Accepting request 535940 from home:pmonrealgonzalez:branches:devel:libraries:c_c++

- Update to version 7.56.1 [bsc#1063824]
  Bugfixes:
   * imap: if a FETCH response has no size, don't call write
     callback [CVE-2017-1000257]
   * ftp: UBsan fixup 'pointer index expression overflowed
   * failf: skip the sprintf() if there are no consumers
   * fuzzer: move to using external curl-fuzzer
   * lib/Makefile.m32: allow customizing dll suffixes
   * docs: fix typo in curl_mime_data_cb man page
   * darwinssl: add support for TLSv1.3
   * build: fix --disable-crypto-auth
   * openssl: fix build without HAVE_OPAQUE_EVP_PKEY
   * strtoofft: Remove extraneous null check
   * multi_cleanup: call DONE on handles that never got that
   * tests: added flaky keyword to tests 587 and 644
   * pingpong: return error when trying to send without connection
   * remove_handle: call multi_done() first, then clear dns cache pointer
   * mime: be tolerant about setting the same header list twice in a part
   * mime: improve unbinding top multipart from easy handle
   * mime: avoid resetting a part's encoder when part's contents change
   * mime: refuse to add subparts to one of their own descendants
   * RTSP: avoid integer overflow on funny RTSP responses
   * curl: don't pass semicolons when parsing Content-Disposition
   * openssl: enable PKCS12 support for !BoringSSL
   * FAQ: s/CURLOPT_PROGRESSFUNCTION/CURLOPT_XFERINFOFUNCTION
   * CURLOPT_NOPROGRESS.3: also refer to xferinfofunction
   * CURLOPT_XFERINFODATA.3: fix duplicate see also
   * test298: verify --ftp-method nowcwd with URL encoded path
   * FTP: URL decode path for dir listing in nocwd mode
   * smtp_done: fix memory leak on send failure

OBS-URL: https://build.opensuse.org/request/show/535940
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/curl?expand=0&rev=208

curl-7.56.0.tar.gz

@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:f1bc17a7e5662dbd8d4029750a6dbdb72a55cf95826a270ab388b05075526104
-size 3827372

curl-7.56.0.tar.gz.asc

@@ -1,11 +0,0 @@
------BEGIN PGP SIGNATURE-----
-
-iQEzBAABCgAdFiEEJ+3q8i86vOtQ25oSXMkI/bceEsIFAlnUd8MACgkQXMkI/bce
-EsJMKQf+OEjS8Ai0Ml0gzaEfCGhneffJ5aXsRkloNCulNtpbfBghph2UF3uPmkiW
-vcaAKC2/xLUFAfR1dvm62zE7/IBq9qd51Xh96GpA6HfraZuFNOJyWdYqxq+IprzL
-M3DNLYFdC9AekOQ/ufmPMvq7CU+5/3ZA3vNA5NbvwgaOf9Oc6fnshsykYm+tnIjv
-/yWdFn05k4zQ/b/co8UNzm3m3YaScy/O5/8N5d5KzkIt/iWAezBmNh7BBsY6A/7a
-NTYJdTD3Rc5TsOiMV9gQuoaTIeo2nGRQJmmxWM5IS1jjTt0ywM/6+lhu1kcm8Rgs
-rNuXMzVjGRCqf2iN0VETWub2mgUqCA==
-=m6aC
------END PGP SIGNATURE-----

curl-7.56.1.tar.gz

@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:961a25531d72a843dfcce87b290e7a882f2d376f3b88de11df009710019c5b16
+size 3799766

