- update to 7.40.0:
* fixes CVE-2014-8150 (bnc#911363)
* Changes:
http_digest: Added support for Windows SSPI based authentication
version info: Added Kerberos V5 to the supported features
Makefile: Added VC targets for WinIDN
config-win32: Introduce build targets for VS2012+
SSL: Add PEM format support for public key pinning
smtp: Added support for the conversion of Unix newlines during mail send
smb: Added initial support for the SMB/CIFS protocol
Added support for HTTP over unix domain sockets,
via CURLOPT_UNIX_SOCKET_PATH and --unix-socket
sasl: Added support for GSS-API based Kerberos V5 authentication
OBS-URL: https://build.opensuse.org/request/show/280328
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/curl?expand=0&rev=121
- update to 7.39.0:
- changes:
SSLv3 is disabled by default
CURLOPT_COOKIELIST: Added "RELOAD" command
build: Added WinIDN build configuration options to Visual Studio projects
ssh: improve key file search
SSL: public key pinning. Use CURLOPT_PINNEDPUBLICKEY and --pinnedpubkey
vtls: remove QsoSSL support, use gskit!
mk-ca-bundle: added SHA-384 signature algorithm
docs: added many examples for libcurl opts and other doc improvements
build: Added VC ssh2 target to main Makefile
MinGW: Added support to build with nghttp2
NetWare: Added support to build with nghttp2
build: added Watcom support to build with WinSSL
build: Added optional specific version generation of VC project files
... and a bunch of bugfixes
- refreshed libcurl-ocloexec.patch
- removed gpg-offline verification
- spec-cleaned curl.spec
OBS-URL: https://build.opensuse.org/request/show/261640
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/curl?expand=0&rev=117
- update to 7.38.0
* fixes CVE-2014-3613 (bnc#894575) and CVE-2014-3620 (bnc#895991)
* cookie leaks with IP address as domain and TLDs respectively
Changes:
supports HTTP/2 draft-14
CURLE_HTTP2 is a new error code
CURLAUTH_NEGOTIATE is a new auth define
CURL_VERSION_GSSAPI is a new capability bit
no longer use fbopenssl for anything
schannel: use CryptGenRandom for random numbers
axtls: define curlssl_random using axTLS's PRNG
cyassl: use RNG_GenerateBlock to generate a good random number
findprotocol: show unsupported protocol within quotes
version: detect and show LibreSSL
version: detect and show BoringSSL
imap/pop3/smtp: Kerberos (SASL GSSAPI) authentication via Windows SSPI
http2: requires nghttp2 0.6.0 or later
Bugfixes:
SECURITY ADVISORY: cookie leak with IP address as domain
SECURITY ADVISORY: cookie leak for TLDs
And many other fixes
OBS-URL: https://build.opensuse.org/request/show/248327
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/curl?expand=0&rev=113
- update to 7.37.0
This release includes many bugfixes and the following changes:
* URL parser: IPv6 zone identifiers are now supported
* CURLOPT_PROXYHEADER: set headers for proxy-only
* CURLOPT_HEADEROPT: added
* curl: add --proxy-header
* sasl: Added support for DIGEST-MD5 via Windows SSPI
* sasl: Added DIGEST-MD5 qop-option validation in native challange handling
* imap: Expanded mailbox SEARCH support to use URL query strings [7]
* imap: Extended FETCH support to include PARTIAL URL specifier [7]
* nss: implement non-blocking SSL handshake
* build: Reworked Visual Studio project files
* poll: enable poll on darwin13
* mk-ca-bundle: added -p
* libtests: add a wait_ms() function
- dropped patches:
* curl-mkhelp.patch (upstream)
* curl-test815.patch (upstream)
OBS-URL: https://build.opensuse.org/request/show/236974
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/curl?expand=0&rev=109
- update to 7.36
* fixes CVE-2014-0138 (bnc#868627) and CVE-2014-0139 (bnc#868629)
* NEW FEATURES:
ntlm: Added support for NTLMv2
tool: Added support for URL specific options
openssl: add ALPN support
gtls: add ALPN support
nss: add ALPN and NPN support
added CURLOPT_EXPECT_100_TIMEOUT_MS
tool: add --no-alpn and --no-npn
added CURLOPT_SSL_ENABLE_NPN and CURLOPT_SSL_ENABLE_ALPN
http2: build with current nghttp2 version
openssl: info message with SSL version used
* dropped curl-test172_cookie_expiration.patch (upstream)
* added patches to make it build:
- curl-mkhelp.patch
- curl-test815.patch
OBS-URL: https://build.opensuse.org/request/show/229525
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/curl?expand=0&rev=106
- update to 7.35.0
* security fix:
CVE-2014-0015: re-use of wrong HTTP NTLM connection (bnc#858673)
* changes:
imap/pop3/smtp: Added support for SASL authentication downgrades
imap/pop3/smtp: Extended the login options to support multiple auth mechanisms
TheArtOfHttpScripting: major update, converted layout and more
mprintf: Added support for I, I32 and I64 size specifiers
makefile: Added support for VC7, VC11 and VC12
SSL: protocol version can be specified more precisely
imap/pop3/smtp: Added graceful cancellation of SASL authentication
Add "Happy Eyeballs" for IPv4/IPv6 dual connect attempts
base64: Added validation of base64 input strings when decoding
curl_easy_setopt: Added the ability to set the login options separately
smtp: Added support for additional SMTP commands
curl_easy_getinfo: Added CURLINFO_TLS_SESSION for accessing TLS internals
nss: allow to use TLS > 1.0 if built against recent NSS
