Packages from AltLinux

    Package libcurl-devel: Changelog

    Last changed

    May 11, 2022 Anton Farygin 7.83.1-alt1
    - 7.83.1
- Fixes:
  * CVE-2022-30115: HSTS bypass via trailing dot
  * CVE-2022-27782: TLS and SSH connection too eager reuse
  * CVE-2022-27781: CERTINFO never-ending busy-loop
  * CVE-2022-27780: percent-encoded path separator in URL host
  * CVE-2022-27779: cookie for trailing dot TLD
  * CVE-2022-27778: curl removes wrong file on error
    April 28, 2022 Anton Farygin 7.83.0-alt1
    - 7.83.0 (Fixes: CVE-2022-22576, CVE-2022-27774, CVE-2022-27775, CVE-2022-27776)
    March 9, 2022 Anton Farygin 7.82.0-alt1
    - 7.81.0 -> 7.82.0
    Jan. 8, 2022 Anton Farygin 7.81.0-alt2
    - disabled rewindaftersend logic for auth via kerberos to resolve problems with
  hdfs (fix for curl issue #8264)
    Jan. 5, 2022 Anton Farygin 7.81.0-alt1
    - 7.80.0 -> 7.81.0
    Nov. 20, 2021 Anton Farygin 7.80.0-alt1
    - 7.79.1 -> 7.80.0
    Sept. 25, 2021 Anton Farygin 7.79.1-alt1
    - 7.79.1
    Sept. 21, 2021 Anton Farygin 7.79.0-alt2
    - added patches from curl upstream:
  * b2e72d2 http: fix the broken >3 digit response code detection
  * e0742ce Curl_http2_setup: don't change connection data on repeat invokes
    Sept. 15, 2021 Anton Farygin 7.79.0-alt1
    - 7.79.0
- Fixes:
  * CVE-2021-22945 clear the leftovers pointer when sending succeeds
  * CVE-2021-22946 do not ignore --ssl-reqd
  * CVE-2021-22947 reject STARTTLS server response pipelining
    Sept. 10, 2021 Anton Farygin 7.78.0-alt2
    - fixed FTBFS via -ffat-lto-objects
    July 27, 2021 Anton Farygin 7.78.0-alt1
    - 7.78.0
    May 26, 2021 Anton Farygin 7.77.0-alt1
    - 7.77.0
- Fixes:
  * CVE-2021-22897 schannel cipher selection surprise
  * CVE-2021-22898 TELNET stack contents disclosure
  * CVE-2021-22901 TLS session caching disaster
    April 15, 2021 Anton Farygin 7.76.1-alt1
    - 7.76.1
    March 31, 2021 Anton Farygin 7.76.0-alt1
    - 7.76.0
- Fixes:
  * CVE-2021-22876 strip credentials from the auto-referer header field
  * CVE-2021-22890 add 'isproxy' argument to Curl_ssl_get/addsessionid()
    Feb. 25, 2021 Anton Farygin 7.75.0-alt1
    - 7.75.0
    Dec. 30, 2020 Anton Farygin 7.74.0-alt1
    - 7.74.0
- Fixes:
  * CVE-2020-8286 Inferior OCSP verification
  * CVE-2020-8285 FTP wildcard stack overflow
  * CVE-2020-8284 trusting FTP PASV responses
    Oct. 14, 2020 Anton Farygin 7.73.0-alt1
    - 7.73.0
    Aug. 19, 2020 Anton Farygin 7.72.0-alt1
    - 7.72.0
- fixes:
  * CVE-2020-8231: libcurl: wrong connect-only connection
    July 3, 2020 Anton Farygin 7.71.1-alt1
    - 7.71.1
- add python3 to BR for tests
    June 24, 2020 Anton Farygin 7.71.0-alt1
    - 7.71.0
- fixes:
  * CVE-2020-8177: curl overwrite local file with -J
  * CVE-2020-8169: Partial password leak over DNS on HTTP redirect
    April 29, 2020 Anton Farygin 7.70.0-alt1
    - 7.70.0
- removed DEV from version string (with maketgz script)
    March 11, 2020 Anton Farygin 7.69.1-alt1
    - 7.69.1
    March 11, 2020 Anton Farygin 7.69.0-alt1
    - 7.69.0
    Jan. 10, 2020 Anton Farygin 7.68.0-alt1
    - 7.68.0
    Nov. 11, 2019 Anton Farygin 7.67.0-alt1
    - 7.67.0
    Sept. 11, 2019 Anton Farygin 7.66.0-alt1
    - 7.66.0
- fixes:
 * CVE-2019-5481: FTP-KRB double-free 
 * CVE-2019-5482: TFTP small blocksize heap buffer overflow
    July 23, 2019 Anton Farygin 7.65.3-alt1
    - 7.65.3
    June 5, 2019 Anton Farygin 7.65.1-alt1
    - 7.65.1
    May 22, 2019 Anton Farygin 7.65.0-alt1
    - 7.65.0
- fixes:
  * CVE-2019-5435: Integer overflows in curl_url_set
  * CVE-2019-5436: tftp: use the current blksize for recvfrom
    March 28, 2019 Anton Farygin 7.64.1-alt1
    - 7.64.1
    VKontakte|Telegram|YouTube|Forum|GitHub|Bugzilla
    Version: v23.03.16
    Back to top