curl-7.56.1.tar.gz.asc

@@ -0,0 +1,11 @@
+-----BEGIN PGP SIGNATURE-----
+
+iQEzBAABCgAdFiEEJ+3q8i86vOtQ25oSXMkI/bceEsIFAlnthGYACgkQXMkI/bce
+EsKH3gf/eexCXdgvW+LQELcw/up7deEp4R+BLQ17pekTgbJkUpTHjWS3n5QjlEFP
+ymUmNBKcqqWTo05wPb+yuNpwMkg5nwEzz/MB2oVGhAxnTysMfzY402pobh96Jowx
+FoXeJq9ihnq0yReEjPQb4hE/HptwaZHYk8rajH+zk+5WnXp+QieYTggqzL/Uv0WS
+HJqvF9jWJ3q+xqeMrg7l0fUbNdlraMsDw8UobDbNmBFoz8auj04a6lZcpWAWR0FN
+uanh2c5XZAwcbrxYqKTWZibaeoOyCmHkJ66kuyH138Ob6f8+lED/PRKBI/QRDYLS
+YG/2ky2u925JwLdeUYaCHOjD84yWBQ==
+=X+B1
+-----END PGP SIGNATURE-----

curl-mini.changes

@@ -1,3 +1,58 @@
+-------------------------------------------------------------------
+Mon Oct 23 09:12:11 UTC 2017 - pmonrealgonzalez@suse.com
+
+- Update to version 7.56.1 [bsc#1063824]
+  Bugfixes:
+   * imap: if a FETCH response has no size, don't call write
+     callback [CVE-2017-1000257]
+   * ftp: UBsan fixup 'pointer index expression overflowed
+   * failf: skip the sprintf() if there are no consumers
+   * fuzzer: move to using external curl-fuzzer
+   * lib/Makefile.m32: allow customizing dll suffixes
+   * docs: fix typo in curl_mime_data_cb man page
+   * darwinssl: add support for TLSv1.3
+   * build: fix --disable-crypto-auth
+   * openssl: fix build without HAVE_OPAQUE_EVP_PKEY
+   * strtoofft: Remove extraneous null check
+   * multi_cleanup: call DONE on handles that never got that
+   * tests: added flaky keyword to tests 587 and 644
+   * pingpong: return error when trying to send without connection
+   * remove_handle: call multi_done() first, then clear dns cache pointer
+   * mime: be tolerant about setting the same header list twice in a part
+   * mime: improve unbinding top multipart from easy handle
+   * mime: avoid resetting a part's encoder when part's contents change
+   * mime: refuse to add subparts to one of their own descendants
+   * RTSP: avoid integer overflow on funny RTSP responses
+   * curl: don't pass semicolons when parsing Content-Disposition
+   * openssl: enable PKCS12 support for !BoringSSL
+   * FAQ: s/CURLOPT_PROGRESSFUNCTION/CURLOPT_XFERINFOFUNCTION
+   * CURLOPT_NOPROGRESS.3: also refer to xferinfofunction
+   * CURLOPT_XFERINFODATA.3: fix duplicate see also
+   * test298: verify --ftp-method nowcwd with URL encoded path
+   * FTP: URL decode path for dir listing in nocwd mode
+   * smtp_done: fix memory leak on send failure
+   * ftpserver: support case insensitive commands
+   * test950; verify SMTP with custom request
+   * openssl: don't use old BORINGSSL_YYYYMM macros
+   * setopt: update current connection SSL verify params
+   * curl: reimplement stdin buffering in -F option
+   * mime: keep "text/plain" content type if user-specified
+   * mime: fix the content reader to handle >16K data properly
+   * configure: remove the C++ compiler check
+   * memdebug: trace send, recv and socket
+   * runtests: use valgrind for torture as well
+   * ldap: silence clang warning
+   * makefile.m32: allow to override gcc, ar and ranlib
+   * setopt: avoid integer overflows when setting millsecond values
+   * setopt: range check most long options
+   * ftp: reject illegal IP/port in PASV 227 response
+   * mime: do not reuse previously computed multipart size
+   * vtls: change struct Curl_ssl `close' field name to `close_one'
+   * os400: add missing symbols in config file
+   * mime: limit bas64-encoded lines length to 76 characters
+   * mk-ca-bundle: Remove URL for aurora
+   * mk-ca-bundle: Fix URL for NSS
+
 -------------------------------------------------------------------
 Thu Oct  5 16:15:04 UTC 2017 - pmonrealgonzalez@suse.com
 

