pool/curl - curl - openSUSE Gitea

2 Commits 2 Branches 0 Tags

Author	SHA256	Message	Date
Pedro Monreal Gonzalez	ad3a9fe272	- Update to 8.9.1: * Security fixes: - curl: ASN.1 date parser overread [bsc#1228535, CVE-2024-7264] * Bugfixes: - cmake: detect 'libssh' via 'pkg-config' - cmake: detect 'nettle' when building with GnuTLS - connect: fix connection shutdown for event based processing - curl: more defensive socket code for --ip-tos - CURLOPT_SSL_CTX_FUNCTION.md: mention CA caching - CURLSHOPT_SHARE.md: mention sessions/cookies as not thread-safe - ftpserver.pl: make POP3 LIST serve content from the test file - lib: survive some NULL input args - os400: build cli manual. - os400: workaround an IBM ASCII run-time library bug - transfer: speed limiting fix for 32bit systems - vtls: avoid forward declaration in MultiSSL builds - x509asn1: unittests and fixes for gtime2str OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/curl?expand=0&rev=373	2024-07-31 08:35:10 +00:00
Pedro Monreal Gonzalez	6c4ee5ecf7	- Update to 8.9.0: * Security fixes: - [bsc#1227888, CVE-2024-6197] curl: freeing stack buffer in utf8asn1str - [bsc#1228260, CVE-2024-6874] idn: tweak buffer use when converting with macidn * Changes: - curl: add --ip-tos (IP Type of Service / Traffic Class) - curl: add --mptcp - curl: add --vlan-priority - curl: add -w '%{num_retries} - gnutls: support CA caching - mbedtls: support CURLOPT_CERTINFO - noproxy: patterns need to be comma separated - socket: support binding to interface AND IP - tcpkeepalive: add CURLOPT_TCP_KEEPCNT and --keepalive-cnt - urlapi: add CURLU_NO_GUESS_SCHEME - wolfssl: support CA caching * Bugfixes: - connection: shutdown TLS (for FTP) better - curl-config: revert to backticks to support old target envs - curl: allow etag and content-disposition for 3xx reply - curl: bsearch the --write-out variable name - curl: check for --disable case sensitively - doh: fix leak and zero-length HTTPS RR crash - file: separate fake headers and body with a stand-alone CRLF - ftp: remove redundant null pointer check in loop condition - gnutls: improve TLS shutdown - gnutls: pass in SNI name, not hostname when checking cert - hostip: skip error check for infallible function call OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/curl?expand=0&rev=371	2024-07-24 08:41:57 +00:00

Author

SHA256

Message

Date

Pedro Monreal Gonzalez

ad3a9fe272

- Update to 8.9.1:

* Security fixes:
    - curl: ASN.1 date parser overread [bsc#1228535, CVE-2024-7264]
  * Bugfixes:
    - cmake: detect 'libssh' via 'pkg-config'
    - cmake: detect 'nettle' when building with GnuTLS
    - connect: fix connection shutdown for event based processing
    - curl: more defensive socket code for --ip-tos
    - CURLOPT_SSL_CTX_FUNCTION.md: mention CA caching
    - CURLSHOPT_SHARE.md: mention sessions/cookies as not thread-safe
    - ftpserver.pl: make POP3 LIST serve content from the test file
    - lib: survive some NULL input args
    - os400: build cli manual.
    - os400: workaround an IBM ASCII run-time library bug
    - transfer: speed limiting fix for 32bit systems
    - vtls: avoid forward declaration in MultiSSL builds
    - x509asn1: unittests and fixes for gtime2str

OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/curl?expand=0&rev=373

2024-07-31 08:35:10 +00:00

Pedro Monreal Gonzalez

6c4ee5ecf7

- Update to 8.9.0:

* Security fixes:
    - [bsc#1227888, CVE-2024-6197] curl: freeing stack buffer
      in utf8asn1str
    - [bsc#1228260, CVE-2024-6874] idn: tweak buffer use when
      converting with macidn
  * Changes:
    - curl: add --ip-tos (IP Type of Service / Traffic Class)
    - curl: add --mptcp
    - curl: add --vlan-priority
    - curl: add -w '%{num_retries}
    - gnutls: support CA caching
    - mbedtls: support CURLOPT_CERTINFO
    - noproxy: patterns need to be comma separated
    - socket: support binding to interface *AND* IP
    - tcpkeepalive: add CURLOPT_TCP_KEEPCNT and --keepalive-cnt
    - urlapi: add CURLU_NO_GUESS_SCHEME
    - wolfssl: support CA caching
  * Bugfixes:
    - connection: shutdown TLS (for FTP) better
    - curl-config: revert to backticks to support old target envs
    - curl: allow etag and content-disposition for 3xx reply
    - curl: bsearch the --write-out variable name
    - curl: check for --disable case *sensitively*
    - doh: fix leak and zero-length HTTPS RR crash
    - file: separate fake headers and body with a stand-alone CRLF
    - ftp: remove redundant null pointer check in loop condition
    - gnutls: improve TLS shutdown
    - gnutls: pass in SNI name, not hostname when checking cert
    - hostip: skip error check for infallible function call

OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/curl?expand=0&rev=371

2024-07-24 08:41:57 +00:00