Пакет libcurl-devel-static: Информация
Бинарный пакет: libcurl-devel-static
Версия: 7.56.1-alt1.M70C.1.1
Архитектура: i586
Собран: 16 марта 2018 г. 22:24 в задании #201798
Исходный пакет: curl
Скопирован в задании: #202075
Категория: Разработка/C
Сообщить об ошибке в пакетеДомашняя страница: http://curl.haxx.se
Лицензия: MPL or MIT
О пакете: Static libraries for libcurl
Описание:
This package contains libcurl static library of functions for sending and receiving files through various protocols, including http and ftp. This package is required for development of statically linked applications that utilize libcurl.
Сопровождающий: Evgeny Sinelnikov
Список участников:
Evgeny Sinelnikov
Anton V. Boyarshinov
Anton Farygin
Gleb Fotengauer-Malinovskiy
Alexey Tourbin
Dmitry V. Levin
Alexander Bokovoy
Evgeny Sinelnikov
Anton V. Boyarshinov
Anton Farygin
Gleb Fotengauer-Malinovskiy
Alexey Tourbin
Dmitry V. Levin
Alexander Bokovoy
Последнее изменение
23 ноября 2017 г. Evgeny Sinelnikov 7.56.1-alt1.M70C.1.1
- Backport security updates to legacy stable branches - Fixes: + CVE-2017-1000257 libcurl contains a buffer overrun flaw in the IMAP handler + CVE-2017-1000254 libcurl may read outside of a heap allocated buffer when doing FTP + CVE-2017-1000101 do not parse after a strtoul() overflow range + CVE-2017-1000100 tftp reject file name lengths that don't fit + CVE-2017-1000099 output the correct buffer to the user + CVE-2017-9502 URL file scheme drive letter buffer overflow + CVE-2016-5419 TLS session resumption client cert bypass (again) + CVE-2017-2629 SSL_VERIFYSTATUS ignored + CVE-2016-9594 uninitialized random + CVE-2016-9586 printf floating point buffer overflow + CVE-2016-8615 cookie injection for other servers + CVE-2016-8616 case insensitive password comparison + CVE-2016-8617 OOB write via unchecked multiplication + CVE-2016-8618 double-free in curl_maprintf + CVE-2016-8619 double-free in krb5 code + CVE-2016-8620 glob parser write/read out of bounds + CVE-2016-8621 curl_getdate read out of bounds + CVE-2016-8622 URL unescape heap overflow via integer truncation + CVE-2016-8623 Use-after-free via shared cookies + CVE-2016-8624 invalid URL parsing with '#' + CVE-2016-8625 IDNA 2003 makes curl use wrong host + CVE-2015-3236 send the HTTP Basic authentication credentials for a previous connection + CVE-2015-3237 The smb_request_state function allows remote SMB servers to obtain sensitive information from memory or cause a denial of service + CVE-2015-3153 sends custom HTTP headers to both the proxy and destination server, which might allow remote proxy servers to obtain sensitive information + CVE-2015-3148 do not properly re-use authenticated Negotiate connections + CVE-2015-3143 does not properly re-use NTLM connections, which allows remote attackers to connect as other users via an unauthenticated request + CVE-2015-3145 The sanitize_cookie_path function does not properly calculate an index + CVE-2015-3144 The fix_hostname function does not properly calculate an index
1 декабря 2014 г. Anton V. Boyarshinov 7.31.0-alt1.M70C.2
- build fixed
29 октября 2013 г. Anton V. Boyarshinov 7.31.0-alt1.M70C.1
- rebuild for c7