pool/curl
SHA256
4
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Accepting request 1099398 from home:pmonrealgonzalez:branches:devel:libraries:c_c++

Browse Source 
- Update to 8.2.0 [bsc#1213237, CVE-2023-32001]
  * Security fix:
    - CVE-2023-32001: fopen race condition
  * Changes:
    - curl: add --ca-native and --proxy-ca-native
    - curl: add --trace-ids
    - CURLOPT_MAIL_RCPT_ALLOWFAILS: replace CURLOPT_MAIL_RCPT_ALLLOWFAILS
    - haproxy: add --haproxy-clientip flag to set client IPs
    - lib: add CURLINFO_CONN_ID and CURLINFO_XFER_ID 
  * Bugfixes:
    - cf-socket: don't bypass fclosesocket callback if cancelled before connect
    - cf-socket: skip getpeername()/getsockname for TFTP
    - curl: count uploaded data to stop at the originally given size
    - curl: return error when asked to use an unsupported HTTP version
    - http2: fix crash in handling stream weights
    - http2: send HEADER & DATA together if possible
    - http3/ngtcp2: upload EAGAIN handling
    - http: rectify the outgoing Cookie: header field size check
    - hyper: fix EOF handling on input
    - imap: Provide method to disable SASL if it is advertised
    - libssh2: provide error message when setting host key type fails
    - libssh2: use custom memory functions
    - ngtcp2: assigning timeout, but value is overwritten before used
    - quiche: avoid NULL deref in debug logging
    - sectransp: fix EOF handling
    - system.h: remove __IBMC__/__IBMCPP__ guards and apply to all z/OS compiles
    - timeval: use CLOCK_MONOTONIC_RAW if available
    - tls13-ciphers.d: include Schannel
    - tool_easysrc.h: correct `easysrc_perform` for `CURL_DISABLE_LIBCURL_OPTION`
    - tool_operate: allow cookie lines up to 8200 bytes

OBS-URL: https://build.opensuse.org/request/show/1099398
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/curl?expand=0&rev=340
This commit is contained in:
Pedro Monreal Gonzalez 2023-07-19 07:19:58 +00:00 committed by Git OBS Bridge
parent a23bbbdc87
commit 4425a855f3
6 changed files with 57 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
curl-8.1.2.tar.xz
View File

@ -1,3 +0,0 @@
version https://git-lfs.github.com/spec/v1
oid sha256:31b1118eb8bfd43cd95d9a3f146f814ff874f6ed3999b29d94f4d1e7dbac5ef6
size 2612652

11
curl-8.1.2.tar.xz.asc
View File

@ -1,11 +0,0 @@
-----BEGIN PGP SIGNATURE-----
iQEzBAABCgAdFiEEJ+3q8i86vOtQ25oSXMkI/bceEsIFAmR1lPcACgkQXMkI/bce
EsJGYwgAiXV3rNFy+en5GoRNCagvnVaC4ngY9lOPpqHu9piNfd4JjGowqj0mkAiq
iNvr020y1xcS7XvLwRviTjSit7pE+5EKhDZDsz1HeHjV7MQapSx5yjvLo6Wvi1UF
81CSgXvgAa+hMlxvk6AMZqLK5uVTO4UhFONr+hm3Asv/yN3U+NJ4XsEa0dn8HTnc
NzICrr2WzjlGCLn8NfLtVXgjydYcVaRCWPkyW/YgJghVV3LZwr0MA79pcwaOixhv
C34xZ3ABboJDGrQlqLXBolG9mIZGj1i3brwerGbtA41Z3KSO1QoV/PSnhJuinAiR
5cuw0QDKYu51p12B8HroFo0TT7/8Mw==
=BHtS
-----END PGP SIGNATURE-----

BIN
curl-8.2.0.tar.xz (Stored with Git LFS) Normal file
View File

Binary file not shown.