curl-mini.spec

@@ -32,7 +32,7 @@
 %endif
 
 Name:           curl-mini
-Version:        7.56.0
+Version:        7.56.1
 Release:        0
 Summary:        A Tool for Transferring Data from URLs
 License:        curl

curl.changes

@@ -1,3 +1,58 @@
+-------------------------------------------------------------------
+Mon Oct 23 09:12:11 UTC 2017 - pmonrealgonzalez@suse.com
+
+- Update to version 7.56.1 [bsc#1063824]
+  Bugfixes:
+   * imap: if a FETCH response has no size, don't call write
+     callback [CVE-2017-1000257]
+   * ftp: UBsan fixup 'pointer index expression overflowed
+   * failf: skip the sprintf() if there are no consumers
+   * fuzzer: move to using external curl-fuzzer
+   * lib/Makefile.m32: allow customizing dll suffixes
+   * docs: fix typo in curl_mime_data_cb man page
+   * darwinssl: add support for TLSv1.3
+   * build: fix --disable-crypto-auth
+   * openssl: fix build without HAVE_OPAQUE_EVP_PKEY
+   * strtoofft: Remove extraneous null check
+   * multi_cleanup: call DONE on handles that never got that
+   * tests: added flaky keyword to tests 587 and 644
+   * pingpong: return error when trying to send without connection
+   * remove_handle: call multi_done() first, then clear dns cache pointer
+   * mime: be tolerant about setting the same header list twice in a part
+   * mime: improve unbinding top multipart from easy handle
+   * mime: avoid resetting a part's encoder when part's contents change
+   * mime: refuse to add subparts to one of their own descendants
+   * RTSP: avoid integer overflow on funny RTSP responses
+   * curl: don't pass semicolons when parsing Content-Disposition
+   * openssl: enable PKCS12 support for !BoringSSL
+   * FAQ: s/CURLOPT_PROGRESSFUNCTION/CURLOPT_XFERINFOFUNCTION
+   * CURLOPT_NOPROGRESS.3: also refer to xferinfofunction
+   * CURLOPT_XFERINFODATA.3: fix duplicate see also
+   * test298: verify --ftp-method nowcwd with URL encoded path
+   * FTP: URL decode path for dir listing in nocwd mode
+   * smtp_done: fix memory leak on send failure
+   * ftpserver: support case insensitive commands
+   * test950; verify SMTP with custom request
+   * openssl: don't use old BORINGSSL_YYYYMM macros
+   * setopt: update current connection SSL verify params
+   * curl: reimplement stdin buffering in -F option
+   * mime: keep "text/plain" content type if user-specified
+   * mime: fix the content reader to handle >16K data properly
+   * configure: remove the C++ compiler check
+   * memdebug: trace send, recv and socket
+   * runtests: use valgrind for torture as well
+   * ldap: silence clang warning
+   * makefile.m32: allow to override gcc, ar and ranlib
+   * setopt: avoid integer overflows when setting millsecond values
+   * setopt: range check most long options
+   * ftp: reject illegal IP/port in PASV 227 response
+   * mime: do not reuse previously computed multipart size
+   * vtls: change struct Curl_ssl `close' field name to `close_one'
+   * os400: add missing symbols in config file
+   * mime: limit bas64-encoded lines length to 76 characters
+   * mk-ca-bundle: Remove URL for aurora
+   * mk-ca-bundle: Fix URL for NSS
+
 -------------------------------------------------------------------
 Thu Oct  5 16:15:04 UTC 2017 - pmonrealgonzalez@suse.com
 

curl.spec

@@ -30,7 +30,7 @@
 %endif
 
 Name:           curl
-Version:        7.56.0
+Version:        7.56.1
 Release:        0
 Summary:        A Tool for Transferring Data from URLs
 License:        curl