #626470 appears fixed
[7.21.2-4]
- prevent FTP client from hanging on unrecognized ABOR response (#649347)
- return more appropriate error code in case FTP server session idle
timeout has exceeded (#650255)
[7.21.2-3]
- prevent FTP server from hanging on closed data connection (#643656)
[7.21.2-2]
- enforce versioned libssh2 dependency for libcurl (#642796)
[7.21.2-1]
- new upstream release, drop applied patches
- make 0102-curl-7.21.2-debug.patch less intrusive
* Wed Sep 29 2010 jkeating - 7.21.1-6
- Rebuilt for gcc bug 634757
[7.21.1-5]
- make it possible to run SCP/SFTP tests on x86_64 (#632914)
[7.21.1-4]
- work around glibc/valgrind problem on x86_64 (#631449)
[7.21.1-3]
- fix up patches so there's no need to run autotools in the rpm build
- drop buildreq automake
- drop dependency on automake for devel package from F-14, where
%{_datadir}/aclocal is included in the filesystem package
- drop dependency on pkgconfig for devel package from F-11, where
pkgconfig dependencies are auto-generated
[7.21.1-2]
- re-enable test575 on s390(x), already fixed (upstream commit d63bdba)
- modify system headers to work around gcc bug (#617757)
- curl -T now ignores file size of special files (#622520)
- fix kerberos proxy authentication for https (#625676)
- work around glibc/valgrind problem on x86_64 (#626470)
[7.21.1-1]
- new upstream release
[7.21.0-3]
- disable test 575 on s390(x)
[7.21.0-2]
- add support for NTLM authentication (#603783)
[7.21.0-1]
- new upstream release, drop applied patches
- update of %description
- disable valgrind for certain test-cases (libssh2 problem)
[7.20.1-6]
- fix -J/--remote-header-name to strip CR-LF (upstream patch)
[7.20.1-5]
- CRL support now works again (#581926)
- make it possible to start a testing OpenSSH server when building with
SELinux
in the enforcing mode (#521087)
[7.20.1-4]
- upstream patch preventing failure of test536 with threaded DNS resolver
- upstream patch preventing SSL handshake timeout underflow
[7.20.1-3]
- replace Rawhide s390-sleep patch with a more targeted patch adding a
delay after tests 513 and 514 rather than after all tests
[7.20.1-2]
- experimentally enabled threaded DNS lookup
- make curl-config multilib ready again (#584107)
[7.20.1-1]
- new upstream release
[7.20.0-4]
- add missing quote in libcurl.m4 (#576252)
[7.20.0-3]
- throw CURLE_SSL_CERTPROBLEM in case peer rejects a certificate (#565972)
- valgrind temporarily disabled (#574889)
- kerberos installation prefix has been changed
[7.20.0-2]
- exclude test1112 from the test suite (#565305)
[7.20.0-1]
- new upstream release - added support for IMAP(S), POP3(S), SMTP(S) and
RTSP
- dropped patches applied upstream
- dropped curl-7.16.0-privlibs.patch no longer useful
- a new patch forcing -lrt when linking the curl tool and test-cases
[7.19.7-11]
- upstream patch adding a new option -J/--remote-header-name
- dropped temporary workaround for #545779
[7.19.7-10]
- bump for libssh2 rebuild
[7.19.7-9]
- temporary workaround for #548269
(restored behavior of 7.19.7-4)
[7.19.7-8]
- replace hard wired port numbers in the test suite
[7.19.7-7]
- use different port numbers for 32bit and 64bit builds
- temporary workaround for #545779
[7.19.7-6]
- make it possible to run test241
- re-enable SCP/SFTP tests (#539444)
[7.19.7-5]
- avoid use of uninitialized value in lib/nss.c
