pool/curl
SHA256
12
0
Fork 2
Code Issues Pull Requests Activity

Accepting request 1000420 from home:pmonrealgonzalez:branches:devel:libraries:c_c++

Browse Source 
- Update to 7.85.0:
  * Security fixes: [bsc#1202593, CVE-2022-35252]
    - control code in cookie denial of service
  * Changes:
    - quic: add support via wolfSSL
    - schannel: Add TLS 1.3 support
    - setopt: add CURLOPT_PROTOCOLS_STR and CURLOPT_REDIR_PROTOCOLS_STR
  * Bugfixes:
    - asyn-thread: fix socket leak on OOM
    - asyn-thread: make getaddrinfo_complete return CURLcode
    - base64: base64url encoding has no padding
    - configure: fix broken m4 syntax in TLS options
    - configure: if asked to use TLS, fail if no TLS lib was detected
    - connect: add quic connection information
    - connect: set socktype/protocol correctly
    - cookie: reject cookies with "control bytes"
    - cookie: treat a blank domain in Set-Cookie: as non-existing
    - curl: output warning when a cookie is dropped due to size
    - Curl_close: call Curl_resolver_cancel to avoid memory-leak
    - digest: fix memory leak, fix not quoted 'opaque'
    - digest: fix missing increment of 'nc' value for auth-int
    - digest: pass over leading spaces in qop values
    - digest: reject broken header with session protocol but without qop
    - doh: use https protocol by default
    - easy_lock.h: include sched.h if available to fix build
    - easy_lock.h: use __asm__ instead of asm to fix build
    - easy_lock: switch to using atomic_int instead of bool
    - ftp: use a correct expire ID for timer expiry
    - h2h3: fix overriding the 'TE: Trailers' header
    - hostip: resolve *.localhost to 127.0.0.1/::1

OBS-URL: https://build.opensuse.org/request/show/1000420
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/curl?expand=0&rev=317
This commit is contained in:
Pedro Monreal Gonzalez
2022-08-31 11:55:07 +00:00
committed by Git OBS Bridge
parent 2485d02a96
commit c9f82120ba
8 changed files with 100 additions and 71 deletions
Download Patch File Download Diff File Expand all files Collapse all files

60
curl.changes
View File

@@ -1,3 +1,63 @@
-------------------------------------------------------------------
Wed Aug 31 07:34:20 UTC 2022 - Pedro Monreal <pmonreal@suse.com>
- Update to 7.85.0:
* Security fixes: [bsc#1202593, CVE-2022-35252]
- control code in cookie denial of service
* Changes:
- quic: add support via wolfSSL
- schannel: Add TLS 1.3 support
- setopt: add CURLOPT_PROTOCOLS_STR and CURLOPT_REDIR_PROTOCOLS_STR
* Bugfixes:
- asyn-thread: fix socket leak on OOM
- asyn-thread: make getaddrinfo_complete return CURLcode
- base64: base64url encoding has no padding
- configure: fix broken m4 syntax in TLS options
- configure: if asked to use TLS, fail if no TLS lib was detected
- connect: add quic connection information
- connect: set socktype/protocol correctly
- cookie: reject cookies with "control bytes"
- cookie: treat a blank domain in Set-Cookie: as non-existing
- curl: output warning when a cookie is dropped due to size
- Curl_close: call Curl_resolver_cancel to avoid memory-leak
- digest: fix memory leak, fix not quoted 'opaque'
- digest: fix missing increment of 'nc' value for auth-int
- digest: pass over leading spaces in qop values
- digest: reject broken header with session protocol but without qop
- doh: use https protocol by default
- easy_lock.h: include sched.h if available to fix build
- easy_lock.h: use __asm__ instead of asm to fix build
- easy_lock: switch to using atomic_int instead of bool
- ftp: use a correct expire ID for timer expiry
- h2h3: fix overriding the 'TE: Trailers' header
- hostip: resolve *.localhost to 127.0.0.1/::1
- HTTP3.md: update to msh3 v0.4.0
- hyper: use wakers for curl pause/resume
- lib3026: reduce the number of threads to 100
- libssh2: make atime/mtime date overflow return error
- libssh2: provide symlink name in SFTP dir listing
- multi: have curl_multi_remove_handle close CONNECT_ONLY transfer
- multi: use larger dns hash table for multi interface
- multi_wait: fix skipping to populate revents for extra_fds
- netrc: Use the password from lines without login
- ngtcp2: Fix build error due to change in nghttp3 prototypes
- ngtcp2: fix stall or busy loop on STOP_SENDING with upload data
- ngtcp2: implement cb_h3_stop_sending and cb_h3_reset_stream callbacks
- openssl: add 'CURL_BORINGSSL_VERSION' to identify BoringSSL
- openssl: add cert path in error message
- openssl: add details to "unable to set client certificate" error
- openssl: fix BoringSSL symbol conflicts with LDAP and Schannel
- select: do not return fatal error on EINTR from poll()
- sendf: fix paused header writes since after the header API
- sendf: skip storing HTTP headers if HTTP disabled
- url: really use the user provided in the url when netrc entry exists
- url: reject URLs with hostnames longer than 65535 bytes
- url: treat missing usernames in netrc as empty
- urldata: reduce size of several struct fields
- vtls: make Curl_ssl_backend() return the enum type curl_sslbackend
* Remove tests-for-32bit.patch fixed in the update
* Rebase libcurl-ocloexec.patch
-------------------------------------------------------------------
Sun Jul 24 19:37:01 UTC 2022 - Dirk Müller <dmueller@suse.com>