Accepting request 447465 from devel:libraries:c_c++

- Update to 7.52.1
  Bugfixes:
  * CVE-2016-9594: unititialized random bsc#1016738

- Update to 7.52.0
  Changes:
  * nss: map CURL_SSLVERSION_DEFAULT to NSS default
  * vtls: support TLS 1.3 via CURL_SSLVERSION_TLSv1_3
  * curl: introduce the --tlsv1.3 option to force TLS 1.3
  * curl: Add --retry-connrefused
  * proxy: Support HTTPS proxy and SOCKS+HTTP(s)
  * add CURLINFO_SCHEME, CURLINFO_PROTOCOL, and %{scheme}
  * curl: add --fail-early 
  Bugfixes:
  * CVE-2016-9586: printf floating point buffer overflow
  * curl -w: added more decimal digits to timing counters
  * easy: Initialize info variables on easy init and duphandle
  * http2: Don't send header fields prohibited by HTTP/2 spec
  * ssh: check md5 fingerprints case insensitively (regression)
  * openssl: initial TLS 1.3 adaptions
  * SPNEGO: Fix memory leak when authentication fails
  * realloc: use Curl_saferealloc to avoid common mistakes
  * openssl: make sure to fail in the unlikely event that PRNG
    seeding fails
  * URL-parser: for file://[host]/ URLs, the [host] must be localhost
  * timeval: prefer time_t to hold seconds instead of long
  * glob: fix [a-c] globbing regression
  * curl.1: Clarify --dump-header only writes received headers
  * http2: Fix address sanitizer memcpy warning
  * http2: Use huge HTTP/2 windows

OBS-URL: https://build.opensuse.org/request/show/447465
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/curl?expand=0&rev=120

curl-7.51.0.tar.lzma

@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:9eef5f6bbb972ffc631f4c76cfe93161bf5186926133c77267b24f5191700518
-size 2061223

curl-7.51.0.tar.lzma.asc

@@ -1,10 +0,0 @@
------BEGIN PGP SIGNATURE-----
-
-iQEcBAABCgAGBQJYGY4MAAoJEFzJCP23HhLCNkQH/0AjH+fRd4vuv9/AoO2CjZGf
-JEXOPF2ZfKeBKc14dPfxhNj/klX3JvmLG9Z1jZLySWYl1/be0CM0LSoxh11rtioO
-FiScVNNdUOUnJ6b8m0qVoX1wx9lCn3pjVKGzkfCx4pZ3eZDhtSRBbKNe+92fSOTk
-nnMEDDj9q9C++yO8EMifDBfyX2u+JCpvnUu3EFa/znRjZB88Uyrc9Li+fl4aBfo1
-IyH8EGmM0QkYBuGZhQBGg6mYg8LkG0JROHpk+j3lh9hZNA2An7tIEhbqoktaLW2i
-Ude6R2g2/AdqfZrifY3fBXHc4d0XO4T7GIGREmo4TKDHTLDthKSNTTHt2a9dpiI=
-=v+YR
------END PGP SIGNATURE-----

curl-7.52.1.tar.lzma

@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:44286d4b825936e2430fc44ad730ce899afb736a5d328cbb8b5d42462f3f2365
+size 2068290

curl-7.52.1.tar.lzma.asc

@@ -0,0 +1,11 @@
+-----BEGIN PGP SIGNATURE-----
+
+iQEzBAABCgAdFiEEJ+3q8i86vOtQ25oSXMkI/bceEsIFAlhc0OoACgkQXMkI/bce
+EsISngf/adTW6+PCMHxPISnBqoCzO6/3YAH52WDZ1Z0A11VaCAkIbcsqXFF9K1xX
+1W/cRt2ZR+eyAhm7gpulUJfxOy1ak5VuguebEY4vENmEpNg94+7iS9yldYJ4m0Q8
+t6MeYW+twMazzKarU2CvRJBHW1H+olt0G/3+K6o8LPoLyuqHhGGssvm2c24hb8RZ
+Kj9m027qg3KVi89cL5eND0OeLW5mMjNr0TjokicWE7/AP7Wd181ag/jMU3BTX/yh
+n5KYp562kDR34AIgV2xbHe8Rmfce9lGNAMW90+xnDbKo3Gjm8I8Cq4UkVBspazV5
+hieNGVze2dodGIh+O37iKhaoAoOJsg==
+=2ZM9
+-----END PGP SIGNATURE-----

curl.changes

@@ -1,3 +1,55 @@
+-------------------------------------------------------------------
+Fri Dec 23 07:37:40 UTC 2016 - idonmez@suse.com
+
+- Update to 7.52.1
+  Bugfixes:
+  * CVE-2016-9594: unititialized random bsc#1016738
+
+-------------------------------------------------------------------
+Wed Dec 21 07:10:10 UTC 2016 - idonmez@suse.com
+
+- Update to 7.52.0
+  Changes:
+  * nss: map CURL_SSLVERSION_DEFAULT to NSS default
+  * vtls: support TLS 1.3 via CURL_SSLVERSION_TLSv1_3
+  * curl: introduce the --tlsv1.3 option to force TLS 1.3
+  * curl: Add --retry-connrefused
+  * proxy: Support HTTPS proxy and SOCKS+HTTP(s)
+  * add CURLINFO_SCHEME, CURLINFO_PROTOCOL, and %{scheme}
+  * curl: add --fail-early 
+  Bugfixes:
+  * CVE-2016-9586: printf floating point buffer overflow
+  * curl -w: added more decimal digits to timing counters
+  * easy: Initialize info variables on easy init and duphandle
+  * http2: Don't send header fields prohibited by HTTP/2 spec
+  * ssh: check md5 fingerprints case insensitively (regression)
+  * openssl: initial TLS 1.3 adaptions
+  * SPNEGO: Fix memory leak when authentication fails
+  * realloc: use Curl_saferealloc to avoid common mistakes
+  * openssl: make sure to fail in the unlikely event that PRNG
+    seeding fails
+  * URL-parser: for file://[host]/ URLs, the [host] must be localhost
+  * timeval: prefer time_t to hold seconds instead of long
+  * glob: fix [a-c] globbing regression
+  * curl.1: Clarify --dump-header only writes received headers
+  * http2: Fix address sanitizer memcpy warning
+  * http2: Use huge HTTP/2 windows
+  * connects: Don't mix unix domain sockets with regular ones
+  * url: Fix conn reuse for local ports and interfaces
+  * x509: Limit ASN.1 structure sizes to 256K
+  * http2: check nghttp2_session_set_local_window_size exists
+  * http2: Fix crashes when parent stream gets aborted
+  * CURLOPT_CONNECT_TO: Skip non-matching "connect-to" entries
+  * URL parser: reject non-numerical port numbers
+  * CONNECT: reject TE or CL in 2xx responses
+  * CONNECT: read responses one byte at a time
+  * curl: support zero-length argument strings in config files
+  * openssl: don't use OpenSSL's ERR_PACK
+  * curl.1: generated with the new man page system
+  * curl_easy_recv: Improve documentation and example program
+  * Curl_getconnectinfo: avoid checking if the connection is closed
+  * CIPHERS.md: attempt to document TLS cipher names
+
 -------------------------------------------------------------------
 Wed Nov  2 07:15:44 UTC 2016 - idonmez@suse.com
 

curl.spec

@@ -20,7 +20,7 @@
 %bcond_with mozilla_nss
 %bcond_without testsuite
 Name:           curl
-Version:        7.51.0
+Version:        7.52.1
 Release:        0
 Summary:        A Tool for Transferring Data from URLs
 License:        BSD-3-Clause and MIT