- suppress failure of test513 on s390
[7.19.7-4]
- do not require valgrind on s390 and s390x
- temporarily disabled SCP/SFTP test-suite (#539444)
[7.19.7-3]
- fix crash on doubly closed NSPR descriptor, patch contributed
by Kevin Baughman (#534176)
- new version of patch for broken TLS servers (#525496, #527771)
[7.19.7-2]
- increased release number (CVS problem)
[7.19.7-1]
- new upstream release, dropped applied patches
- workaround for broken TLS servers (#525496, #527771)
[7.19.6-13]
- fix timeout issues and gcc warnings within lib/nss.c
[7.19.6-12]
- upstream patch for NSS support written by Guenter Knauf
[7.19.6-11]
- build libcurl with c-ares support (#514771)
[7.19.6-10]
- require libssh2>=1.2 properly (#525002)
[7.19.6-9]
- let curl test-suite use valgrind
- require libssh2>=1.2 (#525002)
[7.19.6-8]
- rebuild for libssh2 1.2
[7.19.6-7]
- make curl test-suite more verbose
[7.19.6-6]
- update polling patch to the latest upstream version
[7.19.6-5]
- cover ssh and stunnel support by the test-suite
[7.19.6-4]
- use pkg-config to find nss and libssh2 if possible
- better patch (not only) for SCP/SFTP polling
- improve error message for not matching common name (#516056)
[7.19.6-3]
- avoid tight loop during a sftp upload
- http://permalink.gmane.org/gmane.comp.web.curl.library/24744
[7.19.6-2]
- let curl package depend on the same version of libcurl
[7.19.6-1]
- new upstream release, dropped applied patches
- changed NSS code to not ignore the value of ssl.verifyhost and produce
more
verbose error messages (#516056)
[7.19.5-10]
- Use lzma compressed upstream tarball.
[7.19.5-9]
- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild
[7.19.5-8]
- do not pre-login to all PKCS11 slots, it causes problems with HW tokens
- try to select client certificate automatically when not specified, thanks
to Claes Jakobsson
[7.19.5-7]
- fix SIGSEGV when using NSS client certificates, thanks to Claes Jakobsson
[7.19.5-6]
- force test suite to use the just built libcurl, thanks to Paul Howarth
[7.19.5-5]
- run test suite after build
- enable built-in manual
[7.19.5-4]
- fix bug introduced by the last build (#504857)
[7.19.5-3]
- exclude curlbuild.h content from spec (#504857)
[7.19.5-2]
- avoid unguarded comparison in the spec file, thanks to R P Herrold
(#504857)
[7.19.5-1]
- update to 7.19.5, dropped applied patches
[7.19.4-11]
- fix infinite loop while loading a private key, thanks to Michael
Cronenworth
(#453612)
[7.19.4-10]
- fix curl/nss memory leaks while using client certificate (#453612,
accepted
by upstream)
[7.19.4-9]
- add missing BuildRequire for autoconf
[7.19.4-8]
- fix configure.ac to not discard -g in CFLAGS (#496778)
[7.19.4-7]
- Fixed configure to respect the environment's CFLAGS and CPPFLAGS settings.
[7.19.4-6]
- upstream patch fixing memory leak in lib/nss.c (#453612)
- remove redundant dependency of libcurl-devel on libssh2-devel
[7.19.4-5]
- enable 6 additional crypto algorithms by default (#436781,
accepted by upstream)
[7.19.4-4]
- fix memory leak in src/main.c (accepted by upstream)
- avoid using %ifarch
[7.19.4-3]
- make libcurl-devel multilib-ready (bug #488922)
[7.19.4-2]
- drop .easy-leak patch, causes problems in pycurl (#488791)
- fix libcurl-devel dependencies (#488895)
[7.19.4-1]
- update to 7.19.4 (fixes CVE-2009-0037)
