diff --git a/curl-7.56.0.tar.gz b/curl-7.56.0.tar.gz deleted file mode 100644 index d06ba31..0000000 --- a/curl-7.56.0.tar.gz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:f1bc17a7e5662dbd8d4029750a6dbdb72a55cf95826a270ab388b05075526104 -size 3827372 diff --git a/curl-7.56.0.tar.gz.asc b/curl-7.56.0.tar.gz.asc deleted file mode 100644 index 858434f..0000000 --- a/curl-7.56.0.tar.gz.asc +++ /dev/null @@ -1,11 +0,0 @@ ------BEGIN PGP SIGNATURE----- - -iQEzBAABCgAdFiEEJ+3q8i86vOtQ25oSXMkI/bceEsIFAlnUd8MACgkQXMkI/bce -EsJMKQf+OEjS8Ai0Ml0gzaEfCGhneffJ5aXsRkloNCulNtpbfBghph2UF3uPmkiW -vcaAKC2/xLUFAfR1dvm62zE7/IBq9qd51Xh96GpA6HfraZuFNOJyWdYqxq+IprzL -M3DNLYFdC9AekOQ/ufmPMvq7CU+5/3ZA3vNA5NbvwgaOf9Oc6fnshsykYm+tnIjv -/yWdFn05k4zQ/b/co8UNzm3m3YaScy/O5/8N5d5KzkIt/iWAezBmNh7BBsY6A/7a -NTYJdTD3Rc5TsOiMV9gQuoaTIeo2nGRQJmmxWM5IS1jjTt0ywM/6+lhu1kcm8Rgs -rNuXMzVjGRCqf2iN0VETWub2mgUqCA== -=m6aC ------END PGP SIGNATURE----- diff --git a/curl-7.56.1.tar.gz b/curl-7.56.1.tar.gz new file mode 100644 index 0000000..600537f --- /dev/null +++ b/curl-7.56.1.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:961a25531d72a843dfcce87b290e7a882f2d376f3b88de11df009710019c5b16 +size 3799766 diff --git a/curl-7.56.1.tar.gz.asc b/curl-7.56.1.tar.gz.asc new file mode 100644 index 0000000..4bd7cb8 --- /dev/null +++ b/curl-7.56.1.tar.gz.asc @@ -0,0 +1,11 @@ +-----BEGIN PGP SIGNATURE----- + +iQEzBAABCgAdFiEEJ+3q8i86vOtQ25oSXMkI/bceEsIFAlnthGYACgkQXMkI/bce +EsKH3gf/eexCXdgvW+LQELcw/up7deEp4R+BLQ17pekTgbJkUpTHjWS3n5QjlEFP +ymUmNBKcqqWTo05wPb+yuNpwMkg5nwEzz/MB2oVGhAxnTysMfzY402pobh96Jowx +FoXeJq9ihnq0yReEjPQb4hE/HptwaZHYk8rajH+zk+5WnXp+QieYTggqzL/Uv0WS +HJqvF9jWJ3q+xqeMrg7l0fUbNdlraMsDw8UobDbNmBFoz8auj04a6lZcpWAWR0FN +uanh2c5XZAwcbrxYqKTWZibaeoOyCmHkJ66kuyH138Ob6f8+lED/PRKBI/QRDYLS +YG/2ky2u925JwLdeUYaCHOjD84yWBQ== +=X+B1 +-----END PGP SIGNATURE----- diff --git a/curl-mini.changes b/curl-mini.changes index eea7711..27f0fe7 100644 --- a/curl-mini.changes +++ b/curl-mini.changes @@ -1,3 +1,58 @@ +------------------------------------------------------------------- +Mon Oct 23 09:12:11 UTC 2017 - pmonrealgonzalez@suse.com + +- Update to version 7.56.1 [bsc#1063824] + Bugfixes: + * imap: if a FETCH response has no size, don't call write + callback [CVE-2017-1000257] + * ftp: UBsan fixup 'pointer index expression overflowed + * failf: skip the sprintf() if there are no consumers + * fuzzer: move to using external curl-fuzzer + * lib/Makefile.m32: allow customizing dll suffixes + * docs: fix typo in curl_mime_data_cb man page + * darwinssl: add support for TLSv1.3 + * build: fix --disable-crypto-auth + * openssl: fix build without HAVE_OPAQUE_EVP_PKEY + * strtoofft: Remove extraneous null check + * multi_cleanup: call DONE on handles that never got that + * tests: added flaky keyword to tests 587 and 644 + * pingpong: return error when trying to send without connection + * remove_handle: call multi_done() first, then clear dns cache pointer + * mime: be tolerant about setting the same header list twice in a part + * mime: improve unbinding top multipart from easy handle + * mime: avoid resetting a part's encoder when part's contents change + * mime: refuse to add subparts to one of their own descendants + * RTSP: avoid integer overflow on funny RTSP responses + * curl: don't pass semicolons when parsing Content-Disposition + * openssl: enable PKCS12 support for !BoringSSL + * FAQ: s/CURLOPT_PROGRESSFUNCTION/CURLOPT_XFERINFOFUNCTION + * CURLOPT_NOPROGRESS.3: also refer to xferinfofunction + * CURLOPT_XFERINFODATA.3: fix duplicate see also + * test298: verify --ftp-method nowcwd with URL encoded path + * FTP: URL decode path for dir listing in nocwd mode + * smtp_done: fix memory leak on send failure + * ftpserver: support case insensitive commands + * test950; verify SMTP with custom request + * openssl: don't use old BORINGSSL_YYYYMM macros + * setopt: update current connection SSL verify params + * curl: reimplement stdin buffering in -F option + * mime: keep "text/plain" content type if user-specified + * mime: fix the content reader to handle >16K data properly + * configure: remove the C++ compiler check + * memdebug: trace send, recv and socket + * runtests: use valgrind for torture as