SECURITY: added this document to describe our security processes
parseconfig: warn if unquoted white spaces are detected
* and many bugfixes
- fix test failure because of an expired cookie (bnc#862144)
* added curl-test172_cookie_expiration.patch
- refresh libcurl-ocloexec.patch
OBS-URL: https://build.opensuse.org/request/show/220853
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/curl?expand=0&rev=102
- update to 7.33.0
* fixes CVE-2013-4545 (bnc#849596)
= curl: ssl cert checks unclear behaviour
o test code for testing the event based API
o CURLM_ADDED_ALREADY: new error code
o test TFTP server: support "writedelay" within <servercmd>
o krb4 support has been removed
o imap/pop3/smtp: added basic SASL XOAUTH2 support
o Pass password to OpenSSL engine by user interface
o c-ares: Add support for various DNS binding options
o cookies: add expiration
o curl: added --oauth2-bearer option
OBS-URL: https://build.opensuse.org/request/show/208925
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/curl?expand=0&rev=100
- curl 7.32.0
* curl: allow timeouts to accept decimal values
* CURLOPT_XFERINFOFUNCTION: introducing a new progress callback
* SIGPIPE: ignored while inside the library
* OpenSSL: check for read errors
* configure: automake 1.14 compatibility tweak
* curl_multi_wait: set revents for extra fds
* global dns cache: didn't work (regression)
* mk-ca-bundle.1: don't install on make install
OBS-URL: https://build.opensuse.org/request/show/186690
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/curl?expand=0&rev=98
- update to 7.31.0
* includes fix for CVE-2013-2174 (bnc#824517)
* SECURITY VULNERABILITY: curl_easy_unescape() may parse data
beyond the end of the input buffer [26]
* Changes:
darwinssl: add TLS session resumption
darwinssl: add TLS crypto authentication
imap/pop3/smtp: Added support for ;auth= in the URL
imap/pop3/smtp: Added support for ;auth= to CURLOPT_USERPWD
usercertinmem.c: add example showing user cert in memory
url: Added smtp and pop3 hostnames to the protocol detection list
imap/pop3/smtp: Added support for enabling the SASL initial response
curl -E: allow to use ':' in certificate nicknames
OBS-URL: https://build.opensuse.org/request/show/180754
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/curl?expand=0&rev=94
- update to 7.30.0
includes security fixes for CVE-2013-0249 and CVE-2013-1944
(bugs bnc#814655 and bnc#802411 respectively)
(dropped curl-CVE-2013-0249.patch)
- Changes:
imap: Changed response tag generation to be completely unique
imap: Added support for SASL-IR extension
imap: Added support for the list command
imap: Added support for the append command
imap: Added custom request parsing
imap: Added support to the fetch command for UID and SECTION properties
imap: Added parsing and verification of the UIDVALIDITY mailbox attribute
imap/pop3/smtp: Added support for the STARTTLS capability
checksrc: ban use of sprintf, vsprintf, strcat, strncat and gets
curl_global_init() now accepts the CURL_GLOBAL_ACK_EINTR flag
Added CURLMOPT_MAX_HOST_CONNECTIONS, CURLMOPT_MAX_TOTAL_CONNECTIONS
for new multi interface connection handling
Added CURLMOPT_MAX_PIPELINE_LENGTH, CURLMOPT_CONTENT_LENGTH_PENALTY_SIZE,
CURLMOPT_CHUNK_LENGTH_PENALTY_SIZE, CURLMOPT_PIPELINING_SITE_BL
and CURLMOPT_PIPELI NING_SERVER_BL for new pipelining control
test: offer "automake" output and check for perl better
always-multi: always use non-blocking internals
imap: Added support for sasl digest-md5 authentication
imap: Added support for sasl cram-md5 authentication
imap: Added support for sasl ntlm authentication
imap: Added support for sasl login authentication
imap: Added support for sasl plain text authentication
imap: Added support for login disabled server capability
mk-ca-bundle: add -f, support passing to stdout and more
writeout: -w now supports remote_ip/port and local_ip/port
OBS-URL: https://build.opensuse.org/request/show/163742
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/curl?expand=0&rev=92
Verify GPG signature: Perform build-time offline GPG verification.
Please verify that included keyring matches your needs.
For manipulation with the offline keyring, please use gpg-offline tool from openSUSE:Factory, devel-tools-building or Base:System.
See the man page and/or /usr/share/doc/packages/gpg-offline/PACKAGING.HOWTO.
If you need to build your package for older products and don't want to mess spec file with ifs, please follow PACKAGING.HOWTO:
you can link or aggregate gpg-offline from
devel:tools:building or use following trick with "osc meta prjconf":
--- Cut here ----
%if 0%{?suse_version} <= 1220
Substitute: gpg-offline
%endif
Macros:
%gpg_verify(dnf) \
%if 0%{?suse_version} > 1220\
echo "WARNING: Using %%gpg_verify macro from prjconf, not from gpg-offline package."\
gpg-offline --directory="%{-d:%{-d*}}%{!-d:%{_sourcedir}}" --package="%{-n:%{-n*}}%{!-n:%{name}}""%{-f: %{-f*}}" --verify %{**}\
%else\
echo "WARNING: Dummy prjconf macro. gpg-offline is not available, skipping %{**} GPG signature verification!"\
%endif\
%nil
-----------------
OBS-URL: https://build.opensuse.org/request/show/143883
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/curl?expand=0&rev=83