- fix leak in curl_easy* functions, thanks to Kamil Dudka
- drop nss-fix patch, applied upstream
[7.19.3-2]
- Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild
[7.19.3-1]
- update to 7.19.3, dropped applied nss patches
- add patch fixing 7.19.3 curl/nss bugs
[7.18.2-9]
- rebuild for f10/rawhide cvs tag clashes
[7.18.2-8]
- use improved NSS patch, thanks to Rob Crittenden (#472489)
[7.18.2-7]
- update the thread safety patch, thanks to Rob Crittenden (#462217)
[7.18.2-6]
- add thread safety to libcurl NSS cleanup() functions (#459297)
[7.18.2-5]
- undo mini libcurl.so.3
[7.18.2-4]
- make miniature library for libcurl.so.3
[7.18.2-3]
- enable support for libssh2 (#453958)
[7.18.2-2]
- fix curl_multi_perform() over a proxy (#450140), thanks to
Rob Crittenden
[7.18.2-1]
- update to 7.18.2
[7.18.1-2]
- spec cleanup, thanks to Paul Howarth (#225671)
- drop BR: libtool
- convert CHANGES and README to UTF-8
- _GNU_SOURCE in CFLAGS is no more needed
- remove bogus rpath
[7.18.1-1]
- update to curl 7.18.1 (fixes #397911)
- add ABI docs for libcurl
- remove --static-libs from curl-config
- drop curl-config patch, obsoleted by @SSL_ENABLED@ autoconf
substitution (#432667)
[7.18.0-2]
- define _GNU_SOURCE so that NI_MAXHOST gets defined from glibc
[7.18.0-1]
- update to curl-7.18.0
- drop sslgen patch -> applied upstream
- fix typo in description
[7.17.1-6]
- fix curl-devel obsoletes so that we don't break F8->F9 upgrade
path (#429612)
[7.17.1-5]
- do not attempt to close a bad socket (#427966),
thanks to Caolan McNamara
[7.17.1-4]
- rebuild because of the openldap soname bump
- remove old nsspem patch
[7.17.1-3]
- drop useless ldap library detection since curl doesn't
dlopen()s it but links to it -> BR: openldap-devel
- enable LDAPS support (#225671), thanks to Paul Howarth
- BR: krb5-devel to reenable GSSAPI support
- simplify build process
- update description
[7.17.1-2]
- update description to contain complete supported servers list (#393861)
[7.17.1-1]
- update to curl 7.17.1
- include patch to enable SSL usage in NSS when a socket is opened
nonblocking, thanks to Rob Crittenden (rcritten at redhat.com)
[7.16.4-10]
- correctly provide/obsolete curl-devel (#130251)
[7.16.4-9]
- create libcurl and libcurl-devel subpackages (#130251)
[7.16.4-8]
- list features correctly when curl is compiled against NSS (#316191)
[7.16.4-7]
- add zlib-devel BR to enable gzip compressed transfers in curl (#292211)
[7.16.4-6]
- provide webclient (#225671)
[7.16.4-5]
- add support for the NSS PKCS#11 pem reader so the command-line is the
same for both OpenSSL and NSS by Rob Crittenden (rcritten at redhat.com)
- switch to NSS again
[7.16.4-4]
- revert back to use OpenSSL (#266021)
[7.16.4-3]
- don't use openssl, use nss instead
[7.16.4-2]
- fix anonymous ftp login (#251570), thanks to David Cantrell
[7.16.4-1]
- update to 7.16.4
[7.16.3-1]
- update to 7.16.3
- drop .print patch, applied upstream
- next series of merge review fixes by Paul Howarth
- remove aclocal stuff, no more needed
- simplify makefile arguments
- don't reference standard library paths in libcurl.pc
- include docs/CONTRIBUTE
[7.16.2-5]
- don't print like crazy (#236981), backported from upstream CVS
[7.16.2-4]
- another series of review fixes (#225671),
thanks to Paul Howarth
- check version of ldap library automatically