well + * ldap: silence clang warning + * makefile.m32: allow to override gcc, ar and ranlib + * setopt: avoid integer overflows when setting millsecond values + * setopt: range check most long options + * ftp: reject illegal IP/port in PASV 227 response + * mime: do not reuse previously computed multipart size + * vtls: change struct Curl_ssl `close' field name to `close_one' + * os400: add missing symbols in config file + * mime: limit bas64-encoded lines length to 76 characters + * mk-ca-bundle: Remove URL for aurora + * mk-ca-bundle: Fix URL for NSS + ------------------------------------------------------------------- Thu Oct 5 16:15:04 UTC 2017 - pmonrealgonzalez@suse.com diff --git a/curl-mini.spec b/curl-mini.spec index cac1f19..d7c73d1 100644 --- a/curl-mini.spec +++ b/curl-mini.spec @@ -32,7 +32,7 @@ %endif Name: curl-mini -Version: 7.56.0 +Version: 7.56.1 Release: 0 Summary: A Tool for Transferring Data from URLs License: curl diff --git a/curl.changes b/curl.changes index eea7711..27f0fe7 100644 --- a/curl.changes +++ b/curl.changes @@ -1,3 +1,58 @@ +------------------------------------------------------------------- +Mon Oct 23 09:12:11 UTC 2017 - pmonrealgonzalez@suse.com + +- Update to version 7.56.1 [bsc#1063824] + Bugfixes: + * imap: if a FETCH response has no size, don't call write + callback [CVE-2017-1000257] + * ftp: UBsan fixup 'pointer index expression overflowed + * failf: skip the sprintf() if there are no consumers + * fuzzer: move to using external curl-fuzzer + * lib/Makefile.m32: allow customizing dll suffixes + * docs: fix typo in curl_mime_data_cb man page + * darwinssl: add support for TLSv1.3 + * build: fix --disable-crypto-auth + * openssl: fix build without HAVE_OPAQUE_EVP_PKEY + * strtoofft: Remove extraneous null check + * multi_cleanup: call DONE on handles that never got that + * tests: added flaky keyword to tests 587 and 644 + * pingpong: return error when trying to send without connection + * remove_handle: call multi_done() first, then clear dns cache pointer + * mime: be tolerant about setting the same header list twice in a part + * mime: improve unbinding top multipart from easy handle + * mime: avoid resetting a part's encoder when part's contents change + * mime: refuse to add subparts to one of their own descendants + * RTSP: avoid integer overflow on funny RTSP responses + * curl: don't pass semicolons when parsing Content-Disposition + * openssl: enable PKCS12 support for !BoringSSL + * FAQ: s/CURLOPT_PROGRESSFUNCTION/CURLOPT_XFERINFOFUNCTION + * CURLOPT_NOPROGRESS.3: also refer to xferinfofunction + * CURLOPT_XFERINFODATA.3: fix duplicate see also + * test298: verify --ftp-method nowcwd with URL encoded path + * FTP: URL decode path for dir listing in nocwd mode + * smtp_done: fix memory leak on send failure + * ftpserver: support case insensitive commands + * test950; verify SMTP with custom request + * openssl: don't use old BORINGSSL_YYYYMM macros + * setopt: update current connection SSL verify params + * curl: reimplement stdin buffering in -F option + * mime: keep "text/plain" content type if user-specified + * mime: fix the content reader to handle >16K data properly + * configure: remove the C++ compiler check + * memdebug: trace send, recv and socket + * runtests: use valgrind for torture as well + * ldap: silence clang warning + * makefile.m32: allow to override gcc, ar and ranlib + * setopt: avoid integer overflows when setting millsecond values + * setopt: range check most long options + * ftp: reject illegal IP/port in PASV 227 response + * mime: do not reuse previously computed multipart size + * vtls: change struct Curl_ssl `close' field name to `close_one' + * os400: add missing symbols in config file + * mime: limit bas64-encoded lines length to 76 characters + * mk-ca-bundle: Remove URL for aurora + * mk-ca-bundle: Fix URL for NSS + ------------------------------------------------------------------- Thu Oct 5 16:15:04 UTC 2017 - pmonrealgonzalez@suse.com diff --git a/curl.spec b/curl.spec index eaa9b56..980dca4 100644 --- a/curl.spec +++ b/curl.spec @@ -30,7 +30,7 @@ %endif Name: curl -Version: 7.56.0 +Version: 7.56.1 Release: 0 Summary: A Tool for Transferring Data from URLs License: curl