Репозитории ALT
Последнее обновление в Сб, 06 июня 2020, 00:48:23 +0000 | Пакетов: 0
en ru
Исходные пакеты в ветвях
свернуть окно
  • 7.59.0-alt1.N.M80C.1
  • 7.56.1-alt1.M70C.1.1
  • 7.56.1-alt1.M70C.1.1
  • 7.31.0-alt2.M70P.1
  • 7.31.0-alt2.M70P.1
  • 7.24.0-alt0.M60P.1.M60C.1
  • 7.24.0-alt1.M60P.1
  • 7.24.0-alt1.M60P.1
  • 7.19.7-alt1.M51.1
  • 7.19.7-alt1.M51.1
Группа :: Сети/Передача файлов
Исходный пакет: curl
Текущая версия: 7.56.1-alt1.M70C.1.1
Собрано: больше 3 лет назад
Размер архива: 1,7 МБ
Отчёт repocop: skip
Gear:   http://git.altlinux.org/gears/c/curl.git
Домашняя страница:   http://curl.haxx.se

Лицензия: MPL or MIT
О пакете: Gets a file from a FTP, GOPHER or HTTP server

Curl is a client to get documents/files from servers, using any of the
supported protocols. The command is designed to work without user
interaction or any kind of interactivity.

Curl offers a busload of useful tricks like proxy support, user
authentication, ftp upload, HTTP post, file transfer resume and more.

NOTE: This version is compiled with SSL (https) support.

Список участников
(данной и/или предыдущих сборок пакета):

Список rpm-пакетов, предоставляемых данным srpm-пакетом:
  • curl
  • curl-debuginfo
  • libcurl
  • libcurl-debuginfo
  • libcurl-devel
  • libcurl-devel-static
Последние изменения (три последних записи журнала изменений):

2017-11-23 Evgeny Sinelnikov 7.56.1-alt1.M70C.1.1

    - Backport security updates to legacy stable branches
    - Fixes:
      + CVE-2017-1000257 libcurl contains a buffer overrun flaw in the IMAP handler
      + CVE-2017-1000254 libcurl may read outside of a heap allocated buffer when doing FTP
      + CVE-2017-1000101 do not parse after a strtoul() overflow range
      + CVE-2017-1000100 tftp reject file name lengths that don't fit
      + CVE-2017-1000099 output the correct buffer to the user
      + CVE-2017-9502 URL file scheme drive letter buffer overflow
      + CVE-2016-5419 TLS session resumption client cert bypass (again)
      + CVE-2017-2629 SSL_VERIFYSTATUS ignored
      + CVE-2016-9594 uninitialized random
      + CVE-2016-9586 printf floating point buffer overflow
      + CVE-2016-8615 cookie injection for other servers
      + CVE-2016-8616 case insensitive password comparison
      + CVE-2016-8617 OOB write via unchecked multiplication
      + CVE-2016-8618 double-free in curl_maprintf
      + CVE-2016-8619 double-free in krb5 code
      + CVE-2016-8620 glob parser write/read out of bounds
      + CVE-2016-8621 curl_getdate read out of bounds
      + CVE-2016-8622 URL unescape heap overflow via integer truncation
      + CVE-2016-8623 Use-after-free via shared cookies
      + CVE-2016-8624 invalid URL parsing with '#'
      + CVE-2016-8625 IDNA 2003 makes curl use wrong host
      + CVE-2015-3236 send the HTTP Basic authentication credentials for a previous connection
      + CVE-2015-3237 The smb_request_state function allows remote SMB servers to obtain
                      sensitive information from memory or cause a denial of service
      + CVE-2015-3153 sends custom HTTP headers to both the proxy and destination server,
                      which might allow remote proxy servers to obtain sensitive information
      + CVE-2015-3148 do not properly re-use authenticated Negotiate connections
      + CVE-2015-3143 does not properly re-use NTLM connections, which allows remote
                      attackers to connect as other users via an unauthenticated request
      + CVE-2015-3145 The sanitize_cookie_path function does not properly calculate an index
      + CVE-2015-3144 The fix_hostname function does not properly calculate an index

2014-12-01 Антон Бояршинов 7.31.0-alt1.M70C.2

    - build fixed

2013-10-29 Антон Бояршинов 7.31.0-alt1.M70C.1

    - rebuild for c7
Проект Geyser основан на коде из проекта Prometheus 2.0, который был доступен по лицензии MIT