- don't use %makeinstall and preserve timestamps
- drop useless patches
[7.16.2-3]
- add automake BR to curl-devel to fix aclocal dir. ownership,
thanks to Patrice Dumas
[7.16.2-2]
- package libcurl.m4 in curl-devel (#239664), thanks to Quy Tonthat
[7.16.2-1]
- update to 7.16.2
[7.16.1-3]
- don't create/ship static libraries (#225671)
[7.16.1-2]
- merge review related spec fixes (#225671)
[7.16.1-1]
- update to 7.16.1
[7.16.0-5]
- don't package generated makefiles for docs/examples to avoid
multilib conflicts
[7.16.0-4]
- convert spec to UTF-8
- don't delete BuildRoot in %prep phase
- rpmlint fixes
[-7.16.0-3]
- prevent curl from dlopen()ing missing ldap libraries so that
ldap:// requests work (#215928)
[7.16.0-2]
- fix BuildRoot
- add Requires: pkgconfig for curl-devel
- move LDFLAGS and LIBS to Libs.private in libcurl.pc.in (#213278)
[7.16.0-1]
- update to curl-7.16.0
[7.15.5-1.fc6]
- update to curl-7.15.5
- use %{?dist}
[7.15.4-1]
- update to 7.15.4
[7.15.3-1]
- fix multilib problem using pkg-config
- update to 7.15.3
[7.15.1-2]
- fix multilib problem - #181290 -
curl-devel.i386 not installable together with curl-devel.x86-64
[7.15.1-1.2.1]
- bump again for double-long bug on ppc(64)
[7.15.1-1.2]
- rebuilt for new gcc4.1 snapshot and glibc changes
* Fri Dec 09 2005 Jesse Keating <jkeating at redhat.com>
- rebuilt
[7.15.1-1]
- update to 7.15.1 (bug 175191)
[7.15.0-3]
- fix curl-config bug 174556 - missing vernum value
[7.15.0-2]
- rebuilt
[7.15.0-1]
- update to 7.15.0
[7.14.1-1]
- update to 7.14.1
[7.14.0-1]
- rebuild new version
[7.13.1-3]
- fix bug 150768 - curl-7.12.3-2 breaks basic authentication
used Daniel Stenberg patch
[7.13.1-2]
- update to use ca-bundle in /etc/pki
- mark License as MIT not MPL
[7.13.1-1]
- rebuilt (7.13.1)
[7.13.0-2]
- rebuild with openssl-0.9.7e
* Sun Feb 13 2005 Florian La Roche <laroche at redhat.com>
- 7.13.0
[7.12.3-3]
- don't pass /usr to --with-libidn to remove "-L/usr/lib" from
'curl-config --libs' output on x86_64.
[7.12.3-1]
- Upgrade to 7.12.3, which uses poll() for FDSETSIZE limit (#134794)
- require libidn-devel for devel subpkg (#141341)
- remove proftpd kludge; included upstream
[7.12.1-1]
- upgrade to 7.12.1
- enable GSSAPI auth (#129353)
- enable I18N domain names (#134595)
- workaround for broken ProFTPD SSL auth (#134133). Thanks to
Aleksandar Milivojevic
[7.12.0-4]
- move new docs position so defattr gets applied
[7.12.0-3]
- remove INSTALL, move libcurl docs to -devel
* Mon Jul 26 2004 Jindrich Novy <jnovy at redhat.com>
- updated to 7.12.0
- updated nousr patch
* Tue Jun 15 2004 Elliot Lee <sopwith at redhat.com>
- rebuilt
[7.11.1-1]
- upgraded; updated nousr patch
- added COPYING (#115956)
-
* Tue Mar 02 2004 Elliot Lee <sopwith at redhat.com>
- rebuilt
* Fri Feb 13 2004 Elliot Lee <sopwith at redhat.com>
- rebuilt
* Sat Jan 31 2004 Florian La Roche <Florian.LaRoche at redhat.de>
- update to 7.10.8
- remove patch2, already upstream
[7.10.6-7]
- aclocal before libtoolize
- move OpenLDAP license so it's present as a doc file, present in
both the source and binary as per conditions
[7.10.6-6]
- add OpenLDAP copyright notice for usage of code, add OpenLDAP
license for this code
[7.10.6-5]
- match serverAltName certs with SSL (#106168)
[7.10.6-4.1]
- bump n-v-r for RHEL
[7.10.6-4]
- restore ca cert bundle (#104400)