11
curl-8.2.0.tar.xz.asc Normal file
View File

@ -0,0 +1,11 @@
-----BEGIN PGP SIGNATURE-----
iQEzBAABCgAdFiEEJ+3q8i86vOtQ25oSXMkI/bceEsIFAmS3f48ACgkQXMkI/bce
EsLutggAkV3mfshVBQ4K75UFad49V+hpSzhFs3Rn1Eo+jxmKOXlIOcfFKQsD/HsY
GjhuRzirCUyYFYS6TosOupXUwUjKDhpQMuZYEeVgQPko3Yhs4ADdhC9vdXYP/Ffy
uoLbtBURdHIT4HydNu2hXObCAgyT0A4EV2dotjXiVvjuSqpEaFjR/KBItPx+QbQM
1XytThaZXnncV/Frp6qrBaqtsXwviC/i4HKhrF51opEDFD5l0yWl3FHvt38RAL+X
pGi/ktVtZPj1dLY29svQUEafGPgomOi1hwRFCqmBsa/Lvy6Ybbp1vAKEzhhepq1t
rHW6X/xY2wnczIYWaotBuHCH7NEPDg==
=4SoD
-----END PGP SIGNATURE-----

42
curl.changes
View File

@ -1,3 +1,45 @@
-------------------------------------------------------------------
Wed Jul 19 06:22:14 UTC 2023 - Pedro Monreal <pmonreal@suse.com>
- Update to 8.2.0 [bsc#1213237, CVE-2023-32001]
* Security fix:
- CVE-2023-32001: fopen race condition
* Changes:
- curl: add --ca-native and --proxy-ca-native
- curl: add --trace-ids
- CURLOPT_MAIL_RCPT_ALLOWFAILS: replace CURLOPT_MAIL_RCPT_ALLLOWFAILS
- haproxy: add --haproxy-clientip flag to set client IPs
- lib: add CURLINFO_CONN_ID and CURLINFO_XFER_ID
* Bugfixes:
- cf-socket: don't bypass fclosesocket callback if cancelled before connect
- cf-socket: skip getpeername()/getsockname for TFTP
- curl: count uploaded data to stop at the originally given size
- curl: return error when asked to use an unsupported HTTP version
- http2: fix crash in handling stream weights
- http2: send HEADER & DATA together if possible
- http3/ngtcp2: upload EAGAIN handling
- http: rectify the outgoing Cookie: header field size check
- hyper: fix EOF handling on input
- imap: Provide method to disable SASL if it is advertised
- libssh2: provide error message when setting host key type fails
- libssh2: use custom memory functions
- ngtcp2: assigning timeout, but value is overwritten before used
- quiche: avoid NULL deref in debug logging
- sectransp: fix EOF handling
- system.h: remove __IBMC__/__IBMCPP__ guards and apply to all z/OS compiles
- timeval: use CLOCK_MONOTONIC_RAW if available
- tls13-ciphers.d: include Schannel
- tool_easysrc.h: correct `easysrc_perform` for `CURL_DISABLE_LIBCURL_OPTION`
- tool_operate: allow cookie lines up to 8200 bytes
- tool_parsecfg: accept line lengths up to 10M
- tool_writeout_json: fix encoding of control characters
- transfer: clear credentials when redirecting to absolute URL
- urlapi: have *set(PATH) prepend a slash if one is missing
- urlapi: scheme must start with alpha
- vtls: avoid memory leak if sha256 call fails
- websocket-cb: example doing WebSocket download using callback
- ws: make the curl_ws_meta() return pointer a const
-------------------------------------------------------------------
Tue May 30 09:08:35 UTC 2023 - Pedro Monreal <pmonreal@suse.com>

2
curl.spec
View File

@ -21,7 +21,7 @@
# need ssl always for python-pycurl
%bcond_without openssl
Name: curl
Version: 8.1.2
Version: 8.2.0
Release: 0
Summary: A Tool for Transferring Data from URLs
License: curl