Pedro Monreal Gonzalez
1b4d5053ee
* Security fixes:
- [bsc#1230093, CVE-2024-8096] curl: OCSP stapling bypass with GnuTLS
* Changes:
- curl: make --rate accept "number of units"
- curl: make --show-headers the same as --include
- curl: support --dump-header % to direct to stderr
- curl: support embedding a CA bundle and --dump-ca-embed
- curl: support repeated use of the verbose option; -vv etc
- curl: use libuv for parallel transfers with --test-event
- vtls: stop offering alpn http/1.1 for http2-prior-knowledge
* Bugfixes:
- curl: allow 500MB data URL encode strings
- curl: warn on unsupported SSL options
- Curl_rand_bytes to control env override
- curl_sha512_256: fix symbol collisions with nettle library
- dist: fix reproducible build from release tarball
- http2: fix GOAWAY message sent to server
- http2: improve rate limiting of downloads
- INSTALL.md: MultiSSL and QUIC are mutually exclusive
- lib: add eos flag to send methods
- lib: make SSPI global symbols use Curl_ prefix
- lib: prefer `CURL_SHA256_DIGEST_LENGTH` over the unprefixed name
- lib: remove the final strncpy() calls
- lib: remove use of RANDOM_FILE
- Makefile.mk: fixup enabling libidn2
- max-filesize.md: mention zero disables the limit
- mime: avoid inifite loop in client reader
- ngtcp2: use NGHTTP3 prefix instead of NGTCP2 for errors in h3 callbacks
- openssl quic: fix memory leak
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/curl?expand=0&rev=376
12 lines
488 B
Plaintext
12 lines
488 B
Plaintext
-----BEGIN PGP SIGNATURE-----
|
|
|
|
iQEzBAABCgAdFiEEJ+3q8i86vOtQ25oSXMkI/bceEsIFAmbhLPgACgkQXMkI/bce
|
|
EsKvcAf/X90bZOG4ufZdq0z7l1i++7tLMG9zd8MjMX14XEBlHsTSqhgqu18i/FDY
|
|
sIlK/6fQH5RJbbP9LtX68ptDnzZ31SmIpOWngyadkJTQ1n6oTa1jSUf469ALWHmX
|
|
nwEPvgX8YXdVDrNpVbAUy3EElKoSH/9JSyXGmpi5whaHb1jzTyUAcR2QbKyxwZi3
|
|
Md+XKAbdrhXBfDicoLbWN2N8NlzyV5rt78DMh1UZPOspWo8fSMUIZeB6uSoi0Ey0
|
|
mY1Vv+b4L0dricODFSprfN9BZNe5lv9Ciit4GJmMf28k896Zw4nV+yngUhEs9lfm
|
|
8tmBTI2oX6kPAULU+xZ2iR61MuW5ZA==
|
|
=S6zn
|
|
-----END PGP SIGNATURE-----
|