- require openssl, we want to use its ca-cert bundle
[7.10.6-3]
- rebuild
[7.10.6-2.2]
- fix to include libcurl.so
[7.10.6-2.1]
- bump n-v-r for RHEL
[7.10.6-2]
- devel subpkg needs openssl-devel as a Require (#102963)
[7.10.6-1]
- bumped version
[7.10.5-1]
- bumped version
* Wed Jun 04 2003 Elliot Lee <sopwith at redhat.com>
- rebuilt
* Sat Apr 12 2003 Florian La Roche <Florian.LaRoche at redhat.de>
- update to 7.10.4
- adapt nousr patch
* Wed Jan 22 2003 Tim Powers <timp at redhat.com>
- rebuilt
[7.9.8-4]
- don't add -L/usr/lib to 'curl-config --libs' output
[7.9.8-3]
- rebuild
[7.9.8-2]
- fix `curl-config --libs` output for libdir!=/usr/lib
- remove docs/LIBCURL from docs list; remove unpackaged libcurl.la
- libtoolize and reconf
[7.9.8-1]
- 7.9.8 (# 69473)
* Fri Jun 21 2002 Tim Powers <timp at redhat.com>
- automated rebuild
* Sun May 26 2002 Tim Powers <timp at redhat.com>
- automated rebuild
[7.9.7-1]
- 7.9.7
[7.9.6-1]
- 7.9.6
[7.9.5-2]
- Stop the curl-config script from printing -I/usr/include
and -L/usr/lib (#59497)
[7.9.5-1]
- 7.9.5
[7.9.3-2]
- Rebuild
[7.9.3-1]
- update to 7.9.3
[7.9.2-2]
- automated rebuild
[7.9.2-1]
- 7.9.2
* Fri Aug 17 2001 Nalin Dahyabhai <nalin at redhat.com>
- include curl-config in curl-devel
- update to 7.8 to fix memory leak and strlcat() symbol pollution from
libcurl
* Wed Jul 18 2001 Crutcher Dunnavant <crutcher at redhat.com>
- added openssl-devel build req
* Mon May 21 2001 Tim Powers <timp at redhat.com>
- built for the distro
* Tue Apr 24 2001 Jeff Johnson <jbj at redhat.com>
- upgrade to curl-7.7.2.
- enable IPv6.
* Fri Mar 02 2001 Tim Powers <timp at redhat.com>
- rebuilt against openssl-0.9.6-1
* Thu Jan 04 2001 Tim Powers <timp at redhat.com>
- fixed mising ldconfigs
- updated to 7.5.2, bug fixes
* Mon Dec 11 2000 Tim Powers <timp at redhat.com>
- updated to 7.5.1
* Mon Nov 06 2000 Tim Powers <timp at redhat.com>
- update to 7.4.1 to fix bug #20337, problems with curl -c
- not using patch anymore, it's included in the new source. Keeping
for reference
* Fri Oct 20 2000 Nalin Dahyabhai <nalin at redhat.com>
- fix bogus req in -devel package
* Fri Oct 20 2000 Tim Powers <timp at redhat.com>
- devel package needed defattr so that root owns the files
* Mon Oct 16 2000 Nalin Dahyabhai <nalin at redhat.com>
- update to 7.3
- apply vsprintf/vsnprintf patch from Colin Phipps via Debian
* Mon Aug 21 2000 Nalin Dahyabhai <nalin at redhat.com>
- enable SSL support
- fix packager tag
- move buildroot to %{_tmppath}
* Tue Aug 01 2000 Tim Powers <timp at redhat.com>
- fixed vendor tag for bug #15028
* Mon Jul 24 2000 Prospector <prospector at redhat.com>
- rebuilt
* Tue Jul 11 2000 Tim Powers <timp at redhat.com>
- workaround alpha build problems with optimizations
* Mon Jul 10 2000 Tim Powers <timp at redhat.com>
- rebuilt
* Mon Jun 05 2000 Tim Powers <timp at redhat.com>
- put man pages in correct place
- use %makeinstall
* Mon Apr 24 2000 Tim Powers <timp at redhat.com>
- updated to 6.5.2
* Wed Nov 03 1999 Tim Powers <timp at redhat.com>
- updated sources to 6.2
- gzip man page
* Mon Aug 30 1999 Tim Powers <timp at redhat.com>
- changed group
* Thu Aug 26 1999 Tim Powers <timp at redhat.com>
- changelog started
- general cleanups, changed prefix to /usr, added manpage to files section
- including in Powertools
More information about the El-errata
mailing list